HKCS CCSIG Cloud Executive Forum keynote
Upcoming SlideShare
Loading in...5

HKCS CCSIG Cloud Executive Forum keynote



Oct 10 2013

Oct 10 2013



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

HKCS CCSIG Cloud Executive Forum keynote HKCS CCSIG Cloud Executive Forum keynote Presentation Transcript

  • WHERE ARE WE TODAY? Source: Rackspace Hong Kong Cloud Survey (July 2013) 36% 34% 30% Private Cloud Public Cloud Hybrid Cloud General cloud adoption in HK: 84% The rest are considering transition within 1-2 years
  • BASIC APPLICATIONS ARE MORE POPULAR Complex Basic Source: Rackspace Hong Kong Cloud Survey (July 2013)
  • FULL POTENTIAL NOT YET REALISED • HK IT market: 4 billion market, 10% cloud adoption? • New business opportunities and jobs from cloud adoption • Increased government investment and facilitation • SME cloud adoption on the rise • New technology emerging: Internet of Things, streaming digital content…
  • CLOUD STANDARDS Establishing standards and interoperability OGCIO: 1. HK/Guangdong Expert Committee on Cloud Computing Services and Standards 2. Expert Group on Cloud Computing Services and Standards (EGCCSS) • Working Group on Cloud Computing Interoperability Standards • Study on Cloud Services Assessment Tools and Certification Schemes
  • INFRASTRUCTURE – DATA CENTRE DEVELOPMENT Availability of land and space • Greenfield Sites in Open Market: 5 tender proposals received for TKO site bidding • Redevelopment of Industrial Buildings for Other Uses • Wholesale and partial conversion • HK Science & Technology Parks? Or even Underground Cavern Sites?
  • SECURITY AND CONTROL Businesses •Outsourcing: How to select a cloud vendor? •How to maintain direct control to safeguard data integrity? Cloud service providers •How to satisfy data residency and privacy requirements •How to remain flexible and provide cost- effective service? Regulator •Formulation of relevant standards and practices •Would sensitive data end up overseas? Customers/end- users •Are my data safe in the cloud? •Would I know if there is security or privacy breach?
  • IMPROVING DATA SECURITY AND PRIVACY Governance Operation Governance and Enterprise Risk Management Traditional Security, Business Continuity and Disaster Recovery Legal and Electronic Discovery Data Center Operations Compliance and Audit Incident Response, Notification and Remediation Information Lifecycle Management Application Security Portability and Interoperability Encryption and Key Management Identity and Access Management Virtualization Source: Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, Cloud Security Alliance 2009
  • PRIVACY Security Is the data protected from theft, leakage, spying or attacks? What is the level of control and protection? Residency Where is the data stored? geographically disbursed? What to do with data in transit & outside territory? Privacy Who can see personally identifiable information (PII)? Storing, transferring, locating and protecting PII
  • COMPLIANCE WITH REGULATION • Some countries have laws restricting storage of data outside their physical country borders: India, Switzerland, Germany, Australia, South Africa and Canada • EU: Data Protection Directive; Safe Harbor Principles • USA: US Patriot Act, 40+ states have breach notification laws (25 states have exemption for encrypted personal data) • Canada: Freedom of Information and Protection of Privacy Act • Hong Kong? • Section 33(2)(f) of Personal Data (Privacy) Ordinance, • Guidelines and information via
  • PERFORMANCE AND IMPLEMENTATION • Cost of migration: cloud adoption = downsizing? • System integration with existing infrastructure • Other costs: business process transformation, infosec support • Service level agreements (SLAs): data security and system availability • Interface with customers?
  • WHAT’S NEXT? • Cloud as the tool for business and process transformation • Blurring distinctions between SaaS, PaaS and IaaS environments • Level of knowledge of potential cloud customers • Hong Kong as the Global Cloud Centre?
  • Charles Mok Legislative Councillor (Information Technology) Facebook: Charles Mok B Twitter: @charlesmok