A guide for Southeast Asian IT and Business Managers - A compilation of featured articles including technical tips & strategic advice written by ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
A guide for Southeast Asian IT and Business Managers A compilation of featured articles including technical tips & strategic advice written by technology experts and advisors
A guide for Southeast Asian IT and Business
Managers
Dear IT Professional,
In this e-guide we feature a selection of articles from our Asean focused
ezines over the last year.
Contents
The Asean ezines have been running since March and we have been
2014: New year, new pleased with the high level of interest they have received from IT
risks? communities in the region. Thank you to all those that have downloaded
them.
Cloud’s endless
possibilities Since launching, the Storage, Security, Modern Infrastructure and Business
Information ezines for the Asean region have featured articles written by
Holding back on cloud locals for local readers.
storage
The Asean region has its own unique challenges and opportunities when it
Stricter data comes to harnessing these technologies and we are trying to drill down on
protection rules: these issues with localized analysis. We also featured local case studies
Hornet’s nest or new because there is nothing more informative than finding out how local peers
are using IT, through real life examples.
era?
Cloud computing For example the ezines have analyzed the cyber-security challenges facing
Asean CIOs, given examples of how and where cloud computing fits into
lessons from Asia’s
Asean organizations, identified data protection issues to consider in storage
first movers projects, and described some of the pioneering uses of big data
technologies.
Singapore library
mines big data Enjoy the read.
Cloud storage and the Karl Flinders
law Editor
Page 1 of 35A guide for Southeast Asian IT and Business
Managers
Contents
Contents 2014: New year, new risks?
………………………………………………………………………………. Page 3
2014: New year, new
Cloud’s endless possibilities
risks?
………………………………………………………………………………. Page 6
Cloud’s endless Holding back on cloud storage
possibilities ……………………………………………………………………………… Page 11
Stricter data protection rules: Hornet’s nest or new era?
Holding back on cloud
……………………………………………………………………………… Page 16
storage
Cloud computing lessons from Asia’s first movers
Stricter data ……………………………………………………………………………… Page 20
protection rules: Singapore library mines big data
Hornet’s nest or new ……………………………………………………………………………… Page 24
era?
Cloud storage and the law
Cloud computing ……………………………………………………………………………… Page 29
lessons from Asia’s
first movers
Singapore library
mines big data
Cloud storage and the
law
Page 2 of 35A guide for Southeast Asian IT and Business
Managers
2014: New year, new risks?
Phil Muncaster, Journalist based in Hong Kong
Contents Hactivists, state-sponsored spies, cash-hungry fraudsters, malicious insiders
– the cyber enemy facing organizations in 2014 is more diverse, more so-
2014: New year, new phisticated and more dangerous than ever before. Malaysia and Singapore
risks?
sit at the hub of Asia- Pacific, one of the world’s most active regions for cyber
Cloud’s endless crime. So where do the risks lie for businesses in the region, what can chief
possibilities security officers (CSOs) do to successfully stem the tide of attacks, and are
governments taking a big enough leadership role?
Holding back on cloud
storage
The good news is that 2014 got off to a good start for Singapore. In January,
Stricter data global security supplier FireEye signed a landmark agreement to build a
protection rules: cyber security Centre of Excellence in partnership with the government’s
Hornet’s nest or new Infocomm Development Authority (IDA). The agreement will not only give
era?
FireEye the ability to better secure its customers in Singapore, Malaysia and
Cloud computing beyond against regional attacks, but will see the firm working with local
lessons from Asia’s Institutes of Higher Learning (IHLs) and local ICT companies to develop at
first movers least 10 new tools to detect and prevent advanced persistent threats (APTs).
Singapore library
APTs are a new breed of highly targeted attack. Malware is typically landed
mines big data
covertly via a malicious email attachment or link and can often sit undetected
Cloud storage and the in an organisation for months or years, all the while taking sensitive internal
law data.
FireEye’s APAC CTO, Bryce Boland, says the firm will train 100 full-time staff
to man the Singapore Centre of Excellence over the next year. “The idea was
to build it up to have a large capability to deal with the large amount of
APAC-specific malware,” he says. “In APAC there is a lot of malware activity
taking place. There are a lot of countries and many of them have tense
relationships, so we often see that boil over into cyber space.”
These “tense” relationships have most obviously been seen of late in
hacktivist battles between Indonesia and Australia, the Philippines and
Indonesia, and North versus South Korea. Singapore late last year incurred
the wrath of hacktivist collective Anonymous after a controversial new media
Page 3 of 35A guide for Southeast Asian IT and Business
Managers
regulation was touted by the government. Several sites were defaced or hit
by a distributed denial of service (DDoS) in retaliation, including some pages
on prime minister Lee Hsien Loong’s official site.
Contents
Malaysia is also no stranger to high-profile hacktivist-style attacks. In early
2014: New year, new 2013, bloody clashes with Filipino insurgents in Sabah led to Philippine
risks?
hackers targeting numerous Malaysian sites. Later that year, human rights
Cloud’s endless activists and opposition party leaders were in uproar after a series of
possibilities distributed DDoS attacks took out their sites before election time.
Holding back on cloud
IP THEFT A BIG RISK
storage
Hacktivists are not the only threat facing organisations in Malaysia and
Stricter data Singapore. Intellectual property (IP) theft is a major and growing risk, often
protection rules: achieved through covert APT-style raids, according to Boland.
Hornet’s nest or new
era?
“The World Intellectual Property Organization (WIPO) says that three-fifths of
Cloud computing countries globally and 45% of WIPO patents are from APAC. There’s so
lessons from Asia’s much IP and a lot to be gained from stealing it,” he says.
first movers
Asia-Pacific as a whole is twice as likely to be targeted by an advanced
Singapore library
attack as the world as a whole, according to FireEye. In 2013, South Korea,
mines big data
Japan and Taiwan were the top three most targeted countries in APAC, with
Cloud storage and the Singapore creeping into the top 10 countries at number 10. Malaysia does
law not even make it into that list, but that doesn’t mean CSOs there can relax,
according to Boland. “In general, the richer the country, the more likely it is to
be targeted by both nation states and cyber criminals,” he says.
Another good indicator of how secure a country’s IP space is comes in the
form of Akamai’s quarterly State of the Internet report. The firm listed the top
source of attack traffic in Q3 2013 as China (35%), with Singapore (0.1%)
and Malaysia (0.2%) barely on the chart. This is important as it indicates that
there are relatively few machines in the latter two countries which have been
compromised and taken over by cyber criminals to launch attacks.
That said, local CSOs cannot afford to take their eyes off the ball in 2014,
according to Forrester senior analyst Manatosh Das. “Nearly 45% of the
Page 4 of 35A guide for Southeast Asian IT and Business
Managers
Asian organisations in our survey identified mobility as a high or critical pri-
ority for 2014,” he says. “As enterprises introduce mobility, the new access
points attached to the network create opportunities for attackers to break into
Contents the infrastructure directly or via mobile application portals that provide
gateways to protected, sensitive data.”
2014: New year, new
risks?
This especially relevant to Singapore, where there are twice as many mobile
Cloud’s endless phone subscriptions as people, and Malaysia, which led the world for the
possibilities highest number of devices accessing the corporate network in 2012,
according to a report from Citrix, with an average of six per employee.
Holding back on cloud
storage
Furthermore, strict new compliance requirements in the form of Malaysia’s
Stricter data Personal Data Protection Act 2013 and Singapore’s Personal Data
protection rules: Protection Act 2012 should focus CSOs’ minds, he says.
Hornet’s nest or new
era?
“The penalties for non-compliance in the Asia-Pacific region are growing and
Cloud computing it’s increasingly important to pay attention to local regulations… the
lessons from Asia’s repercussions can be severe.”
first movers
CLOUD SECURITY
Singapore library
For Frost & Sullivan analyst Vu Anh Tien, cloud computing remains a key
mines big data
area of concern. “While Singapore remains a business hub, Malaysia is on
Cloud storage and the the way to becoming a datacentre hub in the region,” he says. “Hence it is
law imperative that organisations in both countries implement strong cloud
security measures to protect data and privacy, especially for public
organisations.”
So what of the government response? Well, Malaysia’s National Cyber
Security Policy, launched in 2007, was widely seen as “one of the most
proactive measures of a government in the region”, according to Vu.
The Singaporean government has also been one of the more advanced
when it comes to anticipating the cyber threat. It’s had an Infocomm Security
Masterplan (ISMP) in place to map out how best to defend the city state
since 2005 and launched the most recent – the five-year National Cyber
Security Masterplan 2018 – last year.
Page 5 of 35A guide for Southeast Asian IT and Business
Managers
“Since the early days of computerisation in Singapore, emphasis has been
placed on ensuring the confidentiality, integrity and availability of information,
as well as the security of the underlying systems and communication
Contents networks,” says a government spokesperson.
2014: New year, new However, the final word should go to Vu: “Although governments in the two
risks?
countries have been proactive and demonstrated leadership, it is the
Cloud’s endless responsibility of every organisation and individual to protect themselves from
possibilities cyber attacks. Only when awareness is improved will organisations be able
to defend themselves against threats in the era of the internet.” ■
Holding back on cloud
storage
Want more exclusive content?
Stricter data TechTarget is looking for IT pros to contribute their expertise to our ongoing
protection rules: research program. Because of your interest in this e-guide and endpoint
Hornet’s nest or new security topics covered within, we would greatly appreciate your valued
era?
insights. By participating, you’ll help us better understand some of the
Cloud computing purchasing trends around various core technologies. Click here to participate
lessons from Asia’s in the Endpoint Security Research Program!
first movers
Cloud’s endless possibilities
Singapore library
Nancy Yap, journalist
mines big data
Cloud storage and the Business agility, IT efficiency and the ability to focus on core competency are
law the three most cited reasons for enterprises to embark on cloud initiatives.
“Endless possibilities” is how Glen Francis, CIO at Singapore-based Global
Logistic Properties (GLP), views cloud computing.
As more powerful cloud computing applications become available, Francis is
looking forward to leveraging them for mobile applications to enhance
business efficiencies and provide value-added services for GLP’s customers.
He plans to use the cloud to support internet of things (IoT) and analytics
projects next.
GLP, a global provider of logistics facilities in China, Japan and Brazil, has
been moving gradually to the cloud for both applications and infrastructure,
Page 6 of 35A guide for Southeast Asian IT and Business
Managers
says Francis. “On the applications side, our treasury management (Reval),
and communications (Lync) systems have been on the cloud platform since
2013,” he says, adding that Yammer was launched in late 2012.
Contents
“These applications had the necessary functionalities required to run our
2014: New year, new business, plus there weren’t any legacy systems, which made choosing the
risks?
cloud option easier,” says Francis.
Cloud’s endless
possibilities The organization also reviewed cloud options for enterprise resource
planning (ERP), customer relationship management (CRM) and business
Holding back on cloud
intelligence (BI), and is exploring a mobile BI solution in the cloud for its sales
storage
function.
Stricter data
protection rules: On the infrastructure side, the company moved its entire IT infrastructure in
Hornet’s nest or new Brazil to IBM in 2012 to be managed as a utility. This was to support its
era?
acquisition of Prosperitas’ logistics facilities in Brazil.
Cloud computing
lessons from Asia’s It made sense for the company to move its IT infrastructure and key
first movers applications, including SAP and Mastersaf, to IBM after evaluating several
options, says Francis.
Singapore library
mines big data
“Firstly, it was difficult, during that period, for our Asian team to be
Cloud storage and the operationally ready to support Brazil due to the time difference and distance.
law Secondly, the acquisition had to be completed within a month of the contract
being signed,” he says.
BIG BUSINESS BENEFITS
Francis believes the increased speed and reduced cost of rolling out
applications on cloud computing are the biggest business benefits. “In the
early days, we were concerned about latency and performance, especially
for mobile and in emerging countries such as China; customizations; and the
interface and integration of cloud and on-site applications,” he says.
The organization has since resolved those concerns and is seeing business
benefits of lower costs and support requirements from the virtual
infrastructure. “We now have a better back-end infrastructure as compared to
Page 7 of 35A guide for Southeast Asian IT and Business
Managers
an internal organization. Most mature cloud providers have better security
systems than most enterprises can afford,” he adds.
Contents And Francis sees the potential in the Infocomm Development Authority (IDA)
of Singapore’s Multi-Tier Cloud Security Standard (MTCS SS) for Singapore,
2014: New year, new which was launched in November 2013 to provide businesses with greater
risks?
clarity on the levels of security offered by different cloud service providers:
Cloud’s endless “IDA’s security standard can help in many ways. It can give consumers of
possibilities cloud services more assurance of the service provider’s offerings. It can
create more consistency of what is offered.”
Holding back on cloud
storage
He is confident that it can also help to ensure better service level
Stricter data discussions, “saving both consumers of cloud computing and suppliers
protection rules: headaches when it comes to their ongoing operations once the system is
Hornet’s nest or new running”.
era?
Cloud computing INNOVATION DRIVES IAAS ADOPTION
lessons from Asia’s In the past three years, Forrester Research vice-president and research
first movers director Michael Barnes has seen infrastructure as a service (IaaS) steadily
emerge as a top cloud workload in Asia-Pacific as organizations have begun
Singapore library
to more clearly understand its use cases.
mines big data
Cloud storage and the “While internal IT resistance based on security, data management,
law availability and performance concerns remain, we expect project-driven,
opportunistic IaaS use to drive further adoption in Asia-Pacific over the next
18 to 24 months,” says Barnes.
He adds that the benefits of IaaS in reducing infrastructure costs and
allowing organizations to quickly ramp up business capabilities far outweigh
the risks.
“We’re starting to see the beginnings of a shift in perspective across the
region: Innovation, fuelled by easy access to cloud-based compute
resources, is replacing cost savings as the primary driver of IaaS adoption.”
Page 8 of 35A guide for Southeast Asian IT and Business
Managers
And as opportunistic IaaS use gives way to more strategic initiatives over the
next two to three years, Barnes expects the potential impact on both IT and
broader business strategies to rise.
Contents
Forrester Research estimates the public cloud market across the ASEAN
2014: New year, new region – including Indonesia, Malaysia, the Philippines, Singapore, Thailand
risks?
and Vietnam – will grow from US$230m in 2011 to US$1.6bn in 2020.
Cloud’s endless
possibilities Barnes says the individual countries that comprise the ASEAN region vary
widely, not only in terms of IT maturity and relative cloud adoption, but in
Holding back on cloud
other, more fundamental areas as well, including political stability, economic
storage
transparency, geography and language.
Stricter data
protection rules: Nonetheless, he expects these differences to become less pronounced as
Hornet’s nest or new the region continues to see strong, broad-based macroeconomic growth.
era?
Cloud computing MALAYSIA: ADOPTING SAAS FOR FUNCTIONAL NEEDS
lessons from Asia’s In Malaysia, Forrester’s Research indicates that organizations are currently
first movers adopting software as a service (SaaS) and other public cloud-based services
without necessarily considering the need to create a comprehensive cloud
Singapore library
strategy a top priority.
mines big data
Cloud storage and the “Buyers in the Malaysian market tend to be more pragmatic, leveraging SaaS
law solutions to meet clearly defined functional needs in areas like email,
collaboration and basic salesforce automation,” says Barnes.
Mayank Kapoor, Asia-Pacific lead for datacenter and cloud computing
practice at Frost & Sullivan, is seeing a similar state of cloud understanding
in the country.
“In Malaysia, many do not understand how to use the cloud. Government
healthcare is embracing cloud and new service providers are coming in with
offerings, but service levels need to be improved,” says Kapoor.
Page 9 of 35A guide for Southeast Asian IT and Business
Managers
SINGAPORE: HIGH CLOUD AWARENESS AND CONFIDENCE
On the other hand, cloud awareness and confidence are high in Singapore,
says Barnes, who has been in this area of research for over a decade: “Our
Contents research indicates that less than 20% of IT decision-makers in Singapore
currently rate cloud as a critical priority, but the percentage rating it as a high
2014: New year, new priority is well above the regional average, regardless of organization size or
risks?
vertical.”
Cloud’s endless
possibilities He believes this is an indication that Singapore IT leadership is increasingly
seeing SaaS and other public cloud-based offerings as simply another IT-
Holding back on cloud
enabled capability available to be leveraged and not as a distinct strategic
storage
initiative.
Stricter data
protection rules: However, this is likely to increase with the launch of IDA’s MTCS SS, which
Hornet’s nest or new Barnes expects will drive greater transparency and make it easier for
era?
Singapore-based organizations to evaluate cloud service providers in areas
Cloud computing such as security, data residency and reliability.
lessons from Asia’s
first movers GROWING AT RAPID PACE
Gartner research director Arun Chandrasekaran has also seen cloud
Singapore library
computing adoption in Southeast Asia growing at a rapid pace in the past
mines big data
three years, although the growth is built from a small base.
Cloud storage and the
law He says early adoption in both Singapore and Malaysia is centered on IaaS
use cases such as e-business hosting, test and development, batch
computing and SaaS applications such as CRM, collaboration and expense
management.
“Cloud computing is simple to use for most consumers. Although it
introduces some risks, the compelling opportunities surfacing through the
cloud make its use an almost inevitable requirement of successful
businesses,” says Chandrasekaran.
According to Gartner, the top five Asian countries in terms of cloud adoption
by revenues are Japan, China, Australia, South Korea and India. And the top
Page 10 of 35A guide for Southeast Asian IT and Business
Managers
five regional countries by percentage of businesses that have adopted public
cloud are Australia, New Zealand, Singapore, Hong Kong and Japan. ■
Contents Want more exclusive content?
TechTarget is looking for IT pros to contribute their expertise to our ongoing
2014: New year, new research program. Because of your interest in this e-guide and cloud topics
risks?
covered within, we would greatly appreciate your valued insights. By
Cloud’s endless participating, you’ll help us better understand some of the purchasing trends
possibilities around various core technologies. Click here to participate in the Cloud
Infrastructure Research Program!
Holding back on cloud
storage
Holding back on cloud storage
Stricter data Gigi Onag, freelance journalist with 10+ years’ experience covering the
protection rules: technology industry across APAC
Hornet’s nest or new
era?
Cloud storage costs have declined rapidly in the past 18 months, but most
Cloud computing companies in the Asean region remain reluctant to store data and
lessons from Asia’s applications hosted externally.
first movers
But some businesses in the region, such as insurance broker Lockton
Singapore library
Companies, are planning for it.
mines big data
Cloud storage and the Singapore is, so far, the only country in the Asean group where there is
law significant adoption of cloud storage, says Mayank Kapoor, industry manager
for datacenter and cloud computing at Frost & Sullivan.
The broad status of cloud storage adoption in the region mirrors the situation
globally.
“Public cloud storage adoption for the enterprise is still at the early stages,”
says Henry Baltazar, senior analyst, serving infrastructure and operations
professionals at Forrester Research.
“Cloud storage is necessary to support cloud compute applications. Besides
basic storage capabilities, companies use cloud storage to expand the reach
of systems of engagement. For example, if a company does not have a
Page 11 of 35A guide for Southeast Asian IT and Business
Managers
physical presence in another country or continent, cloud storage and cloud
computing can be used,” he says.
Contents BACKUP AND CLOUD STORAGE
Insurance broker Lockton Companies, which has a significant Asean
2014: New year, new presence, is one organization that is now exploring cloud-based storage for
risks?
its backup needs.
Cloud’s endless
possibilities “The backup for our disaster recovery [DR] solution is reaching its full
capacity,” says Suk-Wah Kwok, Asia- Pacific CIO at Lockton Companies. “So
Holding back on cloud
now I am thinking about whether to invest in another storage solution – which
storage
is not cheap – or use this opportunity to look at cloud-based solutions.”
Stricter data
protection rules: The company has eight key offices in the region, located in Hong Kong,
Hornet’s nest or new Singapore, China, South Korea, Australia, Thailand, Malaysia and the
era?
Philippines, as well as three partner offices in Japan, Taiwan and Indonesia.
Cloud computing Kwok oversees the IT operations in these eight countries, supporting more
lessons from Asia’s than 600 users.
first movers
“I am looking more at backup data because of timing – I have an imminent
Singapore library
requirement. But I am not looking at backup data in isolation – more in
mines big data
conjunction with a complete DR solution. For example, we are not planning
Cloud storage and the to have an internal DR solution and then have the storage for it externally. I
law might as well look at cloud storage and DR together, which means adopting
a cloud-based DR solution is definitely an option,” says Kwok.
She believes it is essential to get an insight of other things around storage
before making an investment.
“I still fail to understand why you would look at cloud storage in isolation
without looking at other infrastructure components that use the storage,” says
Kwok. “Unless you run into a stipulation that some of them must be kept
internally, I don’t see why you would have the entire infrastructure in-house
and just the storage outside. Why not open up further?”
Page 12 of 35A guide for Southeast Asian IT and Business
Managers
ECONOMIC BENEFITS
Kwok is receptive to cloud storage because Lockton’s IT operations in Asia-
Pacific have been running on a private cloud model for years.
Contents
“We have an internal WAN, we have centralized internal infrastructure and
2014: New year, new internal storage. Some people call that a ‘cloud solution’ because the data is
risks?
not physically in the office. Most of the data in the Asia-Pacific region is
Cloud’s endless stored in an internal cloud – only that cloud is within the Lockton framework,
possibilities so to speak.”
Holding back on cloud
The cloud option for the company’s backup data is attractive not only
storage
because of the cost savings of paying only for what is consumed, but also for
Stricter data the high service level for minimal investment.
protection rules:
Hornet’s nest or new “From a purely economic perspective, you tap into much better infrastructure
era?
without having to build it yourself. You pay a fraction of the cost. Cloud
Cloud computing providers typically offer sophisticated and industrial-strength systems that are
lessons from Asia’s otherwise too expensive and ineffective for a single enterprise to build,” says
first movers Kwok.
Singapore library
ADOPTION BARRIERS
mines big data
But ironically, Frost & Sullivan says monetary issues are one of the major
Cloud storage and the obstacles for cloud storage deployment in South-East Asia. “Total cost of
law ownership continues to be high, taking into account storage and bandwidth
cost for data that is accessed frequently,” says Kapoor.
Privacy and security concerns are also at the top of the list, along with data
compliance requirements.
Networking issues are also barriers to some. “Companies are also worried
about the performance levels of cloud-based storage that may arise because
of the distance between the user and the data, compounded by network
performance issues,” adds Kapoor.
Page 13 of 35A guide for Southeast Asian IT and Business
Managers
Lockton is anticipating this potential network connectivity problem for its
Asean users should it make a move towards cloud storage, as the company
has to weigh the different impacts on IT users before making a decision.
Contents
“In implementing any cloud solution, the number one technical difficulty is the
2014: New year, new network connectivity between those countries and to where that cloud is. So
risks?
you might be looking at whether any network accelerators could be put in
Cloud’s endless place to speed up the access,” says Kwok.
possibilities
But for Kwok, the real barrier to cloud storage adoption does not lie with
Holding back on cloud
technology.
storage
Stricter data “I am quite confident that cloud is mature enough to be a mainstream
protection rules: service. The challenges are internal. With privacy, security and compliance
Hornet’s nest or new requirements, we have to make sure the cloud solution will be able to satisfy
era?
all that. These governing rules are not set by IT, but by the security and
Cloud computing compliance teams within Lockton. Due diligence has to be done,” she says.
lessons from Asia’s
first movers Forrester’s Baltazar says cloud providers appear to be making progress in
meeting their customers’ compliance and security requirements. “Encryption
Singapore library
and key management are major mechanisms for securing data in the cloud. I
mines big data
talked with a stealth startup recently that was working on creating virtual
Cloud storage and the container technologies to isolate workloads in a public cloud,” he says.
law
Frost & Sullivan’s Kapoor says companies can ensure they have the right
environment for their data by conducting regular third-party audits, using
access control and sign-on, implementing flow control over the data
lifecycles, and putting policies in place for data handling and archiving.
“It is also essential to understand how the service provider will react in case
there is a security breach/hacking incident. The speed of response to fix the
issue and identify what data has been compromised will be an essential
parameter to threat management,” says Kapoor.
Page 14 of 35A guide for Southeast Asian IT and Business
Managers
MOVING FORWARD
Both industry analysts predict cloud storage adoption in Asean enterprises
will speed up in the years ahead.
Contents
“The elasticity and rapid provisioning of cloud storage will accelerate
2014: New year, new adoption. With cloud storage, you only pay for the resources you consume.
risks?
This is attractive, especially if a customer has a workload [with peaks and
Cloud’s endless troughs],” says Baltazar.
possibilities
In Southeast Asia, Kapoor sees the growing share of primary data stored in
Holding back on cloud
the cloud with the changing market trends, with social, mobile and software
storage
as a service adoption increasingly driving more data into the cloud. But he
Stricter data adds that security, privacy and cost considerations are keeping pure cloud
protection rules: storage adoption in check.
Hornet’s nest or new
era?
Kapoor expects the hybrid storage model to be the likely scenario for most
Cloud computing Asean companies in the coming years. “The hybrid storage model is most
lessons from Asia’s likely to dominate the next three to five years as organizations look to take a
first movers pragmatic approach of leveraging a mix of in-house and cloud-based
storage.”
Singapore library
mines big data
Baltazar advises those eyeing cloud storage for their companies to plan to
Cloud storage and the leave when they join a service. “While it is relatively easy to move data up to
law a cloud, transferring data to another cloud or bringing it back on-site is not
always easy. Some providers such as Amazon have dedicated networks to
connect to your site or co-location site. These links could accelerate data
movement should you decide to move your data somewhere else,” he says.■
Want more exclusive content?
TechTarget is looking for IT pros to contribute their expertise to our ongoing
research program. Because of your interest in this e-guide and cloud topics
covered within, we would greatly appreciate your valued insights. By
participating, you’ll help us better understand some of the purchasing trends
around various core technologies. Click here to participate in the Cloud
Infrastructure Research Program!
Page 15 of 35A guide for Southeast Asian IT and Business
Managers
Stricter data protection rules: Hornet’s nest or new era?
Tao Ai Lei, written about the technology industry for 10+ years
Contents Data protection and privacy issues are receiving greater focus in Asia as
both Malaysia and Singapore enact their own data regulations, propelling
2014: New year, new organizations into action.
risks?
Cloud’s endless The need to regulate the use and storage of data has never been greater, as
possibilities technology has become more intelligent, making it easy for personal data to
be collected, used and transferred. Such activity can border on being
Holding back on cloud
intrusive and consumer data can be more easily misused.
storage
Stricter data Besides the introduction of a Personal Data Protection Act (PDPA) in
protection rules: Malaysia and Singapore, the Philippines Data Privacy Act 2011 was passed
Hornet’s nest or new by the Senate and House of Representatives and Taiwan’s PDPA became
era?
effective in October of the same year.
Cloud computing
lessons from Asia’s The acts in both Malaysia and Singapore are seeking to regulate the
first movers collection, use, disclosure and management of personal data, says Chan
Kheng Hoe, an advocate and solicitor with Malaysian law firm Kheng Hoe &
Singapore library
Partners.
mines big data
Cloud storage and the However, there are differences between the acts in the two countries. For
law instance, the Singapore PDPA has a Do-Not-Call (DNC) Registry to exclude
marketing calls, while Malaysia does not have an equivalent service.
“Personal data protection legislation differs from country to country,
depending on the cultural and social background of the country,” says Bryan
Tan, technology media and telecommunications partner at law firm Pinsent
Masons in Singapore.
“The Singapore PDPA has a unique feature – the set-up of the Do-Not-Call
Registry where persons making marketing calls must first check with the
registry. This is unique because most countries have this as separate legis-
lation,” he says.
Page 16 of 35A guide for Southeast Asian IT and Business
Managers
Singapore also excludes business contact information from being identified
as personal data, whereas the Malaysian act’s definition of personal data is
wide enough to include business contact information.
Contents
The Malaysia PDPA, passed in December 2013, affects any person who
2014: New year, new processes personal data for commercial purposes in Malaysia. Companies
risks?
have to comply with the seven principles laid out in the PDPA, which means
Cloud’s endless they may have to invest in compliance systems.
possibilities
WHO IS AFFECTED?
Holding back on cloud
These new regulations will affect any company that sells directly to
storage
individuals, collects personal data for business and deploys cold calls, short
Stricter data message service (SMS) or fax marketing.
protection rules:
Hornet’s nest or new “In a nutshell, the PDPA affects organizations which collect, use and disclose
era?
personal data. It does not cover government entities. There are also
Cloud computing obligations on how the personal data is protected, transferred overseas and
lessons from Asia’s retained or disposed of,” says Tan.
first movers
“The most common areas affected are employment data, visitor data and
Singapore library
customer information. Consumer-based marketing organizations – real
mines big data
estate agencies, call centre marketing, hospitals, insurance companies – are
Cloud storage and the likely to be the most affected, but most organizations, if not all, are likely to
law be affected to some extent.”
In Singapore, an organization found to be non-compliant may face the
maximum financial penalty of S$1m, while companies found to have violated
the data protection rule may face fines of up to S$10,000 per customer
complaint.
The penalty is also stiff in Malaysia, where companies will face a fine of up to
RM500,000 and/or imprisonment for up to three years. The directors and
officers can be personally liable, in addition to the corporate bodies.
The PDPA has prompted Says.com, a Malaysian social news site, to
reconsider how it manages its customers’ data to ensure compliance. The
Page 17 of 35A guide for Southeast Asian IT and Business
Managers
site runs on a service-oriented architecture (SOA) with services all around
the world with different suppliers – including cloud and software as a service
(SaaS) providers and dedicated or virtual servers outside of Malaysia and
Contents Singapore.
2014: New year, new “Customer data movement is the biggest challenge we are facing,” says
risks?
Arzumy MD, chief technology officer (CTO) and founding team member at
Cloud’s endless Says.com.
possibilities
“With an SOA, our user data moves from one location to another to be
Holding back on cloud
processed. We have to ensure that the personal data protection landscape in
storage
the country where the data moves to is compatible with ours,” he says.
Stricter data
protection rules: To ensure compliance, Says.com moved all its user data to a single user
Hornet’s nest or new account management service. It enables a single sign-on for all Says.com
era?
apps, providing a single place for users to manage their personal data. This
Cloud computing has made it easier to manage user data instead of having to ensure that all
lessons from Asia’s different apps that store user data are in compliance with the PDPA.
first movers
“Because Malaysian and Singaporean acts are compatible with each other,
Singapore library
there’s nothing much else we have to do once we are compliant with one set
mines big data
of regulations,” says Arzumy.
Cloud storage and the
law DO-NOT-CALL REGISTRY
In Singapore, the full implementation of the Personal Data Protection Act
happens in July 2014, although the DNC Registry came into effect in January
this year.
The DNC Registry allows consumers in Singapore to opt out of unsolicited
phone calls, faxes and advertising messages from telemarketers. To do so,
they have to register their Singapore mobile or fixed-line numbers with the
Do-Not-Call Registry.
In turn, organizations need to check to confirm that a number is not listed in
the DNC Registry before making a marketing call to the phone, or even
Page 18 of 35A guide for Southeast Asian IT and Business
Managers
sending a fax, SMS or multimedia messaging service (MMS). The penalty for
DNC non-compliance is S$10,000.
Contents As of May 2014, more than 600,000 telephone numbers had been registered
with the DNC Registry.
2014: New year, new
risks?
Tighter data privacy regulations such as the DNC Registry have made it
Cloud’s endless harder for property agents in Singapore to tap new prospects through cold
possibilities calls. They have had to spend more to reach potential buyers.
Holding back on cloud
“The DNC Registry has affected many property agents. We try not to take
storage
this as a problem; there are still many who are willing to receive marketing
Stricter data calls,” says Kelvin Fong, a property agent who heads a team at PropNex, the
protection rules: largest agency in Singapore with around 5,300 agents.
Hornet’s nest or new
era?
Instead, PropNex property agents have signed up for SpiderGate, a DNC
Cloud computing management system. When an agent makes a call from a smartphone,
lessons from Asia’s desktop or IP-PBX phone system, the system automatically checks the
first movers number against the national DNC Registry. If the number is on the list, the
caller will be informed and have the choice whether to proceed or to cancel
Singapore library
the call.
mines big data
Cloud storage and the Fong has also taken the innovative approach of paying S$100,000 to
law develop a smartphone app to connect clients and agents. “This way, we don’t
have to call the client. They can download the app, and get information on
property listings and new launches,” says Fong.
Moving forward, organizations in both Malaysia and Singapore will have to
go through the initial pain of developing practices and policies to ensure that
the internal processes and procedures of collecting and using personal data
comply with the PDPA.
Ultimately, the introduction of these new data protection regulations bodes
well for both countries, as it provides organizations with the obligation to
ensure good governance surrounding the collection and use of personal
Page 19 of 35A guide for Southeast Asian IT and Business
Managers
data. These moves will help to positively boost the business reputation of
both countries.
Contents The PDPA has started to make a difference. In a poll of 1,000 consumers
conducted in March by Singapore’s Personal Data Protection Commission,
2014: New year, new which administers the DNC Registry, 70% said they had noticed a drop in the
risks?
number of unwanted marketing messages received. A total of 60% said they
Cloud’s endless had seen improvements in organizations’ practices, as the firms seek users’
possibilities consent and include contact information in the marketing messages sent. ■
Holding back on cloud
Want more exclusive content?
storage
TechTarget is looking for IT pros to contribute their expertise to our ongoing
Stricter data research program. Because of your interest in this e-guide and data
protection rules: protection topics covered within, we would greatly appreciate your valued
Hornet’s nest or new insights. By participating, you’ll help us better understand some of the
era?
purchasing trends around various core technologies. Click here to participate
Cloud computing in the Data Protection Research Program!
lessons from Asia’s
first movers Cloud computing lessons from Asia’s first movers
Nancy Yap, journalist
Singapore library
mines big data
The Singapore National Library Board (NLB) was an early adopter of cloud
Cloud storage and the computing. It moved its web archive to the cloud in 2006, and has since
law moved more business-critical IT from on-premise to the cloud. But what can
other organizations in the Asean region learn from the NLB?
For more than half a year now, Singapore NLB CIO Lee Kee Siang has been
using the time saved on traveling to meetings for more strategic projects.
This change came on the back of the agency’s implementation of cloud-
based unified communications (UC) in mid-2013.
A team of about 70 users participated in the first roll-out, with initial
productivity gains from tools including video conferencing. “We often conduct
meetings at different locations and sometimes hold urgent discussions at ad
hoc hours to troubleshoot issues,” says Lee. “With unified communications,
Page 20 of 35A guide for Southeast Asian IT and Business
Managers
we have been able to arrange [Cisco] WebEx meetings at short notice
without the need to travel.”
Contents Unified communications has enabled the NLB team to communicate through
mobile devices, PCs and notebooks, allowing team members to collaborate
2014: New year, new with internal and external parties through conference calls.
risks?
Cloud’s endless “NLB is currently testing room-to-room video conferencing in two rooms and
possibilities it aims to increase that capacity to another four rooms this year,” says Lee.
Holding back on cloud
MORE APPS IN CLOUD BASKET
storage
According to Lee, the library’s web archive system was the first application
Stricter data that went on the cloud, in 2006. It tapped into the national grid computing
protection rules: resources, which substantially reduced the time taken for web crawling and
Hornet’s nest or new costs.
era?
Cloud computing In 2008, the library placed its Enquiry Management System (EMS) on a
lessons from Asia’s hybrid cloud, which allowed sensitive data to be processed in-house, while
first movers non-sensitive data resided in the cloud. With the EMS, Lee recalls that the
cloud computing option halved implementation time, from six months to
Singapore library
three.
mines big data
Cloud storage and the In the same year, the library embarked on its private cloud journey by using
law virtualization technology. That resulted in reduced datacenter space and
energy consumption. Today, the private cloud also supports its unified
communications.
For successful cloud implementations, Lee believes it is important that IT
professionals understand what the service providers are offering and their
own risk appetites.
“Businesses need to have their own contingency plans. Outsourcing to a
cloud service provider is no different from outsourcing to any other supplier.”
As the library continues to seek cost-efficient products, Lee is reviewing the
possibility of migrating less sensitive applications to the cloud, such as the
Page 21 of 35A guide for Southeast Asian IT and Business
Managers
library databases it subscribes to. “Today, the library systems that are in the
cloud are standalone ones, as information security is a key consideration for
us.”
Contents
Nonetheless, he is exploring how cloud service provider applications can
2014: New year, new integrate seamlessly with the library’s internal system.
risks?
Cloud’s endless CLOUD-BASED EFFICIENCIES
possibilities Gartner research director Arun Chandrasekaran believes government
agencies, such as NLB, can greatly benefit from cloud-based productivity.
Holding back on cloud
“The big challenge is balancing the risks and returns of outsourced services
storage
and, for governments, the answers are often different from those for the
Stricter data private sector.”
protection rules:
Hornet’s nest or new As government agencies are bigger, more rule-bound and risk-averse, and
era?
forced to offer an extremely diverse portfolio of services, he says, movement
Cloud computing to the cloud may be more difficult and time-consuming. “However,
lessons from Asia’s governments also face less volatility in demand, making cloud-based agility
first movers somewhat less important, or at least less urgent.”
Singapore library
Chandrasekaran says most analysis in government focuses on jurisdiction-
mines big data
by-jurisdiction initiatives. “However, some opportunities are best assessed
Cloud storage and the when national, regional and local leaders work together, especially to
law address data standardization and integration issues.”
One example is Singapore’s private government cloud (G-Cloud), which all
government departments can use. Chandrasekaran says G-Cloud is one of
the first projects of its kind, based on the size of the project, the scope of
requirements (security in particular) and the public-private partnership (PPP)
model the Infocomm Development Authority of Singapore has adopted to
implement it.
In addition, multinational companies (MNCs) – outside the regulated
industries such as banking – and small and medium businesses have also
been the early adopters of cloud computing in Asia, he adds.
Page 22 of 35A guide for Southeast Asian IT and Business
Managers
In Asia, Singapore is a leader in cloud implementations, and industries
including manufacturing, services and retail are the dominant vertical
industries for cloud adoption, says Chandrasekaran.
Contents
ALL ABOUT PERCEPTIONS
2014: New year, new Chandrasekaran believes the critical factor in resisting cloud computing is IT
risks?
organizations’ lack of confidence in public cloud services having the qualities
Cloud’s endless necessary to host business-critical applications. “Even if a service provider is
possibilities able to demonstrate that a service is built on architecture and processes that
are more robust than private infrastructure, Asian businesses are still
Holding back on cloud
unwilling to trust their applications to the public cloud,” he says.
storage
Stricter data The most obvious reason for this distrust is the nature of cloud computing’s
protection rules: multi-tenant outsourcing model. The key challenges Chandrasekaran sees in
Hornet’s nest or new the adoption of cloud computing in Asean are:
era?
Cloud computing Crafting a cloud computing strategy that is forward-looking and
lessons from Asia’s agreed on by various functions;
first movers Mitigating security and data privacy challenges that have wide
visibility across various teams, including legal, compliance and
Singapore library
senior management, within the organization;
mines big data
Building a true hybrid cloud where off-premise clouds are seamlessly
Cloud storage and the integrated with on-premise infrastructure;
law The long-term costs of cloud are not transparent, and are further
compounded by exit costs.
BUSINESS FACTORS SHAPING CLOUD COMPUTING
Forrester Research vice-president and research director Michael Barnes
says software-as-a-service (SaaS) demand has increased sharply across all
major markets in Asia- Pacific and Japan (APJ), and not just in traditionally
strong markets such as Australia, New Zealand and Singapore.
According to Barnes, regional firms are aggressively reacting to economic
growth opportunities and competitive pressures, optimistic business outlooks
and a push among organizations to expand beyond their core markets, either
regionally or globally. “For example, the economies in less mature Asean
Page 23 of 35A guide for Southeast Asian IT and Business
Managers
markets such as Indonesia, Malaysia and the Philippines are becoming more
open, and regional competition is starting to intensify, particularly in areas
such as light manufacturing and distribution.”
Contents
He says across key markets in Asean, complete IT resistance to SaaS has
2014: New year, new steadily given way to more pragmatic discussions, even if IT has come to the
risks?
table grudgingly. “Over the next two years, Forrester expects that many
Cloud’s endless SaaS solutions, particularly those that cross business and functional
possibilities boundaries, will be rapidly subsumed in the broader IT portfolio, even if they
were originally sourced outside IT.”
Holding back on cloud
storage
Barnes says IT can add value and support SaaS adoption where
Stricter data organizations are augmenting existing on-premise technology, which is very
protection rules: common among MNCs operating in Asia.
Hornet’s nest or new
era?
“[IT should] proactively engage with the business around contract
Cloud computing negotiations, functional evaluations, service-level agreements and other
lessons from Asia’s areas where IT can provide clear value and link with existing application
first movers portfolio management initiatives and the organization’s overall business
application strategy,” he says. ■
Singapore library
mines big data
Want more exclusive content?
Cloud storage and the TechTarget is looking for IT pros to contribute their expertise to our ongoing
law research program. Because of your interest in this e-guide and cloud topics
covered within, we would greatly appreciate your valued insights. By
participating, you’ll help us better understand some of the purchasing trends
around various core technologies. Click here to participate in the Cloud
Infrastructure Research Program!
Singapore library mines big data
Tao Ai Lei, written about the technology industry for 10+ years
As guardians of books, text and data, it appears natural for libraries to be
among the first to explore the potential of big data technologies.
Page 24 of 35A guide for Southeast Asian IT and Business
Managers
One such example is Singapore’s National Library Board (NLB), which has
put big data technologies in to optimize its library collection to meet customer
needs, to recommend books and to make library resources more accessible.
Contents
The NLB comprises 25 public libraries and one national library. Combined,
2014: New year, new these facilities have a collection of more than 1.5 million titles and 8.5 million
risks?
other items, generating more than 30 million loans per year.
Cloud’s endless
possibilities In view of the huge and complex datasets it is dealing with, the NLB decided
to use big data technologies to derive actionable insights across the entire
Holding back on cloud
organization at strategic, tactical and operational levels, says Kia Siang
storage
Hock, deputy director of technology and innovation at the National Library
Stricter data Board.
protection rules:
Hornet’s nest or new “With millions of users accessing tens of millions of physical and digital
era?
resources across Singapore, the NLB possesses a treasure trove of valuable
Cloud computing data,” says Kia.
lessons from Asia’s
first movers “The proper mining of such data unearths hidden treasures that can lead to
productivity gains through better decision-making, customer satisfaction
Singapore library
improvements through better service, and better use of NLB services and
mines big data
resources,” adds Kia.
Cloud storage and the
law Hide and seek
One issue that had to be faced was the sheer quantity and variety of books
and items in the NLB’s collection, which it realized would hinder the efficiency
of searches. With so much data available, it had to grapple with the question
of whether busy users can find the information they require.
The NLB did not want to put its users through a complicated and tedious
search process, but wanted to make relevant information more readily
available to them. To do this, it realized it needed to connect up the huge and
growing volume of structured and unstructured information resources in its
repositories.
Page 25 of 35A guide for Southeast Asian IT and Business
Managers
It decided this was where big data technologies should come in. Applying
collaborative data mining techniques and text analytics to past loan
transactions as well as books’ bibliography records can help its employees
Contents and library users generate better search results and recommendations.
2014: New year, new “We started exploring text analytics in 2013,” says Kia. “We took a phased
risks?
approach, and started putting recommendations onto electronic resources
Cloud’s endless such as Infopedia (June 2013), Singapore Memory Portal (August 2013),
possibilities PictureSG (September 2013), and cross-recommendation from Infopedia to
PictureSG (November 2013).”
Holding back on cloud
storage
The NLB has created a title recommendation service that offers more
Stricter data relevant data to its users on its websites and portals, enabling customers
protection rules: who search for a book to receive information about the book, plus data on
Hornet’s nest or new related book titles. To do this, the NLB used a combination of internal and
era?
external resources.
Cloud computing
lessons from Asia’s “We built up basic internal capabilities, and leveraged partners and vendors
first movers in many of the big data implementations,” says Kia. “Project teams were
formed for each big data implementation, and each project team would
Singapore library
identify the data requirement.”
mines big data
Cloud storage and the The system uses collaborative filtering technology – a data mining technique
law – to mine reading patterns based on the libraries’ past three years’ loan
records. The NLB also uses content-based filtering of the books’ bibliography
records to generate another list of recommended books under the heading
“similar titles you may also enjoy”, a service similar to that offered on
Amazon.com’s website.
The system now generates recommendations for 89% of fiction titles and
53% of non-fiction titles, reflecting the fact that fiction titles are loaned more
frequently.
The NLB uses Mahout text analytics software operating on a Hadoop cluster
from the Apache Software Foundation. This automatically connects its rich
Page 26 of 35You can also read
