Business Cloud News

Mike_MuddToday is the first day of Cloud South East Asia in Kuala Lumpur, and the attendance alone testifies to the enthusiasm and curiosity around cloud development in the region in general and in Malaysia in particular.

One great authority on the topic is the chair of today’s event, Mike Mudd (pictured), MD at Asian Policy Partners LLC. Following keynotes from the likes of Amazon Web Services and the Asia Cloud Computing Association, Business Cloud News sat down with Mudd to discuss the significance of cloud computing standards in the region, something touched upon by a number of speakers.

BCN: Hi Mike. It was pointed out today that there is a slight disparity between the enthusiasm for the cloud in South East Asia, and the pace of actual adoption in the region. What would you say the big impediments are?

Michael Mudd: Well there’s the general one which is what I’ve described as the ‘trusted cloud’. This encompasses two things. One is security, and the other is privacy. The other issue however is that, only really half of the region here has adequate data protection rules. Some have them on the books but they’re either not enforced, they’re enforced laxly, or they are only applicable to the private sector, and not applicable to government. This is quite distinct to privacy laws in say Europe, where it goes across all sectors.

In addition, in certain countries, they’re trying to say that you cannot send any personally identifiable information across borders. This is important when it comes to financial information: banks, insurance, stock exchange, this type of thing, as well as healthcare.

And are regional governments taking up the cloud in general?

Forward looking governments are. Singapore, Hong Kong to a certain degree – but there’s not an idea of a ‘cloud first’ policy yet. It’s still very much ‘hug my server, build my data centre etc..’

From the point of view of the regulators, particularly the financial services, to do their job they’ve got to be able to audit. And one of the things they consider important to that is being able to physically enter premises if required. Certain jurisdictions want to see servers. If the data is in the cloud, then that too is an issue, and something that has to be addressed.

Do you think that the new Trans-Pacific Partnership could provide a way out of this impasse?

What has been drafted to my understanding (though we’ve still got to see the details) in the TPP, is wording which will enable or should enable cross border data flows to work far more easily. Again it was only signed two days ago so we don’t know exact words. (Like all trade negotiations they’re done in confidence – people complain they’re done in secrecy but all are done in the same way.)

Why is this so important?

From the point of view of cloud computing, this is new. Most trade agreements deal with traditional things. Agriculture being the first trading product, manufacturing the second, the third being services, but the fourth one is the new one: trading data, trading information, flowing across borders.

It actually goes right back to the very beginning. Information’s always been important for trade: being able to have a free flow of information. I’m not talking about security or government: that kind of thing is always sensitive and will always be treated separately as it should be, but commercial information is very important. It’s the reason your ATM card works here as well as in London. That’s a cross border data flow of information!

Standards are only just emerging. We obviously have technical standards – their objective is to enable interoperability between disparate machines. Those kinds of standards have been around a long time – they’re based on industry protocols etc. What have starting to come up now are management standards, standards coming out now very specifically for cloud.