Long journey of Ruby standard library at RubyConf AU 2024
HKCS CCSIG Cloud Executive Forum keynote
1.
2. WHERE ARE WE TODAY?
Source: Rackspace Hong Kong Cloud Survey
(July 2013)
36% 34% 30%
Private Cloud Public Cloud Hybrid Cloud
General cloud adoption in HK: 84%
The rest are considering transition within 1-2 years
3. BASIC APPLICATIONS ARE MORE POPULAR
Complex Basic
Source: Rackspace Hong Kong Cloud Survey
(July 2013)
6. FULL POTENTIAL NOT YET REALISED
• HK IT market: 4 billion market, 10% cloud adoption?
• New business opportunities and jobs from cloud
adoption
• Increased government investment and facilitation
• SME cloud adoption on the rise
• New technology emerging: Internet of
Things, streaming digital content…
7. CLOUD STANDARDS
Establishing standards and interoperability
OGCIO:
1. HK/Guangdong Expert Committee on Cloud Computing
Services and Standards
2. Expert Group on Cloud Computing Services and
Standards (EGCCSS)
• Working Group on Cloud Computing Interoperability
Standards
• Study on Cloud Services Assessment Tools and
Certification Schemes
8. INFRASTRUCTURE – DATA CENTRE
DEVELOPMENT
Availability of land and space
• Greenfield Sites in Open Market: 5 tender proposals
received for TKO site bidding
• Redevelopment of Industrial Buildings for Other Uses
• Wholesale and partial conversion
• HK Science & Technology Parks? Or even
Underground Cavern Sites?
11. SECURITY AND CONTROL
Businesses
•Outsourcing:
How to select
a cloud
vendor?
•How to
maintain
direct control
to safeguard
data integrity?
Cloud service
providers
•How to satisfy
data residency
and privacy
requirements
•How to remain
flexible and
provide cost-
effective
service?
Regulator
•Formulation of
relevant
standards and
practices
•Would
sensitive data
end up
overseas?
Customers/end-
users
•Are my data
safe in the
cloud?
•Would I know
if there is
security or
privacy
breach?
12. IMPROVING DATA SECURITY AND PRIVACY
Governance Operation
Governance and Enterprise Risk
Management
Traditional Security, Business
Continuity and Disaster Recovery
Legal and Electronic Discovery Data Center Operations
Compliance and Audit Incident Response, Notification and
Remediation
Information Lifecycle Management Application Security
Portability and Interoperability Encryption and Key Management
Identity and Access Management
Virtualization
Source: Security Guidance for Critical Areas of Focus in
Cloud Computing V2.1, Cloud Security Alliance 2009
13. PRIVACY
Security
Is the data protected from
theft, leakage, spying or
attacks?
What is the level of control
and protection?
Residency
Where is the data stored?
geographically disbursed?
What to do with data in transit
& outside territory?
Privacy
Who can see personally
identifiable information (PII)?
Storing, transferring, locating
and protecting PII
14. COMPLIANCE WITH REGULATION
• Some countries have laws restricting storage of data outside
their physical country borders:
India, Switzerland, Germany, Australia, South Africa and Canada
• EU: Data Protection Directive; Safe Harbor Principles
• USA: US Patriot Act, 40+ states have breach notification laws
(25 states have exemption for encrypted personal data)
• Canada: Freedom of Information and Protection of Privacy
Act
• Hong Kong?
• Section 33(2)(f) of Personal Data (Privacy) Ordinance,
• Guidelines and information via infocloud.gov.hk
15. PERFORMANCE AND
IMPLEMENTATION
• Cost of migration: cloud adoption = downsizing?
• System integration with existing infrastructure
• Other costs: business process transformation, infosec
support
• Service level agreements (SLAs): data security and
system availability
• Interface with customers?
16. WHAT’S NEXT?
• Cloud as the tool for business and process
transformation
• Blurring distinctions between SaaS, PaaS and IaaS
environments
• Level of knowledge of potential cloud customers
• Hong Kong as the Global Cloud Centre?