How about governments riding the cloud with safety belts on?

The Monsoon clouds that had arrived earlier this year would soon be retreating, marking the end of yet another cycle of rain. Meanwhile, the Cloud [computing] direction papers that Government of India had brought out earlier this year are awaiting an effective formation.

Cloud computing seems to have moved quite a bit in terms of enterprise adoption ever since the government announced its cloud initiative termed GI Cloud aka Meghraj (megh being an Indian term for the rain clouds).

A recent survey by ICT market research and advisory firm Current Analysis shows that the cloud adoption at enterprises in India, at 68 percent, is actually comparable with that in the US market. However, the government sector in India has lagged the Federal initiatives in the US when it comes to embracing the cloud.

The US government has adopted a Cloud First policy, which means that various government agencies should first try to leverage cloud before embarking on other IT deployment models for their needs. Some of the notable developments include the USD 600 million cloud contract that CIA awarded to Amazon Web Services and the Department of Interior’s USD 10 billion plan to migrate IT operations to the cloud involving roles from the likes of IBM, AT&T, and Verizon.

Other forward-looking Governments worldwide have also been at varying stages of their respective national cloud developments. Some of these include the UK, Australia, Japan and Singapore.

Perhaps the strongest endorsement of public cloud has come from US space agency NASA, which shut down its own private cloud Nebula in 2012 after concluding through a test where the public clouds scored better in terms of reliability and cost-effectiveness. Not that government agencies are all hunky dory about the public cloud in markets like the US; there are compliance and certification grounds that need to be cleared but then the progress is nevertheless taking place.

Cloud has gone mainstream across enterprises globally at a rate faster than one would have hoped for. But how are enterprises managing their IT security and privacy concerns when jumping onto the cloud?

The IT folks at enterprises have been known to be so painstakingly particular about IT security that they could at times risk being labelled as fastidious. Security and privacy concerns have long been rightly suspected as a key reason behind organizations’ resistance to the newer computing paradigms like Cloud.

So it came as a bit of a surprise when a study at market research firm Current Analysis revealed that Cloud adoption across enterprises in India with employee-size ranging from 100 to 10,000-plus was as high as 68 percent. Even more, India fared better than the Asia Pacific average, where the Cloud adoption hovered at 65 percent. (Interestingly, the study also showed that North America had the same level of adoption as India, at 68 percent.)

Before you could jump to a conclusion that these enterprises had shed away their “security” guards and embraced Cloud by setting aside all inhibitions, consider this qualifier:

Indian organizations have opted largely in favour of private clouds and not the public clouds. These private clouds can be highly controlled IT environments and give enterprises a huge comfort in terms of adherence to their IT security policies and compliance requirements.

Interestingly, the study also notes that these private clouds have mostly been set up by IT service providers (the likes of TCS, IBM, HP, Wipro and Tech Mahindra), which have been long-standing and trusted partners for enterprises in India.

That relationship of trust also explains why Indian enterprises seem to be favouring IT service players over public cloud players or consulting companies when it comes to choosing partners for the deployment of Cloud, Big Data, Network Security, Enterprise Mobility and other such various solutions.

Well, while security concerns will indeed continue to weigh upon any cloud-related decision making, it could be naïve to assume that enterprises will chose to close their eyes to the benefits of public clouds.

Yet, it does mean that public cloud players like IBM SoftLayer, Microsoft Azure, Amazon Web Services, Rackspace and NTT Communications will have to work harder to alleviate enterprises’ concerns around security, privacy and compliance.

Some of the questions that the cloud players need to ask: what are the key priorities of the enterprises when it comes to deciding on their partners for various cloud service needs, ranging not just from IaaS, PaaS or SaaS but also for Unified Communication, Big Data, Analytics and Enterprise Mobility Solutions.

What are some of the key considerations does India need to have when rolling out its cloud program?

While the long-term objectives have been listed out in the direction papers, there may be a need to at least tactically revisit those in the light of face-paced dynamics being witnessed in the area of cloud. Some of the guiding principles may be:

Stay Light: The idea is not to straight away jump into building a big captive cloud—that could defeat the very core objective of achieving cost-effectiveness. Governments would be better off defining parameters, specifications and certifications that third-party cloud providers should strive to deliver. Captive build-outs must be done only as a last resort.

Cloud First: For example, after US, the Australian government also announced its “cloud first” policy earlier this year for all “low-risk and generic” ICT services. India could do something similar.

Make A Start: That’s the most important first step (goes without saying), maybe with the non-mission-critical workloads into the cloud and identify and address the challenges. Also, while it is a good idea to bring in best practices from the first-mover governments, it is equally important to develop solutions that address our own needs. A government would know what works best for it and its citizens only when it makes a start.

After all, as they say, one size doesn’t fit all. Or shall we say—one cloud doesn’t cover all!