Cloud use in SEA facing 'rogue cloud' challenge: Symantec

By Edwin Yapp March 8, 2013

Increased cloud adoption seen in South-East Asia, but some impediments may slow implementation
Compliance and inefficient storage of information are among considerations companies must address

CLOUD computing adoption in the region may have increased in the past year but several issues facing enterprises remain unresolved and could act as stumbling blocks to efficient implementation, according to a new study by Symantec. Among them is 'rogue' or unsanctioned cloud implementations.

In its recently released survey, the enterprise security vendor noted that nine in 10 organizations are "at least discussing cloud computing” in four of South-East Asia’s major economies – Singapore, Indonesia, Thailand and Malaysia.

Yet, three pressing issues could potentially derail further adoption of the cloud or cause complications in cloud implementation in these countries, noted the Mountain View, California-based company in its 2013 State of the Cloud Survey.

Dave Elliott, senior product marketing manager for Symantec, said the three concerns are: Rogue cloud implementations, cloud backup and recovery issues and inefficient cloud storage implementations.

Cloud use in SEA facing 'rogue cloud' challenge: Symantec Speaking to the media at a briefing in Kuala Lumpur recently, Elliot (pic) said, “These factors represent certain hidden costs in cloud implementation not usually discussed upfront when an enterprise adopts cloud computing. Organizations should be aware of these factors upfront before blindly going into the cloud.”

Covering 3,236 global organizations across 29 countries including 13 nations from Asia Pacific, the Symantec State of Cloud survey was conducted by research firm ReRez between September and October 2012.

Responses came from companies of between five and 5,000 employees. Of those responses, 1,358 were from small- and medium-sized businesses (SMBs) and 1,878 from enterprises. In the four South-East Asian countries, a total of 500 organizations were polled – 150 respondents each from Singapore and Malaysia, and 100 each from Thailand and Indonesia.

According to Elliot, rogue clouds are defined as disparate business groups within a company implementing or utilizing public cloud applications that are not managed by or integrated into the company’s IT infrastructure.

The Symantec study revealed that 95% of businesses in Malaysia within the last year experienced rogue cloud deployments followed by 92% in Indonesia, 87% in Thailand, and 85% in Singapore. The global average for rogue cloud deployments experienced in large organizations stood at 83% while the figure is 70% in SMBs, Symantec noted.

Elliott said one of the main drivers for rogue cloud deployments is that many of these services outside the corporate IT infrastructure are just easier to use.

“It could be services like the ones provided by cloud storage players such as Dropbox, Box or even public cloud-based email services [like Google Mail].”

Compounding this is the fact that the respondents in the survey do not think it’s going to get any better in the coming year, with 50% of them saying that such instances of using outside services are getting more frequent, Elliott added.

“Whatever they are, these services are being used in a shadowy way, and corporate IT doesn’t know this, and this can be huge risk factor [for enterprises],” he said.

The statistics revealed by Symantec also tallied with what VMware noted in its own “New Way of Life 2013” study, reported by Digital News Asia last week.

In its study, the virtualization and cloud player said 68% of respondents in Malaysia who do not get the IT support they need to make “bring your own device” (BYOD) work in their organizations would take matters into their own hands by finding their own software solutions, while 64% say they would turn to Google to find an answer to their problems.

Other barriers

On cloud back-up and recovery issues, the Symantec study noted that many companies use three or more solutions to back up their physical, virtual and cloud data, which leads to increased IT inefficiencies, risk and training costs -- this was true of 87% of Thai enterprises, 78% in Indonesia, 59% in Malaysia and 50% in Singapore.

Cloud use in SEA facing 'rogue cloud' challenge: Symantec As for inefficient cloud storage, about 50% of enterprises in Singapore and Malaysia admit very little, if any, of their cloud data is de-duplicated, followed by 40% in Thailand and 35% in Indonesia.

Data de-duplication is a compression technique used by storage software to eliminate duplicate copies or multiple instances of similar or repeating data so that information can be more efficiently stored.

Besides these three main issues, Symantec highlighted two other challenges it says would affect enterprises.

The first is meeting compliance and 'eDiscovery' processes while the second is “data in transit issues.”

Elliot said compliance is about enterprises meeting regulatory processes and protocols and eDiscovery is about fetching information from archives for audit purposes in a timely manner, something that all companies surveyed in the study are struggling with.

As for data in transit issues, Elliott said organizations have all sorts of assets in the cloud – such as web properties, online businesses or web applications – that require SSL (Secure Sockets Layer) certificates to protect the data in transit.

“Our findings showed companies found managing many SSL certificates to be highly complex and this will continue to be an issue for the coming year.”

To address these issues head on, Elliott recommended that companies take a four-pronged approach.

“These issues are easily mitigated with careful planning, implementation and management. Begin by focusing on policies for information and people, not on technologies or platforms,” he said, adding that this is where many organizations trip up.

“Next, educate, monitor and enforce policies, as a policy is only as strong as its enforcement. It’s also important to embrace tools that are platform agnostic so that if any new technology gets introduced, your system can support it.

“Finally, enterprises must take de-duplication in the cloud seriously so that efficiencies can be attained.”

Related stories: