Public Cloud Policy
Transitioning to cloud necessitates involvement of Government. With this in mind, MeiTY has embarked on an ambitious project called “Silver line Architecture for Cloud” that tries to establish a transparent and conducive regulatory framework that ensures data ownership, retention policy and content regulation while codifying measures to be taken in case of data theft or leakage out of the system and provides faster resolution and remedies to the user.
Maharashtra unveiled a public cloud policy, virtually mandating its departments to shift their data storage onto the cloud and making them available to the general public. This policy is in compliance with government’s National Data Sharing and Accessibility Policy, 2012, which mandates facilitation of access to government-owned shareable data in human readable and machine readable forms. The objective of the policy is to use public cloud in cases wherever the Right to Information Act is applicable, and then increase security features for private and sensitive data.
What is a Public Cloud?
“Public cloud” is a fully virtualised environment providing a multi-tenant architecture that enables users or tenant to share computing resources or data. It is based on standard cloud computing model, in which a service provider makes resources, such as virtual machines (VMs), applications or storage, available to the general public over the internet. Public cloud services may be free or offered on a pay-per-usage model.
- Given the huge requirement of services for citizens, the government is actively looking at cloud based services as first option. A significant step in this direction is MeghRaj - National Cloud Computing Initiative, which sets basic standards for all cloud services for Government of India as well as evangelizing projects through Cloud First policy.
Components of MeghRaj
- Setting up of state and National Clouds
- Setting up an e-gov Appstore and clouds by other Government entities
- Empanelment of Cloud Service Providers
- Empanelment of Cloud Auditors
- Setting up of Cloud Management Office which creates an ecosystem for cloud proliferation
- MeghRaj(GI- Cloud) service directory
Why Public Cloud Policy has been launched?
- The policy accelerates e-governance and is in line with the vision of Digital India.
- The policy opens up additional private sector investments as government is one of the biggest creators and consumers of data.
- It reduces the need for organizations to invest in and maintain their own on-premises IT resources
- It enables scalability to meet workload and user demands.
- It reduces wastage of resources as customer pays only for resources they use.
- Shifting to public cloud creates a $2 billion opportunity for the IT sector
- It reduces high maintenance cost and reduces expenditure on IT resources( procure ICT services on demand in the OPEX model rather than investing upfront on the CAPEX)
Key Issues in Cloud Services
- Cloud Policy and Strategy
- Data location and cross border laws
- Tax implications
- Potential threat of data security and privacy
- Industry specific compliances and regulations
- Mystifying Licensing and registration requirements imposed by Service Providers
- Lack of clarity with respect to Intellectual Property Rights(IPRs)
- Perplexing contracting terms provided by Cloud Service Provider
- Complicated Audit
Challenges in Shifting to Public Cloud Policy
- Meeting multiple contractual requirements especially when data protection requirements and data breach liabilities of different countries vary considerably
- Burden of privacy requirements of organizations and difficulty in meeting diverse security requirements
- Huge initial capital expenditure / investment
- Technological limitations i.e. Interoperability – Businesses want interoperability between their in-house infrastructure and cloud. Many cloud platforms cannot interoperate because they use different technologies and configure the environment differently.
- Infrastructure challenge with respect to cheap and steady Power supply, Land/Real Estate at affordable cost, connectivity and network bandwidth
- Awareness and local language support – With 29 official languages in India, most cloud service providers are facing challenge in providing interfaces in Indian languages.
- Create a technological, organizational and process related environment that will enable delivery of “Cloud Services on Demand”.
- Facilitate and enable rapid replication of successful applications across states who are willing to subscribe to the model.
- Seamlessly unify existing and future assets including National Data Centres (NDCs), State Data Centres (SDCs), Common Service Centres (CSCs), MSDG, National Knowledge Network (NKN), National Optical Fibre Network (NOFN).
- Creation of an “e-Gov Application Store” accessible to States/UTs on voluntary freewill basis.
- Enhancing delivery capabilities of existing applications and those in pipeline
- Ensure the technology is secure and future-proof