Cloud computing is a reality, and it's a force that IT professionals need to quickly come to terms with. The economic and social motivation for the cloud is high, the business need for speed and agility is greater than ever before, and the technology has reached a level in which prudent investments in cloud services are fast and easy. The number of cloud success stories is growing every week.
The cloud is here, but what exactly is it? Where is it headed? What are the risks? And how can IT organizations prepare?
Cloud computing is the use of Internet-based services to support a business process. Cloud services typically have the following characteristics:
* They can be rapidly deployed, so they are quick to value.
* There is little or no start-up cost and no capital investment.
* Costs for services are usage based with no fixed commitment.
* Services can be quickly and easily scaled up or down with no penalty.
* Services are multi-tenant (many customers leverage the platform).
The ability to customize a service is limited.
The cloud lets users contract for services at three levels:
• Infrastructure as a Service : Grids of virtualized servers, storage & networks. Examples include Amazon's Elastic Compute Cloud and Simple Storage Service.
* Platform-as-a-service: The abstraction of applications from traditional limits of hardware allowing developers to focus on application development and not worry about operating systems, infrastructure scaling, load balancing and so on. Examples include Force.com and Microsoft's Azure investments.
* Software-as-a-service: Applications with a Web-based interface accessed via Web Services and Web 2.0. Examples include Google Apps, SalesForce.com and social network applications such as FaceBook
Looking further into the future, standards will emerge that reduce some of the uncertainties of contracting for cloud services.
What Are the Risks?
As with any service, with the cloud you should always make sure that you know what you are paying for and what measurements exist to show you are actually receiving the service. You should pay careful attention to:
* Service levels — Cloud providers may be hesitant to commit to consistency of performance for an application or transaction. Understand the service levels you can expect for transaction response times, data protection and speed of data recovery.
* Privacy — Someone else hosting and serving your data could be approached by the U.S. government to access and search that data without your knowledge or approval. Current indications are that they would be obligated to comply.
* Compliance — You are probably already aware of the regulations that apply to your business. In theory, cloud service providers can meet the same level of compliance for data stored in the cloud but, because most of these services are young, you'll need to take extra care.
* Data Mobility — Can you share data between cloud services? If you terminate a cloud relationship can you get your data back? What format will it be in? How can you be sure all other copies are destroyed?
For a service that's going to be critical to your company, the best advice is to ask a lot of questions and get all commitments in writing.
What are smart companies doing now?
There are a lot of opportunities for IT organizations to leverage cloud services. Many organizations are enhancing their existing infrastructure to take advantage of "cloud bursting"; when you need extra capacity for an activity, you can quickly leverage resources from the cloud rather than investing in those resources in-house.
Development/test and similar activities are also great cloud opportunities, allowing you to reduce capital spending and related data center costs while increasing speed and agility.
Companies that are hesitate to commit data to the cloud are developing models to store production data in their own facilities to ensure they meet compliance requirements while leveraging massive compute resources in the clouds for processing as needed.
Are you ready?
If your organization is just beginning to explore the cloud there are a number of mature cloud services that can be considered "low-hanging fruit," such as e-mail services. But in addition to looking outside, you may want to evolve your internal infrastructure toward a more cloud-like model.
That will likely mean determining what role IT will play in enabling the business models required by today's economy. How will you improve speed and agility? How can you support your business operations with fewer fixed expenses? What will you do to engage a new generation of professionals?
You should define opportunities and work with your customers to understand what services can best meet your needs or fill gaps in your existing IT portfolio.
The first step is to assess your ability to assist in contracting for cloud services. Your job is to make the process simple, repeatable and beneficial to your business.
Second, you need to identify which services can reside in the cloud and which should be internal. Determine what systems and services are core to your business or store your crucial intellectual property. These should be categorized as high risk and not considered cloud opportunities in the near term.
Finally, you need to develop a sourcing strategy to achieve the low cost, scalability and flexibility your business is seeking. This should include all the necessary protections such as data ownership and mobility, compliance and other elements familiar from more traditional IT contracts.
Robbins is CTO for IT at NetApp. He is responsible for identifying and selecting new technologies and establishing the adoption road map and timing for NetApp IT delivery.