Sreedhar Suragouni, Chief Information Officer, Oman Insurance, UAE, in conversation with Abhinav Mishra, Director – Strategy, Vibe Projects, spoke about the challenges organisations face during digitisation, how to overcome them, and the way forward. He also shed light on challenges faced by leaders and means to overcome them by adopting various policies. Here’s the full interview.
Abhinav Mishra: What is the impact of cloud infrastructure on businesses?
Sreedhar Suragouni: Technology, as we know it, has significantly progressed. When products were launched in the BFSI sector, shelf life was often 25-30 years. Today we can’t imagine the speed at which transformations happen across verticals in an organisation. Banks, insurers and retailers can’t stay away from the cloud and digitisation.
The rate at which fintech is driving innovation and bringing in transformation is huge. Today we are in the era of 5G. A few years back, the situation was different; we had to deal with mundane issues such as data storage, security, access control etc. Cloud as we know it is not a luxury but a necessity today.
Abhinav Mishra: Cloud infrastructure has its own set of challenges when organisations try and adopt it. Is this justified? What does it mean for thought leaders, specifically CIOs, about ensuring data safety in the cloud?
Sreedhar Suragouni: Data security, securing vital information is not a new concept. This practice is ingrained in us across geographical boundaries. Cloud security, too, is critical. As a practice, only important data is stored in the cloud. Securing information in the cloud thus assumes paramount importance. Every insurance company, from earlier times, classified the data of their customers as necessary. All processes follow due diligence and ensure compliance with law enforcement.
Earlier, we had the luxury of having data in-premises. The amount of data exposure outside was very minimal. When data began to get transported, it was done in layers. That is when the security detail associated with it increased and became increasingly visible.
Technology requires a well-defined security policy. Security policy is not restricted to giving permissions or maintaining compliance. Data integrity comes under the realm of data security. Application developers need to know that the data by default is already compromised when they integrate a code from a third party. Hackers come from all sorts of backgrounds. If the code is developed in-house, then the authenticity remains. Else it is not difficult to obtain the source code and wreak havoc for hackers.
Also Read: Cloud Computing in the Middle East Fuelling Transformation
Abhinav Mishra: When it comes to data security, can you point your finger on one person who can be the last point of contact?
Sreedhar Suragouni: “Security measures are not just restricted to having a tool. Neither is it the CIOs responsibility alone. It is everyone’s responsibility. Everyone must be equally aware of policies and inculcate best practices to ensure security is in place.”
Nothing is static anymore. We need to ensure the right person is appointed in the right process, and everyone must be made a stakeholder in the security. After all, a chain is as strong as its weakest link.
Abhinav Mishra: What advice would you give to organisations adopting a cloud-first strategy? What should be their policy with regards to manpower, infrastructure and skill development?
Sreedhar Suragouni: Cloud today isn’t about getting trained in one aspect and assuming you have learnt how to master disciplines like DevOps, security, compliance etc.
Services have to be mapped to the right application through the right people. Getting the core team readied in-house can be a good start. Organisations need to ensure the right talent, the right vendors, and the suitable applications all come together. It’s a continuously evolving discipline. Nothing is static. Things are changing along with the times. Approaching tasks with flexibility or agileness has to be continued to ensure best practices.
Abhinav Mishra: What is your opinion on vendor lock-in? Are there any disadvantages to vendor lock-in? Is there any specific strategy to bypass vendor lock-ins?
Sreedhar Suragouni: Vendor lock-in is quite simply a paradox. Having said that, it is also a norm. Insurers today have adopted the best of technology and workforce. Just as there are benefits of having a hybrid-cloud strategy, similarly, there are advantages of a single cloud provider too. Everything has pros and cons.
Vendor lock-in per se isn’t a reason to adopt a multi-cloud strategy. Vendor lock-in is a necessity and is here to stay. A long term lock-in eliminates a lot of pressure regarding the maintenance and upkeep of systems and applications. On the other hand, a lock-in contract for SMBs can have detrimental effects on them. As a policy, bypassing vendor lock-in is not completely advisable. Technology today can’t be without a roadmap. Choosing the right vendors is crucial to an organisation’s success.
The conference was supported by Platinum Partner Nutanix. Strategic Partner Lenovo, Intel, and Enterprise Technology Partner Confluent, Media Partners Enterprise Talk and IT Security Wire. Watch the session here.