Organizations have used digital transformation as an effective approach to improve their operational efficiency or innovative capacity, particularly since the outbreak of the Covid-19 pandemic. According to the International Data Corporation (IDC), global digital transformation spending is expected to reach US$3.4 trillion in 2026. Meanwhile, because of escalating cyber-attacks, occurrences of natural or political disasters, and other unexpected events, organizations need to build digital resilience to make workloads function as expected and enable quick recovery from failures caused by these types of events. How to realize digital transformation and build digital resilience in the meantime is an important topic for an organization. The cloud technologies can contribute to an organization’s digital resilience in the following aspects:
Agility
Instead of establishing a scalable IT infrastructure, more and more organizations pursuing digital transformation migrate to the cloud or adopt a cloud-native IT environment to achieve new kinds of agility. Per IDC’s forecast, 74% of organizations in Taiwan will adopt cloud technologies by 2024. The feature of cloud services, on-demand delivery of IT resources, enables an organization to react agilely to the unexpected by scaling resources in real-time, reducing unplanned downtime, and ensuring user productivity through applications that are always available and up to date.
For example, the outbreak of the Covid-19 pandemic forced an organization to scale their IT infrastructure and storage up and down for adoption or deployment of remote working, remote conferencing, or remote learning models. On Amazon Web Services (AWS), organizations no longer need to predict future storage capacity as they are adapting to the pandemic-induced disruption by leveraging the operational agility and economic advantages of AWS’s consumption-based model (Pay-as-you-go model).
Resilience
Accessing cloud services at the edge, even in the harshest conditions, helps organizations prepare for, respond to, and recover from natural or human-made disasters that may leave information and communication infrastructures damaged or destroyed. For example, in February 2022 deadly floods and landslides ravaged Petrópolis, a city in southeastern Brazil. With Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), and AWS Snowball, the Brazilian government combined the drone data of impacted land with decades of meteorological data to identify focal areas and focus their resources to provide timely support to those most in need.
The robust and resilient cloud infras-tructure can allow its users to build resilient workload architectures thereon. For example, as of Jan 2023, AWS has spanned 96 Availability Zones within 30 geographic regions worldwide, which compose AWS’s global infrastructure. All zones in an AWS Region are inter-connected with high-bandwidth, low- latency networking, over fully redundant, dedicated metro fiber providing high-throughput, low-latency networking between zones. All traffic between zones is encrypted. The network performance is sufficient to accomplish synchronous replication between zones.
While an organization adopting cloud technologies has the flexibility of choosing how and where it wants to run its workloads, it still needs to have a comprehensive data security policy to ensure the availability of data for workload recovery or restoration purposes. Per lessons learned from the war in Ukraine, local data storage does not necessarily lead to improved data security. An organization first needs to determine the security category of data (such as sensitive and classified), as well as data security objectives, and assign the location of data, data backup policy, and other security and privacy controls accordingly.
Security
An organization can build its security model according to the security pillar of AWS Well-Architected Framework, which details practices of identity and access management, detection, infrastructure protection, data protection, and incident response. Furthermore, an organization can utilize AWS tools to implement Zero Trust on the cloud.
An organization can utilize AWS tools to protect data, detect threats, response to incidents and so on. For example, an organization can use AWS Identity and Access Management (IAM) service to grant execute permission of AWS Backup to perform the backup operation for specific restricted data. It can also use Amazon GuardDuty, an intelligent threat detection service using anomaly detection, behavioral models, and threat intelligence feeds from AWS and leading third-parties, to continuously monitor its AWS accounts and workloads to protect against malicious or unauthorized activities.
Because the agility, reliance, and security of the cloud contribute to an organization’s digital resilience, a cloud-driven digital transformation strategy ought to be encouraged. The relevant authorities may further develop guidelines to help government agencies and enterprises build digital resilience with the cloud for their digital transformation. Meanwhile, the incubation of cloud literacy and cybersecurity talents should be addressed because it is a trend of migrating workloads to the cloud or adopting cloud native IT environment.
