November 20179 agreed turnaround time for any change request, bug fixes, and the necessary SLAs. A minimum of two resources is needed and it will depend on the criticality and the complexity of the system. All applications should consider adhering to the OWASP application security risks, CERT secure coding standards, with proper code analysis and application security testing tool (e.g. Check Marx, Veracode). It may be difficult to adhere to secure coding standards for most software as it may have certain legacy components in them. However, it is important to understand their server architecture, including their middleware to sieve through the vulnerabilities that can be at hand.There are companies who may want to consider to move its on-premise solution to cloud hosting, instead of the traditional rack hosting options. Cost, Tier X, SOC X are important consideration factors. Cloud hosting may not be a cost effective option as hosting in Singapore is still much higher than other places around the globe.For SaaS vendors, most are likely to have a negotiated bulk discount deal which give them an edge to compete better.However, companies are still moving towards cloud facilities. It is similar to outsourcing infrastructure to specialized providers.There are some key benefits in moving to cloud:1. Less staff to maintain within a company2. Reduce in the difficulty to recruit and retain technical staff3. Reduce technical expertise which can be in a shortage to maintain and upgrade the system ­ applications, servers, and network4. High Security investment by cloud provider5. Quick ramp up of server, network specification when required during peak periodsKey areas to consider for Cloud hosting provider (e.g. AWS, Azure) will be their accreditation and certification that they have (e.g. SOC3, PCI compliant). For cloud hosting services, we need to consider the ease of administration, which includes data transfer between accounts, key features to be turned on, etc.IT staff should also be trained in cloud provider administration to administer the respective cloud hosting provider if it is infrastructure as a service.On prem hosting will be less favourable especially with companies where getting talents in server, infra, operations, and security are tougher with many digital transformations being underway by private and government sectors.Traditional hosting can also be considered with Tier 3 and Tier 4 options given to customers. Their cost may be more competitive with the introduction of cloud, especially if we need dedicated server hosting option.Most companies should consider traditional hosting and cloud hosting as a blended solution to achieve highest ROI for the company.There is another possibility to integrate with key cloud provider (e.g. AWS, Azure) together with a company network to make it a private WAN environment. This can be achievable from various provider (e.g. CATO). This will enforce another layer of security between internal & public hosted providers.Taking into consideration the challenges of human resources in terms of hiring, retention, and the digital transformation that many are embarking, outsourcing seems to be a must have option. We will still need to have a core IT team within each company to work hand in hand with credible vendor to deliver solutions that meet our business demands. MOST COMPANIES SHOULD CONSIDER TRADITIONAL HOSTING AND CLOUD HOSTING AS A BLENDED SOLUTION TO ACHIEVE HIGHEST ROI FOR THE COMPANYChina's IaaS cloud market forecast has been increased to account for anticipated higher buyer demand over the forecast period. In particular, the larger pure-play IaaS providers in China, as well as other telecom-related cloud providers driving this market, are reporting significant growth.Source: Gartner, 2017Fast FactsJohn Ang
< Page 8 | Page 10 >