Cloud computing is the future but before we start that journey there are a number of issues that need to be addressed. A cloud computing service changes the way people buy IT. Which is both empowering and dangerous. Like most weapons, if you give it to the untrained, somebody is going to get hurt.
Cloud computing, like any disruptive technology, changes the dynamics in a company. Once people only ordered IT from the IT department. Now they can get it from a cloud service provider, without begging for sign off from the CIO or the IT manager. In most enterprises there are already outbreaks of rebellion all over the company. People use cloud email services like Gmail and Hotmail, for example. They watch YouTube videos, go on Skype and transfer data using services like Dropbox.
They don’t know – or care – that they are using cloud services. They are oblivious to the security implications too. All they do know is that they don’t have to ask the IT manager’s permission and, if something goes wrong, the IT manager will fix it.
In some companies, the chief marketing officer (CMO) spends more on cloud services than the CIO or the IT manager– with the official blessing of the finance department.
If you want to understand how cloud computing will affect organisations, examine the history of the personal computer revolution, which had a similar effect. It took IT purchasing power away from the IT experts and gave it to the users. The result was escalating costs of ownership and massive security headaches.
The cloud will bring about similar ‘disruption’, only the effects this time will be more exaggerated, because this generation of IT is even more powerful and penetrative. For these reasons, companies really need an over arching, comprehensive, top-down cloud computing strategy.
The short-term, technology-centric, bottom-up approach to cloud purchasing witnessed in most companies is potentially fatal. It’s akin to the situation in an army where discipline breaks down and the soldiers break rank. History tells us that when this happens to any competitor, their opponents can pick them off. Which, in the case of an enterprise or a company, means that criminals can exploit them, rivals can outmaneuver them and even customers can get the better of them in negotiations.
So a unified cloud strategy is vital. It needs to be top down, rather than bottom up. Leadership needs to come from the management, the people with an overview of the company and a vision of where it should be going.
Having said that, end users are the eyes and ears of the company and a tremendous source of intelligence on cloud developments. This, after all, is the age of the Bring Your Own Device (BYOD) approach to business technology strategy. So some compromise needs to be reached between encouraging end users to learn and bring their ideas to work, while maintaining control of the ship.
In the personal computing revolution, when individuals were reminded of their personal liability over, say, compliance or viral infections or data loss, they were quick to concede control of their machines back to the IT department.
A similar process could see cloud computing reined in under
How? By reminding user of their responsibilities over the following:
Security and Compliance
Cloud computing, by nature of its fluency, introduces more areas of possible contention. The more moving parts a machine has, the more likely it is to have problems. The cloud has many areas of contention in its networks, databases, operating systems, virtual servers and memory management.
Then there are questions about the access to and location of data. If it resides on a server in another country, what regulations is it subject to. Who has legal access to it? Who in your company takes legal responsibility for the compliance of the company cloud?
Service Level Agreements (SLAs)
Buying a service is one thing, but getting value for money is tough when it’s hard to measure how well those services have been provided. And who will enforce the contracts?
Your cloud strategy must cater for drawing up and enforcing cloud SLAs. How do you define the service you want, how do you measure it, what are the penalty terms and how do you enforce them? How do you write SLAs that are clear, explicit and yet concise, while still covering all eventualities? If you haven’t got a good SLA, as rule of thumb, you won’t have a well thought out cloud service.
Private clouds are meant to reach out to public cloud resources rather than limit themselves to internal resources. They will be increasingly shared and/or virtual, as well as managed. Mix and match the various types of hybrid private clouds to fit your particular circumstances.
Have you identified the type of cloud service you want? Public or private? Can you explain the difference to anyone in the company, whether they are from the boardroom or the post room?
What are the principles of public cloud (Standardisation? Virtualisation? An automated data centre infrastructure with flexible, lowcost operations?) Does your potential service provider embody these?
Unless you know the answers, it’s dangerous to commit your company to an IT transformation. You wouldn’t commit your body you a life changing surgery if the consultant was vague about their terms and definitions of success would you? Why risk your company’s future health?
Ask how your public cloud services will fit into your current IT ecosystem.
Public clouds can accelerate participation, but will they take you to a bad place more quickly?
Are you happy that the rapidly evolving social networking and mobile systems won’t spread confusion? Are you sure you are going to be accelerated in the right direction?
If you are going to migrate to the cloud, you don’t want to drag the full baggage of your old IT legacy with you. But what hardware, software, customs and practices do you ditch? What old disciplines should you bring with you into the new world? (These are topics we can expand on in future briefings)
Cloud computing has only just moved out of its infancy into adolescence, say market watches such as Gartner and Ovum. It’s a few years from reaching maturity and not all of the benefits you would expect from a mature market – such as price competitiveness – are available at all times. However, early adoption will bring considerable advantages to those companies that master the challenge. It can be a risky journey, but risk has the potential to bring rewards.