Cloud computing has been an industry buzzword for some time now, but has continued to evolve at quite a pace. Despite this, one of the predominant themes of discussion that remains is how to take advantage / avoid the risks of ‘the cloud’.
The hype surrounding software as a service (SaaS) combined with cloud computing has become almost deafening in recent times. Although it’s great for exposure and recognition, hype can also be a detriment to successful adoption of a solution or a technology. Prospective users can often find this is paired with unrealistic expectations, misunderstandings, and even disillusionment.
No doubt, on paper (or should that be virtual desktop, these days?), the proposition on offer from service providers and the Hyperscale companies, mainly public cloud providers, is tempting. Benefits include limitless compute power, cheaper to run, simple pricing, pay as you use, global access, end-user transparency amongst many more. It does indeed sound like a fabulous club to join.
However, there seems to be quite a few catches that need careful thought before heading lock, stock and two smoking barrels towards the cloud. And most of them have to do with your data. I recommend using the following checklist of nine major topics:
Who in your business ‘owns’ overall data governance and what do they think? IT, Privacy Officer, Security Director, others?
What happens if the NSA or GCHQ want to access your data? Is that a concern?
What happens if you want to change suppliers – either in an emergency, think what happened with Nirvanix or 2E2, or simply because a newer service might be better for your needs – e.g. the recently announced Google Compute Engine or VMware Hybrid Cloud Service?
What data structure(s) will you use? Open standards or otherwise?
What level of performance guarantee and Quality of Service do you have? Like broadband, is your service level dependent on how others choose to use the same Cloud?
Have you considered any network distances involving the speed of light and latency?
Are you going to be breaking any laws - Data Privacy, Data location, etc. – by moving your data to the cloud?
How will you audit your data in the Cloud, or across multiple Clouds, if you need to? If you have one, what does your regulator think?
And, even if the cost for storing it is next to nothing, what does it cost to retrieve your data when you need it? How long will it take?
How to counteract industry concerns
Despite all this, for many workloads, especially those with fluctuating and/or very high scale resource requirements, no doubt the speed and cost benefits do, or will, outweigh any of these risks. And, unlike traditional IT, cloud services don’t have to be purchased by the IT department. So, there is no real way of stopping eager employees even if the IT or security departments have restrictions in place.
Most organisations will suit a hybrid of private cloud offered by Cloud Service Providers who can offer bespoke IT and Applications run ‘as a Service’ in their data centres. Alternatively, the hyperscale players who can offer global economies of scale for IT infrastructure, that are going to be difficult to compete against and replication in any other way is not an option. Obviously, price point has been a huge part of technology investment considerations but as we move out of austerity, the flexibility and agility of elastic computing must be the key considerations for infrastructure. The key to this will be building a data platform that allows the IT department (led by the CIO) to offer users choices of service they have come to expect, but with the appropriate long term risks and the 9 questions above taken into account.
One unique and invaluable aspect of cloud computing is that you can enlist the vendor to help you convince management that the ROI/business value potential is there. By testing the concept first, you can help alleviate fears and hesitation before signing a contract. This can eliminate any questions you have before putting your data in any cloud.
Specifically, ask about the ability to pilot the solution. You may still need to pay for implementation services associated with the pilot, but in the new world of cloud computing, look for proof points and results before you make a large investment.
Over the past 6 months, the industry has heard very few senior IT people recently say they are ‘all-in’ for the cloud. Although slightly ambiguous, one would hope they have thought about what they would do if they decide they need to be ‘all-out’ at some point in the future. The cloud should be an extension of your IT strategy, not a replacement for one.