Close this search box.

We are creating some awesome events for you. Kindly bear with us.

Adoption of multi-tenanted cloud by the public sector – trends and challenges

Adoption of multi-tenanted cloud by the public sector - trends and challenges

benefits of cloud are numerous and familiar to most in the IT sector by now. It
is more cost-efficient than having in-house infrastructure, as organisations
only pay for what they need and use. It is more flexible, enabling
organisations to scale up as and when required, instead of making upfront
investments. It enables them to be more innovative, developing and deploying
applications faster.

But with
increasing popularity of cloud, different models have evolved. There are the
so-called public clouds, where large-scale resources are owned and operated by
the service provider. Some organisations prefer to deploy resources
on-premises, using virtualisation and resource management tools.

Most of the
listed benefits of ‘cloud’ are usually applicable to the public clouds.

OpenGov had
the opportunity to speak to Mark
Ryland, Director, Public Sector Solutions Architecture, at Amazon Web
Services (AWS) to learn about the current trends in the
adoption of public cloud by governments and the perceived challenges from
migrating workloads to the cloud. Mr. Ryland serves as a key interface between
the public sector team and the engineering, security, and compliance teams at

‍Mark Ryland, Director, Public Sector Solutions Architecture, at Amazon Web Services

Data centres and private and public clouds

In view of
the proliferation of many different cloud models, such as public, private and
hybrid clouds, we asked Mr. Ryland as to when can an organisation say that they
are genuinely using cloud. 

He responded with an industry joke about an
organisation with a data centre. One day the sign says ‘data centre’, the next
day it says ‘cloud’. He said that cloud is such a strong marketing term that
people use it to describe things that are pretty far from cloud.

But in most
private clouds built through in-house data centres, chargebacks are not done.

Mr. Ryland
explained the criticality of chargebacks, “If you’re not doing chargeback, then
you’re not building the incentives to use the infrastructure efficiently. The
workload owner is not paying, someone else is paying and very, very few
organisations ever achieve chargeback within themselves.”

expressed his preference for the term ‘multi-tenanted’ cloud for the so-called
public clouds. Because they are not public in the sense that anyone can go and
access the organisation’s data. Specific permissions are required. It is these
large-scale clouds which provide the benefits of efficiency and scale.

“If you
want to take some of the lessons of that and apply it to the private
environment, that’s fine, but most of the big projects where I’ve seen people
try to do that in their own data centers, they generally don’t succeed,” Mr.
Ryland said.

Concerns heard from governments

compliance is an initial barrier for many governments. A few years ago, there
were similar security concerns about virtualisation. But then people developed
familiarity with it, everyone started using it, third-party auditors gave their
stamp of approval regarding safety. Now people are using it, without even
thinking about it as a risk.

Cloud is
going through a similar cycle. But Mr. Ryland said that in his experience, if
there is deep engagement with customers, and they really understand how the
cloud works, then they end up using the platform and realise the benefits very

security is a point of friction and it takes time to assuage those concerns.

point of friction is acquisition. 

Use of a multi-tenanted cloud means shifting
of IT expenditure from planned capital investment to variable operating
expenses. Government agencies already buy some services with variable costing,
like electricity or even certain labour services. But IT procurement has
traditionally been done on the basis of fixed price contracts, capital
investment, systems that were put in place to save money because of cost

“If you
look back 20-30 years ago, you have costs-plus contracts, people will have massive cost
overruns and the government felt that vendors were taking advantage of them. So
they placed a regime and said, ‘Look, we’re just going to pay this much and no

“So, now if
I come to you and say I have a variable costing model – I can tell you
approximately what it’s going to cost but I can’t tell you exactly, that makes
them uncomfortable,” said Mr. Ryland.

But if they
look at the overall savings, the agility and the speed, then those concerns are

To get comfortable
with this variable costing model, two things are required: Fee transparency
from the cloud providers and the ability on the government’s side to set up a
model to monitor usage and adjust according to their requirements.

In fact, if
done the right way cloud could provide governments with an unprecedented degree
of transparency regarding IT spending. Using dashboards, alerts and alarms,
they could discover if some project is going over-budget and take the necessary
corrective actions.

In this new
operating model, cost is dynamic, trackable and transparent and if governments
pay attention, they can use it to cut costs.

sovereignty is one other concern we heard. AWS has a very strong notion of
regions and they do not replicate data outside of a region.  It is done by the customer. 

countries are becoming more sophisticated in understanding what the real
threats are from a cybersecurity perspective.

“When it
comes to more sensitive data, then it can be more challenging.  But even there, many countries, you know,
once they've become more sophisticated in their understanding in what the real
threats are from a cyber security perspective, it's not about physical
location. Nobody has ever done a major cyberbreach by walking into a data
centre and stealing a hard disk, it doesn’t happen that way. So if an
application is connected to the Internet, you have a whole set of threats that
are the same, it doesn’t matter where you are physically located. And it’s
building the systems to protect you against the network-based attacks, that’s
where you should invest,” Mr. Ryland elaborated.

Migration patterns 

start with things which are considered less sensitive, that they’re less
concerned about, such as public facing websites. 

By building the experience and
gaining the knowledge of how to operate securely on a cloud, that helps to
build up the confidence to use and bring more sensitive workloads to the cloud.

They start
thinking this could be useful for workloads like tax collection, that are not
public but have big swings and cycles in infrastructure requirements.

governments are using the opportunity of cloud migration to in-source, as in
cloud applications are being built by their on-staff engineers who would
develop the cloud skills. Entire environments are becoming API-driven, software
defined where engineers are just now calling APIs (Application programming
interfaces) and not building physical things. 
It's about re-skilling people to do more high value things, which means
mostly focusing technical talent on application development and not
infrastructure management – because there's no value creation in
infrastructure.  Application is where
value is created. 

Mr. Ryland believes that cloud is now the new
normal and it benefits a wide range of government workloads. It is progressing
towards the point where governments could use multi-tenanted cloud for anything
short of top-secret workloads.


Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.


CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.


Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit


SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.


HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 


IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.