During the COVID-19 pandemic, various organisations including the government departments have been migrating to cloud. However, while doing so, several questions come up security tops the list.
In a keynote address on Cloud adoption by Gov- Challenges and Opportunities at W.Media’s South Asia Cloud Security Market Insights event, Rama Devi Lanka, Director- Emerging Technologies & OSD, ITE & C Department, Government of Telangana said,
“During the pandemic, we have seen that digitalisation is taking place at a very fast pace. With the acceleration in the process of digital transformation, organisations and governments are finding it unviable to maintain their own IT infrastructure.
Most organisations including the government departments are moving to cloud, either fully or hybrid and this growth is taking place at a large scale. Therefore, cloud security is highly imperative in the current scenario.”
According to industry body NASSCOM, the cloud market is expected to be around USD $ 7. 1 billion in 2020. The government is realising the potential of this industry.
“We launched a dedicated data centre policy which is first of its kind in India for facilitating data centre investments in the state and we are offering broad incentives as a part of this data centre policy which includes dedicated land for data centre campuses, access to the dual power grid which will ensure uninterrupted power supply and the necessary options for backup power supply is also available. Access to high-speed fiber networks and availability of water for cooling purposes is also available,” she said.
In certain countries including India, the availability of water is a challenge.
“We have tailor-made incentive packages for major projects. These are some of the broad incentives that we offer and because of these incentives various companies have come to Telangana or Hyderabad which is the capital of Telangana and have set up their data centres. The major investments are by AWS, Reliance and others,” added Rama Devi Lanka.
She further pointed out that most of these companies offer cloud services and as a progressive state, using the emerging technologies for citizen service delivery, the technologies include AI, blockchain, IoT, drones and others. They wanted to leverage cloud because of its inherent benefits and invective friendly state along with offering certain businesses with CSPs.
“The government of India has an empanel of 17 cloud providers that various government organisations can procure services from. A certain amount of due diligence has been done on the technical capability, compliance and other areas.
Leveraging the Meghraj policy of the Government of India, our Government went a step ahead and brought out a policy mandating all the departments to move to cloud. The Meghraj policy does not mandate but is a strategic direction given to various government organisations,” added Rama Devi Lanka.
Cloud offers various opportunities including increased speed of agility, pay for what you consume, access to various other services and other benefits. It becomes important for the government to develop applications on the run and deploy them.
Doubts about Cloud
“The first doubt that comes to any government official is regarding the security of cloud. They believe that the public cloud is not as secure as an on-premise cloud or infrastructure.
Officials sometimes fail to understand that security is a shared responsibility between the department and a cloud service provider, unlike the traditional infrastructure where everything is left on the system integrator,” said Rama Devi Lanka.
The cloud model redefines and simplifies the roles that the organisations, departments and vendors need to carry out.
The cloud service providers take responsibility of the infrastructure that is under their control up to the operating level system, they are responsible for managing, operating and controlling the components from the host operating system and the virtualisation layer down to the physical security.
There is a framework for the government officials to understand the process of migrating, adopting and procuring cloud.
There are various security frameworks that the government has worked upon to make it easier for officials to migrate to cloud.
“Customers can implement native services with CSP or can choose third party security solutions based on the security profile. There are various cloud security solutions available, we are undertaking various workshops for government officials to make them understand that cloud offers continuous compliance.
They are monitoring the tools to understand the health of the system, having visibility into who made the changes and from which location in near real-time and allows the government and organisation to detect any misconfiguration or non-compliances and rapidly respond to risks. We have also established a centre of cybersecurity,” she said.
“Telangana is the first state to come out with a policy on cybersecurity and this centre of excellence is incubating startups in cloud security and product solutions. We are working with cloud service providers to procure the required security solutions,” added Rama Devi Lanka.
There are various security solutions but the threat landscape of cloud is always evolving. During the pandemic, there were various instances of data breaches that happened. The cloud security market has a huge potential and is likely to see exponential growth, concluded Rama Devi Lanka.