|
Listen to this story
|
A transition to the cloud is inevitable, even for the Indian government. The Ministry of Electronics and Information Technology (MeitY) recently announced its plan to create the National Government Cloud to store sensitive governance- and defence-related data locally, as the first step toward data localisation.
The plan is to store all data generated by the state and the central governments and its various departments and agencies locally in India.
National Government Cloud
“The Government of India needs a network of Hyperscale Data Centres to efficiently store and manage the data being generated on govt/ semi govt platforms. Data Centres are an important element of our digital ecosystem,” the request for proposals document released by National Informatics Centre (NIC), said.
THE BELAMY
Sign up for your weekly dose of what's up in emerging technology.
The plan is to build 200 MW capacity Hyperscale Data Centre Campuses (HDCC) across the country. The ministry is looking at a Public Private Partnership (PPP) model to develop the National Government Cloud.
While the NIC will act as the technical partner, the National Informatics Centre Services Inc (NICSI) will act as the nodal implementation agency for the execution of the project over a span of 10 years.
Download our Mobile App
These data centres are designed to support business applications and activities that include:
● Personal data management
● Email and file sharing
● Productivity applications
● Customer relationship management (CRM)
● Enterprise resource planning (ERP) and databases
● Big data, AI/ML
● Virtual desktops, communications, and collaboration services
Why move to the cloud?
Across the globe, cloud computing is increasingly becoming an accepted way for governmental organisations to store their data, systems, and solutions. A full migration to the cloud is inevitable for the government as it helps to deliver government services in a much more efficient way. Migrating to the cloud will also allow the government and its various departments to tap into AI/ML, high-performance computing and analytics capabilities in new ways.
“The government is storing data on the indigenous cloud for ease of access and security/surveillance of data from foreign eyes. There are many reasons why they do this, and one of the most important is that it will be easier for them to access it and use it efficiently,” Major Vineet Kumar, founder and global president of CyberPeace foundation, told AIM.
Mohit Arora, senior director (commercial business and government business), VMware India, told AIM that governments and regulated businesses are closely examining their cloud strategies that include access to their data as a result of the growing significance of data sovereignty, the scrutiny of data access and management, and rising geopolitical tension.
“The transition from cloud chaos to a cloud-smart approach to storing data has increased productivity and efficiency while making government machinery more accountable, transparent, and people-friendly.”
Is it safe?
“I think that journey to a cloud is inevitable. That’s the move which the entire industry is making, whether you look at the private industry or the government and associated organisations. I think the right question to ask is what kind of security policies the government is adopting.
“And one should be aware about all the functionalities which the security technology offers, and ensure that the government is doing enough to ensure that the data being moved to a centralised location is protected,” Ramanujam Komanduri, country manager at Pure Storage, told AIM.
The first safety measure that the government can implement is to ensure that the data is stored locally, and the government has already done that. Also, another way to ensure safety is to classify data according to how sensitive it is and adopt the relevant security protocols. The government could move less sensitive data to the cloud; however, when it comes to data related to defence, they should have added layers of security.
Further, the government should also have a policy in place designed specifically to protect government data on the cloud. For example, the Federal Risk and Authorisation Management Programme (FedRAMP) by the US government is one such policy that was designed specifically for this purpose.
The government of India is already working on a data centre and cloud policy. The government could include provisions to promote the adoption of secure cloud services across the federal government by providing a standardised approach to security and risk assessment.
“Even though the government has very strict security measures to ensure that the data stored on the cloud is safe and protected; however it could be hacked by any random person or any state-sponsored hackers. This would put critical information infrastructure and national security at risk, which is something that we cannot afford to happen,” Kumar said.
Further, with regard to National Security, the government will have to make sure the data gets well encrypted and isn’t misused. Kumar believes below are some of the aspects the government needs to consider when moving sensitive data to the cloud:
● Securing and protecting data in transit
● Data sovereignty and jurisdiction
● Ensuring there is no unauthorised access to data while it’s stored in the cloud or is being retrieved
● Ensuring there is no unauthorised deletion of data
● Ensuring that all stakeholders have appropriate access to information and are able to retrieve information on demand
● Making appropriate backups of the data
