INDIA--Given the concerns over data security and regulatory compliance, large companies in the country are choosing to adopt private clouds and hybrid models of cloud computing.
Cloud computing is commonly perceived to benefit mostly small and medium businesses (SMBs), but a growing number of large Indian organizations including Shoppers Stop, Bharti, Ashok Leyland, Asian Paints, Maruti Suzuki, Bajaj Auto, Infosys and Tata Elxsi, are turning to the cloud, too.
"CIO of large Indian companies are quite interested in cloud computing, where most of them are exploring how the cloud impacts their IT infrastructure," Aman Dokania, vice president and general manager of infrastructure software, Hewlett-Packard Asia Pacific and Japan, told ZDNet Asia in a phone interview.
Andrew Knott, Asia-Pacific vice president of marketing, Salesforce.com, said in an e-mail that cloud computing is suitable for both large and small businesses. In India, the software-as-a-service (SaaS) vendor counts large business houses such as Tata and Bajaj Auto, as customers.
The platform offers a predictable, pay-as-you-go model for businesses to access computing resources. In an economic downturn, the appeal of this cost advantage is hugely magnified.
There are also other advantages besides costs, Knott said, such as easy access to applications from any computer or device, anytime and from anywhere. Cloud also enables seamless upgrades, where the provider manages all the updates and upgrades for multi-tenant cloud applications, and cuts deployment time, allowing companies to be up and running in days or weeks, instead of months or years.
Vikas Arora, group director of enterprise services at Microsoft India, said in an e-mail: "For large enterprises, lower total cost of ownership (TCO) is a means to achieve greater profits."
The software giant is in the process of launching its cloud offerings in India, and have signed up partners to trial products that have been launched worldwide, Arora said.
According to a recent report by Springboard, the Indian SaaS market was pegged at US$51.6 million (2.5 billion rupees) between 2008 and 2009, and is expected to reach US$100.4 million (4.9 billion rupees) by 2010.
Growing at a compound annual growth rate of 76 percent, this market is expected to touch US$248.5 million (12 billion rupees) by 2011, and cloud-based ERP and CRM applications are likely to see highest demand.
Appeal of private clouds
For any large enterprise, transition to the cloud is a major decision.
"Concerns like data control, management, accessibility and security hold back large enterprises from switching to the cloud," Arora said.
Sharad Singhal, Distinguished Technologist at HP Laboratories, explained in a phone interview: "The concerns of large companies are slightly different from those of SMBs. SMBs tend to worry a lot about the initial investment and the TCO. They have fewer concerns over compliance and data security issues.
"That's the reason why large companies in India are going for a hybrid model," Singhal said, adding that industries such as telecom, banking, oil and gas, are more open to cloud computing.
Dokania said: "Some leading Indian companies that are exploring customers overseas are leveraging infrastructure-as-a-service (IaaS), which is the first step to a cloud model."
Today, CIOs are increasingly considering the cloud as a part of their IT roadmap.
"To begin with, large companies are going in more for the private cloud. Among Asia-Pacific countries, there is a lot of interest in private cloud," Dokania added.
Private clouds are proprietary computing environment that provide hosted services to a limited number of people behind a firewall, providing organizations more control over their data.
Addressing regulatory, security concerns
Regardless of its benefits, however, most cloud providers believe that not everything will be moved to the cloud.
In a large enterprise environment, the cost advantage of moving to the cloud is overshadowed by concerns over regulatory requirements, agility, data security, and so on.
Naveen Mishra, senior research analyst at Gartner, said: "Globally, data security, confidentiality and regulatory compliance, are key concerns for companies that plan to move to the cloud."
According to Mishra, companies must ensure security layers are provided by the vendor, and large companies are addressing these concerns by choosing certified cloud services providers.
"Regulatory issues are critical for companies because regulatory compliance lies with the user, and not the provider of cloud computing services," Mishra noted.
CIOs today need to comply with several U.S. regulations, including the Sarbanes-Oxley Act (SOX) that governs corporate financial reporting, and the Health Insurance Portability & Accountability Act (HIPAA), which sets rules for security and privacy of health records. There could also be a host of domestic regulations companies need to address.
Cloud providers are addressing these concerns through their own unique models.
Microsoft's "software plus service" delivery model, for instance, allows companies to have their development teams use cloud-based virtual servers, while keeping production servers on premise, Arora said. "This comes as a preferred option for large enterprises since it takes care of their security and privacy concerns," he added.
According to the Microsoft executive, audits and assessments are conducted on the vendor's cloud environment on a regular basis. These include audits for credit card transactions, compliance with SOX and HIPAA, and internal audit and privacy assessments, he said.
According to Knott, Salesforce.com addresses security concerns through its Custom Cloud offering. "With Custom Cloud and Force.com platform, developers can build, test, deploy and run applications in the cloud. Security, reliability, backup, scale…become non-issues because they are managed by Salesforce.com," he said, adding that this frees IT departments to spend more time on serving business needs and less time on managing infrastructure.
Swati Prasad is a freelance IT writer based in India.