Taranjit Kaur, Assistant General Manager, TCIL

The need for migration of a company’s data to a cloud network arises from the  fact that the physical storage is limited with a short life span and has restricted access within the premises. Moreover, as the data grows, the demand for storage increases consequently. Hence, migrating enterprise data to a cloud is preferred, irrespective of whether an organisation is a start-up or a well established corporate. The basic idea behind cloud topology is to virtualise the storage, servers and the network to achieve scalability and flexibility.

Based on the deployment models available, an enterprise can opt for private, public, hybrid or community cloud to provide access to the data to its employees, taking into consideration the extent of privacy and security. The private cloud, being more secured network, requires the maximum investment in terms of cloud provisioning by the company itself. In contrast, the public cloud is less secured with multi-tenancy and a virtualised environment for data. Hybrid networks are the bridge between the private and the public cloud. It signifies data accessibility between a community group like a hospital chain or educational institutions. Hybrid networks demand intermediate investments.

Given the deployment models, various factors need to be analysed before migrating enterprise data to the cloud, depending on the sensitivity/confidentiality of the data to be hosted. Post deployment, a cost analysis, along with a proper risk mitigation plan, needs to be prepared as part of the agreement with the cloud service provider (CSP) while migrating the data from a physical server to the cloud environment.

Are government organisations ready for cloud migration?

The cloud network deployment for government organisations is in sync with the Digital India policy, wherein the main focus for migration is to utilise the existing infrastructure resources optimally and to overcome the fixed size constraints of the physical servers installed within the conventional data centres. As per the cloud policy launched by the Ministry of Electronics and Information Technology (MeitY) for all government departments, the data hosted on the cloud should reside within the country. Therefore, on-demand services and the pay-as-you-use model offered by the government’s cloud, named MeghRaj, by the National Informatics Centre (NIC), makes it convenient for any government organisation to adopt the virtualised network.

Despite this, government organisations continue to use file systems though major data is computerised, but not hosted on physical servers. Hence, the first step towards the adoption of a virtualised environment is to identify which type of cloud network is best suited for a particular organisation. Based on the selection, the traditional data converted into e-data will be hosted on the cloud network to access the same from anywhere at any time.

Cloud service offerings can be infrastructure-as-a-service (IaaS), wherein the network constituting the storage and server will be virtualised and managed by the cloud; platform-as-a-service (PaaS), which offers the platform, operating system along with the infrastructure to be managed by the cloud; and software-as-a-service (SaaS), which encapsulates the control of application data along with platform and infrastructure. SaaS is an expensive service as compared to PaaS and IaaS as it provides complete services to the client.

MeitY’s MeghRaj policy also provides the guidelines for the central and state government organisations to adopt the cloud network architecture. The basic architecture for all models constitutes the front end, representing the client side and backend, representing the cloud network interfaced by internet as a source of communication. The central and state government organisations can select the type of cloud – public or virtual private or government community from the MeitY empanelled CSPs.

Security challenges with government enterprise data on cloud

Various security challenges are foreseen when data of an organisation gets hosted on a cloud model. These challenges are inhibitors, which need to be overcome for promoting maximum cloud utility. Since a third party (in this case a CSP) is involved in handling the data, measures to deal with security issues such as cyberthreats and other miscellaneous attacks must be precisely mentioned clause-wise in the service-level agreement between the client and the CSP. Data in a virtualised cloud environment gets stored in an encrypted form. Each service offering like IaaS, PaaS and SaaS has its own security boundaries for the client. However, the client must ensure that the privilege rights must be provided only to the authorised persons. The inventory should be maintained by the CSP to keep a record of the users accessing the cloud data, which is helpful in case of a security breach.

For a government entity, the cloud utility is a sensitive area as the organisation’s data represents the government’s information. Therefore, the concerned ministries are continuously working to upgrade the government’s cloud policy as per the changing trends and technologies. In fact, many PSUs like Telecommunications Consultants India Limited (TCIL) are already accessing the services on the national cloud and migrating more data to it with time