Dark clouds? UAE tackles issues hindering adoption

3 October 2019

Data security and data availability are at the top of the concerns of the businesses reluctant to cloud adoption.

 

The UAE’s cloud market industry is taking bold steps in addressing the issues that hinder cloud adoption among businesses, despite being host to the most competitive cloud market in the Mena region. The UAE is making a conscious effort towards positioning itself as the ‘regional data and cloud hub’ with the public cloud and cloud services markets projected to reach $410 million and $290 million, respectively, by 2020.

The UAE’s massive bet on disruptive technologies – smart cities, artificial intelligence, the Internet of Things and blockchain, most of which should be preceded by the provisioning of reliable cloud platforms – promises a hockey-stick increase in the size of the cloud market in the country. The UAE can maintain and even enhance its standing by introducing a world-class data protection law that would inject more transparency into what can and cannot be done when it comes to the cloud.

Recently, the Middle East and North Africa Cloud Alliance (MENACA) – a home-grown, vendor-agnostic industry association focused on monitoring, identifying and resolving issues around cloud adoption in the Mena region – strived to give the industry a unique voice and to provide a wide range of stakeholders with unbiased insights into the region’s cloud ecosystem.

Omid Mahboubi, founder of MENACA, said: “On a foundational level, the biggest hindrance [and the enabler] of adoption is trust. It could be the case where you as a business simply cannot put all your trust in a vendor’s promise to protect your data, or you are reluctant to trust the enforcement process to be able to protect your rights in case things go wrong, or event perhaps trusting your specific industry authority’s ‘no cloud policy’ a little too much, it all boils down to trust. Now the good news is that we are slowly but surely moving to not-only a cloud-first policy mindset, but a smart-cloud mentality. However, there are few bumps in the road to get there.”

Mahboubi points out that on data protection front, the broad consensus among industry thought leaders is to first make sure that the existence of a crippling confusion in the market is acknowledged which is significantly inhibiting the adoption of many great solutions.

“When it comes to security, a recurring theme within the industry is the importance of instilling a culture of security. This, as one can imagine, takes continuous education and inclusive awareness efforts making it very challenging for decision-makers to evaluate how much resources to allocate here. The bright side though is that the very technology that could potentially make your systems vulnerable can be utilised to make those systems abundantly more secure. This partly explains the growth of cloud-based security solutions in the region.”

Data security and data availability are at the top of the concerns of the businesses reluctant to cloud adoption. Moreover, a lack of clarity when it comes to regulation in data jurisdiction, and protection of personal information is slowly becoming a growing issue in the region. Education and demystifying the advantages and challenges of cloud adoption for the average business leader is crucial. Working hand-in-hand with regulators and industry thought leaders to clarify on the confusions and coming up with simple business-focused and effective guidelines and preparing

Ali Shabdar, chairman SME Committee, MENACA and regional director MEA, Zoho Corporation, said: “Cloud literacy and adoption in the UAE is one of the highest in the world, thanks to a highly-educated business community, reliable Internet infrastructure and visionary and practical support from the public sector. We do, however, need more work in terms of protection of personal data and compliance with international regulations, such as GDPR [General Data Protection Regulation], to be able to stay on the safe side of the law and prosper.”

Many organisations in the region are already using cloud service but remain cautious while new regulations are on the horizon. There also needs to be more clarity from cloud providers on whose responsibility it is to protect valuable data, rather than the underlying infrastructure. Businesses need to accept that they have a duty of care to protect classified data. However, concentrating services with one single cloud provider also creates the business risk that needs to be addressed. Security also remains the largest inhibitor for cloud adoption in the region so when designing your services to be ‘cyber-resilient,’ it is good practice to selecting a multiple cloud strategy that gives you enhanced and layered security from multiple vendors.

Jeff Ogden, general manager for the Middle East and India at Mimecast, said: “Cloud services are adding great value to customers in the Middle East. The investment in the region from the likes of Microsoft is also helping customers to comply with regulations and keep classified data within the country.”

“Customers, however, are telling cloud providers that would like to extend their cloud footprint outside of the UAE and need a little more guidance on how the regulations apply to particular business use cases. This is having an impact on cloud providers whose infrastructure is outside of the UAE. We would encourage customers to seek guidance from the standard bodies in government and within particular verticals on how they should balance the business requirements with the regulations to reach a satisfactory solution,” he added.

Habib Matta, director operations, LiveRoute, said: “Cloud is a key enabler for businesses to accelerate their digital transformation journeys providing them environments that are scalable, reliable, and highly available, amongst others. While the cloud has a number of benefits, cybersecurity is the main area of concern for companies looking to migrate their workloads to the cloud. Other challenges include data loss and data breaches, cloud governance, risk and compliance, and data residency and sovereignty.”

According to a YouGov survey of 502 UAE-based IT decision-makers, 88 per cent said they will increase cloud spend in 2019, and 59 per cent of all respondents said they will increase cloud spend by at least 30 per cent.

Findings from a Microsoft Digital Transformation survey revealed that two in three Gulf enterprises plan to invest at least five per cent of annual revenue in the digitisation of operations. Up to 51 per cent of organisations named cloud computing as a priority, followed by business intelligence (41 per cent), Internet of Things (37 per cent), and Artificial Intelligence (29 per cent).

Seventy per cent of startups in Dubai currently use cloud computing, and 24 per cent even built their startups on the cloud, according to The Cloud Report 2017 developed by Dubai Silicon Oasis Authority (DSOA) and in collaboration with IBM.

“As a part of the cloud business in the region, we see a lot more cloud providers laying emphasis on their security posture to ensure that their customer’s data is secure. This includes ensuring businesses are able to adhere to data protection regulations and are able to maintain regulatory compliance with cloud service providers consciously and adding value to their services by attaining relevant certifications. Earlier security was a barrier in public cloud adoption. However, security is now seen as one of its biggest strengths as cloud providers are adopting the latest innovative technologies, security systems and compliance initiatives,” added Matta.

Advise for businesses
· Adopt a multi-cloud strategy
· Rely on expert cloud Managed Services Providers (MSP) and Managed Security Services Providers (MSSP)
· Use state-of-the-art Security Operations Centres (SOCs) to provide very well-established Business Continuity and Disaster Recovery planning and advance Governance, risk management and compliance frameworks and practices.
– sandhya@khaleejtimes.com