Implementation key for successful cloud computing strategy #FOI2024

By GovInsider

Cloud technology is evolving and conventional ideas about the right way forward may no longer work, according to a panel on choosing the right cloud platform.

Participants of the Festival of Innovation’s panel discussion on Choosing the right cloud: Sovereign Cloud vs Public Cloud, Single vs Multi Cloud? From left to right: Access Partnership’s Director of Data Governance, May-Ann Lim, GovTech Director for GDS Central/Government Commercial Cloud, Bing Wan Tang, Nutanix Singapore’s MD for SEATHK, Han Chon and Synapxe, Population Health Programme Office Director, David Chua. Image: GovInsider

In a sign of how rapidly technology is evolving, a high-power panel of cloud computing experts concluded that the strategy of using a hybrid cloud along with multi-clouds is not the go-to it was thought to be only a few years ago. 


Rather than deliberating over the type of cloud, the right implementation is the key concern today. If that is not done correctly, the use of the cloud within the government can multiply risk – contrary to popular wisdom that a multi-cloud strategy can reduce risk. 


Summing up the discussions, Access Partnership’s Director of Data Governance, May-Ann Lim, who moderated the session, Choosing the right cloud: Sovereign Cloud vs Public Cloud, Single vs Multi Cloud?, noted that the central question in the minds of users is whether the cloud can be trusted. The panel was held at GovInsider’s recent Festival of Innovation. 


“This security question leads to the more important one of choosing the right cloud for an organisation’s requirements,” Lim said. 


She said that cloud adoption needs to occur on all levels; by the providers, enablers and users - as everybody “seems to be moving at different speeds” in their cloud adoption journey. 


Lim, also Asia Cloud Computing Association’s Emeritus Director, added that one of the key takeaways from the discussion was that government technology is architected to be adaptable and agile from Singapore's perspective.

GCC: A platform approach for government  


Singapore’s GovTech Director for GDS Central/Government Commercial Cloud, Bing Wan Tang, shared that the Government Commercial Cloud (GCC), has been built from the ground up by GovTech in 2018. Unlike the US government’s GovCloud, GCC is not ring-fenced and controlled by the Singapore government, he explained.

Rather, the GCC "is a platform where government agencies can tap on AWS, Azure or Google Cloud's cloud-native services," Tang said. He added that it provides all government agencies with a highly scalable platform to advance citizen and business services through cloud-native capabilities with agility and better security. 


GCC 2.0, the latest version of GCC, enables agencies to tap on native cloud services provided by AWS, Azure or Google Cloud. This is a “platform strategy” which aims to support agencies in choosing what’s best for them. 


Through the GCC, GovTech Singapore has supported government agencies in onboarding to the cloud environment of their choice, while ensuring the environments are compliant with security requirements. 


Now that the government has achieved its goal of shifting 70 per cent of less sensitive systems to the commercial cloud, GovTech is looking to continue supporting agencies in further modernising their approach to the cloud, he shared. 

Healthcare sector tapping on cloud-native  


Singapore’s national health tech agency, Synapxe, Population Health Programme Office Director, David Chua, said, “I am not sure that ‘Choosing the right cloud’ is the right question”.  


The public healthcare sector uses the cloud to improve user experience, support hospital systems, and enable high-performance systems to run smoothly. The cloud adoption strategy would vary with the different use cases and requirements. 


He noted that by asking the question, “we are oversimplifying things,” and explained that choosing a cloud service is almost like choosing the right electricity provider.  


Chua said there are certain different factors that one needs to consider. 


Synapxe and Singapore’s public healthcare ecosystem generally prefer to use cloud-native services which can give “a certain level of performance, resiliency and availability” and take full advantage of the cloud-native environment by re-platforming systems. 


“So, when we go to the cloud, we don't want to replicate what was being done on-prem, we want to explore implementing (new) things… so that we can minimise changes resulting from human errors,” Chua said.  


Where possible, Synapxe is also looking at adopting software-as-a-service (SaaS) to gain operational efficiencies and cost savings. 

Factors to bear in mind


Nutanix Singapore’s MD for SEATHK, Han Chon noted that as a service provider, he often hears government agencies and departments cite three aspects of a cloud service that are important to them.  


One is agility, or the ability to ramp up or ramp down service requirements and to move around different clouds.  


The second is security and how agencies can retain control and deliver on data sovereignty and other statutory requirements. 


The third major factor is simplicity and how the cloud can simplify work for agencies so they can concentrate on implementing new things like GenAI for example, he said. 


“Agencies and (government) departments are continuously finding their needs and requirements evolving... I believe that the future is somewhat fluid.  


“We don't need to assume that commercial cloud is the be-all, end-all, nor should we think the same for on-prem,” Chon said. 


He added that the ability to be able to move around these requirements is going to be the key enabler for a lot of the agencies that are looking for the best bang for the buck. 

Managing risk appetite 

Tang also brought up the importance of data residency and data sovereignty as a key consideration.

He noted that Singapore has policies which determine best practices for adhering to data residency and sovereignty requirements across the whole of government.

The ideal situation is for data to reside in Singapore, but there are certain situations where data might need to flow to regions outside of Singapore, such as certain telemetry data, Tang said. 


“How do we manage [the risks]? Do we move everything back to data centres on-premises? ... These are some of the questions... (and) obviously, it is still a work in progress,” he added. 


Nutanix’s Chon noted that, according to a recent survey by the company, 92 per cent of Singapore respondents highlighted that sustainability was an emerging consideration and many were looking at cloud computing from that lens. 


Talking about the security aspect of using cloud services, Chon said that technologically speaking, the hyperscale cloud service providers are extremely secure and well-organised.


“So, it’s rarely about whether they are better than me (in security) or can they provide better services,” Chon said. Instead, the choice of a cloud service boils down to an organisation’s risk tolerance and its compliance requirements.  


To watch the panel recapped in this piece, do follow the link: Choosing the right cloud: Sovereign Cloud vs Public Cloud, Single vs Multi Cloud? 


Also read: Driving AI adoption while maintaining trust using hybrid cloud