There has been a lot of buzz about ‘Digital Pakistan’ for a long time. The concept of a large portion of Pakistan becoming a developed nation
The goal of a “Digital Pakistan” is to develop a digital ecosystem with infrastructure and institutional frameworks for the rapid delivery of new digital services, apps, and content. Basically, ensuring that everything is accessible, operational, and easy online. One of the most recent developments in this regard was the release of a draft of Pakistan’s first ever cloud policy on February 15, 2022. The draught of the IT ministry has already been approved by the cabinet, and the administration is touting it as a game changer in terms of digitising the country’s economic and administrative infrastructure.
It is, in essence, precisely what it sounds like. The government is planning to migrate all of its data from hard drives to a cloud-based system, similar to what you may see on your phone with iCloud or Google Storage. However, when big amounts of data are uploaded to the cloud, things become a little more tricky.
The most important aspect of this endeavour will be to ensure that any new data inputs are made straight to the cloud once it has been fully tested to ensure that there are no problems or disasters, and then to develop a staff devoted to categorising and uploading old data to the cloud as well. And, of course, given how important the information being uploaded will be, ensuring that this cloud is encrypted from many ends and entirely secure will be critical. The only question is whether or not this Cloud First Policy is credible.
What exactly is a cloud?
It’s very clear by now that we’re not talking about the fluffy white clouds that occasionally turn grey and rain on us. A wireless ‘cloud’ data storage solution is what we’re talking about. Cloud computing is based on an architecture that allows different services and applications to be delivered directly via the internet. Networking, database, software, and data storage are examples of these services.
In essence, it offers infrastructure that may be used to replace local storage (computer hard drives in most cases). But why can’t we just keep using local storage?
Local storage has served us well in the past, but cloud storage has changed the game. It is more efficient, provides significant cost savings, and provides significantly better data management and protection than most local storage systems. It also has a processing capacity that exceeds that of most local storage systems. It also allows for user mobility because data may be accessed from anywhere on the planet.
What steps have been taken forward?
According to the World Bank, Pakistan is the fifth most populous country on the planet. Furthermore, Pakistan’s Federal government includes 40 divisions and over 600 linked agencies, indicating that cloud computing is widely used in both the public and private sectors.
Unfortunately, the government has not yet been able to fully exploit the technology’s potential. As evidenced by the fact that Pakistan did not make the Association of Cloud Computing Asia’s cloud readiness index, despite the presence of nations such as India, Indonesia, and Vietnam.
The utilisation of cloud services in the public sector is still relatively limited, and most data centers are built to fulfil the needs of a single company. The lack of a centralized cloud infrastructure is preventing the country from reaping the benefits of cloud computing.
In addition, the World Bank’s Telecommunications Advisory Assistance, 5G Readiness Plan for Pakistan study emphasised the necessity for Pakistan to develop local Cloud infrastructure to help domestic organisations and the deployment of associated services such as IoT.
Public sector data needs to be on the cloud
Integration of all government databases to cloud platforms will allow the government to better analyze data, resulting in improved E-Government service quality. Furthermore, a cloud architecture will relieve the national treasury of the cost of maintaining separate data centers for federal institutions and agencies.
It will also serve as a first step in removing administrative and legal hurdles to data sharing across government agencies. This is critical for departments like Nadra and the Federal Reserve Board of Governors, which have rich data that can be used by other government departments and organisations.
“The protections offered by the technical architecture of the cloud and the efficiencies associated with cloud services are only the beginning of the benefits that governments and society can realize by deploying cloud-based technology,” according to the Association of Cloud Computing Asia’s Principles for Adopting Cloud Computing in the Public Sector.
“Today’s revolutionary technologies are mostly fueled by cloud solutions,” the research continued. Policymakers and procurement officers should expect cloud-based technologies to provide solutions that enable governments to achieve their larger objectives as well as the shift cloud computing enables within IT departments and the financial savings that can emerge from switching to the cloud. Only concentrating on moving existing workloads
Will the policy achieve its goals?
The IT ministry’s aspirations for digitalization in three areas – e-government, e-commerce, and e-banking – have been one of the most talked-about topics. These are the three goals that the administration is aiming for.
“It intends to support the Government of Pakistan’s (GoP) goal of promoting E-Government at all levels through IT enablement.” “The Ministry of Information Technology and Telecommunications (MoITT) also aims to reduce Pakistan’s import bills by discouraging investments in organization-specific data centers in Public Sector Entities (PSE) and leveraging the cloud’s economies of scale,” according to one section of the policy draft.
As can be seen, the key goal appears to be to increase the government’s and departments’ digital efficiency and data security while simultaneously lowering the expenses of creating and operating data centers.
However, execution and trust will be the two most crucial variables in this. The policy and its objectives are admirable. The issue is that no government policy asserts that it will not be able to solve the situation.
The MoITT claims that it would really improve the security of government data, which has been subject to cyber attacks in the past. The government recently conceded as much in its National Security Policy, which stated that the government has to invest in technology to construct its Cyber Security Framework since it is vulnerable to cyber assaults from both internal and foreign sources.
“Technical defects of system virtualization could cause several security risks; in addition, immature operation and maintenance technology could result in risks being more serious,” according to the report Security guidelines for big data infrastructure and platform by the International Telecommunication Union. Furthermore, large-scale distributed storage and computing models of big data infrastructure and platforms expose software used in big data management to greater risks of security configuration settings.”
To address the issue of data security, the FPCP has established five data categories and the level of protection that each requires.
Scope, applicability and policy objectives
After it takes effect, the policy will apply to every PSE under the federal government. Furthermore, the policy states that “it will act as a guiding framework for regulated sectors and private sector organizations as they continue to undergo digital transformation.” PCFP is being provided to help Pakistan’s ICT landscape undergo a digital revolution, increase efficiency, offer high-quality service delivery, and stimulate ICT investment. “By the introduction, as stated in the Policy,
According to the Policy, by the introduction of a Cloud system, GoP aims to; (1) Reduce time to procure and time to launch by maintaining a pre-accredited list of Cloud Service Providers (CSP). The accreditation will be done by benchmarking against international quality standards. (2) Reduce the cost of ICT infrastructure by paying only for the services that are utilized rather than incurring high capital expenditure for dedicated infrastructure. (3) To encourage investment in cloud services by local and International CSP in Pakistan. This will be accomplished by requiring all PSEs and public-sector initiatives to prioritise Cloud-based solutions when investing in IT infrastructure, hence increasing demand for CSP services. According to the policy, from July 1, 2022, all new ICT investments must follow Cloud Office’s guidelines.
(4) Assist CSP in realizing economies of scale. Providers will need to scale up their bandwidth and auxiliary equipment as demand for their service develops, resulting in cheaper per-unit costs. (5) Provide end-users with increased information security through cloud options. The policy will lay the groundwork for data classification and segregation.
(6) Use digital government tools to provide citizens with transparency. The public will be able to access organized and easily available data under the Open data category. (7) Increase the use of cloud solutions by switching from on-premises to cloud-based hosting. (8) Encourage digital entrepreneurship by making cloud services freely available. (9) Achieve optimization through resource aggregation. (10) Upskill the existing PSE workforce to create a cloud-enabled workforce. (11) Achieve environmental benefits through resource optimization. (12)Promote a unified approach to ICT procurement among governments and provinces.
Road map for enabling Cloud Computing
Cloud Office will be used to carry out the suggested policy’s implementation. “Planned governance structure would provide the path for developing a structured and formal organisational architecture for cloud governance in Pakistan,” according to the policy.
Furthermore, the Cloud office(s) will be accountable to a Cloud board to guarantee that the policy is implemented smoothly.
The Board will be led by the Secretary of the Ministry of Information, Technology and Telecommunications, and will include province Chief Secretaries or their representatives, as well as two industry experts.
The participation of Chief Secretaries will be conditional on the policy being adopted by the various province governments.
The chart below depicts the operational hierarchy of the Cloud office(s).
Cloud offices will implement key operational steps outlined in the policy framework, including Accreditation of Cloud Service Providers for Government Data, Cloud Service Provider Registration, ICT Audits, Investment Restrictions in Fragmented ICT Infrastructure, Data Classification, Security Framework, and PSE ICT procurement checks.