back to article Singapore wants datacenters, clouds, regulated like critical infrastructure

Singapore's government has proposed amendments to its 2018-era Cybersecurity Bill that would extend the oversight of its cyber security agency to cloud service providers and datacenter operators. A government notice posted late last week explained that the purpose – or part of it at least – is to "look beyond the critical …

  1. Pascal Monett Silver badge

    Interesting

    When will Singapore start considering operating systems as critical parts of digital information management ?

    That's going to have an interesting effect on Microsoft . . .

  2. Nate Amsden

    weird

    Seems all of this should be directed at the companies(Banks or whomever) that are using the providers. The providers have SLAs, and it's up to the customer to determine what SLA is acceptable and how to plan for (or IF to plan for) breaches of that SLA. Even more important for most cloud providers as I have been saying for 12 years now they are "built to fail", meaning you have to build with failure in mind, much more so than on prem (which more often has more redundancy built in whether it is redundant storage, vmware high availability, fault tolerance, high availability networking etc). Things fail in cloud 10x more often than on prem in my 20 years of experience.

    You direct the businesses of Singapore that fall under this to have to maintain some kind of SLA then it's on them to choose providers/design/etc in order to try to meet that SLA.

    If you try to enforce better SLA terms on the major cloud companies they will likely just laugh at you. Even Microsoft tries to tell their Office365 customers to keep backups of the Office365 data as MS is not responsible for that.

    The worst uptime of any company I've worked for was about 20 years ago for me, company I was at provided online transaction processing for major U.S. telco mobile transactions. Our SLA was 99.5% of unscheduled downtime per month, that EXCLUDED 12 hours of scheduled downtime for software upgrades each month. We missed the 99.5% SLA most of the time anyway I think, mostly due to bad software design. I recall one ~30 hour storage array outage, another ~20-30 hour Oracle DB outage(Oracle flew on site, and said there is nobody else in the world doing what we were doing, we were doing it wrong, and to fix our app), another ~12 hour internet outage (due to bad BGP routes sending our traffic to Russia resulting in 99% packet loss), many multi hour BEA Weblogic outages and dozens of others. Learned a lot(critical to my future career, didn't realize it at the time), had fun, burned out hard core though took years to recover. Despite all of those outages never had a single blip in data center availability. If you bought any games/apps/ringtones/wallpapers/etc on the major U.S. carriers 20 years ago those transactions flowed through our systems.

    1. Edward Ashford

      Re: weird

      The aircraft industry avoids doing anything safety related unless the FAA force it to.

      The computer services companies (and their customers) are notorious for prioritising cheap above all else.

      The only surprise is that this didn't come sooner, and that the EU haven't joined Singapore.

      All those points of yours are very valid, but they are all just cost unless there is a regulation to be complied with.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like