Microsoft trusted cloud
Introduction to Cloud in the Philippines
The Philippines is undergoing a rapid transformation powered by new technologies. In a market with 45 million internet users and increasing support from policy and regulation, organizations across the country are looking to harness new technologies to empower their people to achieve more.
No technology is playing a bigger role in the digital transformation than cloud computing. Cloud adoption in the Philippines is seen by both government and business as a key driver for the country’s economic growth. Indeed, the market in the Philippines is ideally suited to the adoption of cloud. The recent increase in cyber-attacks has led organisations to seek technology solutions from trusted cloud services providers who can deliver a high level of security protection. Similarly, organizations are looking at secure and efficient tools to cater for the growing “work from home” culture, in which employees regularly need to access their organisation’s IT infrastructure from remote locations to avoid the worst of Manila’s rush-hour traffic.
An increasingly innovation-friendly regulatory environment has driven the adoption of cloud solutions across all the sectors. Policy-makers in the Philippines have opened the door to cloud adoption. The Department of Trade and Industry has adopted Microsoft Office 365; the Department of Budget and Management has successfully modernised and simplified its budgeting process by adopting Microsoft Azure, leading to greater efficiency, employee productivity and transparency in governance; the Department of Agrarian Reform has migrated to Microsoft Cloud, making its case-management system more reliable as well as substantially reducing maintenance costs. Meanwhile, in the private sector, organisations such as Vibal Publishing House, Inc., a leading publisher, has combined open source technology with Microsoft Azure for more efficient delivery of digital learning tools to gain greater flexibility and deployment of its applications. This has led to a host of improvements, such as faster turnaround period for the business and an improved user experience for its customers.
These are just some of a growing number of examples of organizations and institutions that are adopting cloud, not just for efficiency and cost savings but also to achieve strategic business objectives and to enhance levels of security and privacy compared with existing on-premises solutions.
Regulatory Deep Dive
The pace of cloud adoption in the Philippines has, in the past, been slowed by concerns and misconceptions about the regulatory environment. The misconceptions have led certain organizations to mistakenly believe that the use of cloud services was prohibited by law. The concerns focused, in particular, on the ability of cloud services providers to ensure a high level of security and privacy compliance. That has now changed as various new regulations and guidance across sectors, together with public sector leadership in cloud adoption, make it clear that organizations can move to the cloud in a way that meets all applicable security and privacy requirements. Indeed, cloud services from leading providers such as Microsoft are now recognized for their ability to offer levels of security and privacy compliance that exceed those available via on-premises solutions of even the most sophisticated organizations. As a result of these developments, the Philippines is increasingly regarded as an innovation-friendly environment for the adoption of new technologies such as cloud computing. For example, the primary financial institution regulator in the Philippines, Bangko Sentral ng Pilipinas (BSP), has issued a circular which expressly permits the use of public cloud services.
At Microsoft, we welcome these positive developments, which have brought greater clarity to the regulatory requirements for the adoption of cloud. In fact, we are pleased to have already participated in a large number of compliance conversations with customers and regulators across sectors. Through these conversations, we have developed a broad range of materials to help our customers move to the cloud in a way that meets applicable regulatory requirements in the Philippines, such as product checklists, which map Microsoft's cloud services against the underlying regulations, so that organizations can be confident that their use of Microsoft cloud services meets the necessary requirements. We are delighted to share these materials via this guide.
As in many other countries, the laws governing the adoption of cloud computing fall into two categories – general privacy laws and regulations that apply generally to all organizations; and laws and regulations that only apply to organizations within specific sectors.
In the Philippines, the Data Privacy Act 2012 regulates the collection, recording, organization, use and processing of personal data. It imposes obligations on organizations concerning matters such as notice, consent and purpose, disclosures, international transfers, security, data retention, data subjects' rights of access and correction and subcontracting. The National Privacy Commission oversees the Data Privacy Act and its Implementing Rules and Regulations (DPA IRR).
In addition to general privacy laws, specific requirements may apply depending on your industry sector. You can find out more about the requirements that apply in your industry sector by selecting from "Industries" on the top right hand corner. More industries will be added to this guide over time.
About Microsoft's Trusted Cloud
Protecting you from external cyberthreats
Our comprehensive approach to security helps protect your data wherever it may be - in a data center, on a phone, on a desktop, or in transit through the internet.
Privacy and control
Giving you control over access to your data
At Microsoft, we invest heavily in technology development and practices to ensure we actively protect your privacy and provide the necessary tools to control both the privacy and administrative aspects of the data you put in the Microsoft cloud.
Unparalleled investment in meeting global standards
We are proactively adopting new certifications and partnering with regulators and standards bodies to develop new regulation and standards when we identify opportunities to increase digital privacy and safety.
Clear insight into our policies and procedures
We work tirelessly to increase not only our own transparency, but the transparency of the industry and its regulators. We submit to third-party audits and publish reports detailing government requests for customer data and notify individual customers where possible.