Into the Cloud (Part 1)
It "will drive a complete re-think of a client’s IT and operations cost structure," according to Cognizant CEO Francisco d’Souza *; it "allows people to share resources to solve new problems," says IBM’s Jamshid Vayghan; it will lead to a "lucrative period of investment in IT" (technology author Nicholas Carr *) it’s given rise to terms like "cloud sourcing", "cloudburst" and "cloud washing": but just what exactly is cloud computing anyway?
Increasing touted as the next very big thing in information systems technology, cloud computing provides a radical alternative to traditional IT provision in that services are delivered not through an architecture hosted and managed by the user-organization, but via the internet - the "cloud", apparently so named because of the use of a cloud-shape to represent the internet on PowerPoint presentations - and through software and to a certain extent hardware provided by an external party. This creates the potential for vast capital savings, with companies no longer having to invest huge sums in equipment (hardware at the user end becoming little more, in theory, than an interface) and able to streamline the human element of their IT provisions. While throwing up some intriguing new challenges in an array of fields such as security, disaster recovery and contract management, if the more optimistic aspirations for cloud computing are realized, the "complete rethink" predicted by d’Souza will be matched - and almost certainly by some tumultuous times for the global software industry, the opening phase of which is already well under way.
"Cloud computing" in the broadest sense is not particularly new, with successful businesses like Skype and an array of peer-to-peer networks already operating on a cloud model. Google and Amazon are among a range of companies that have set up cloud offerings relatively recently and while service provisions and quality vary considerably (it’s crucial to remember that while growing explosively fast this is still pretty much a nascent sector) there’s no doubting the presence of a substantial - potentially game-changing - market. Individual consumers are increasingly comfortable with the concept of accessing and using cloud-delivered software (with the file-sharing boom of recent years one particularly weighty consequence); this familiarity is being given impetus by the move of cloud computing if not quite into the mainstream then at least onto a higher platform within the public consciousness, with a proliferation of cloud computing blogs and publications hitting cyberspace.
The real revolution for business, however, is occurring at a much larger level, with organizations taking advantage of huge leaps in know-how and capacity to run their systems like lightning in the cloud.
"Cloud computing can be incorporated into (and could simultaneously potentially disrupt) the ‘traditional’ models of infrastructure and applications outsourcing, managed services and software-as-a-service (SaaS) currently offered by services providers," * writes John Madden, research director at Ovum IT services. "At the core, cloud-based services are supposed to reduce upfront and long-term capital IT expenditure in favor of scalable and dynamic IT services that can be dialed up or down as needed, with customers paying only for the IT services they consume… [There is] an obvious effect on services firms’ bottom lines."
The impact on the providers of those IT services, clearly, is potentially huge - but Madden believes that the market remains beset by a degree of uncertainty on both buy- and sell-side.
"Currently major outsourcer are positioning cloud computing as an alternative delivery model compared with traditional outsourcing (either taking over a customer’s IT completely, or running IT on-site for a customer)," he told SSON. "I think in the short term the cloud market is still too overhyped, although it is improving a bit. For that reason I think that in the short term customers may shift individual or discrete computing functions to a cloud model - the long-term impact on outsourcers, and all third-party services providers, is still to come."
A modicum of caution on the part of buyers is easy to sympathize with. While the advantages of cloud computing from a user’s point of view seem relatively straightforward, there are also some hazards upon which organizations of any size require some pretty solid reassurances before handing over control of such a mission-critical facet of their operations. Although CIOs the world over tremble at the prospect of an almighty balls-up under their jurisdiction the comfort of retaining the relevant architecture in-house, of at least knowing your organization has its fate in its own hands, is a compelling one. Concerns over helplessness in the face of a disaster not of one’s own making have always been a challenge for the outsourcing industry; here they’re given added emphasis by the fears over data security (there remains in some sectors an almost atavistic fear of moving core data via the internet) and the trepidation which comes with using such vital part of the business to break new ground before the space matures sufficiently for one to learn from the mistakes of others.
Author and blogger Bruce Schneier, Chief Security Technology Officer at BT, believes that this should not in the end prove an insurmountable roadblock for the cloud juggernaut.
"IT security is about trust," according to Schneier . "You have to trust your CPU manufacturer, your hardware, operating system and software vendors - and your ISP. Any one of these can undermine your security: crash your systems, corrupt data, allow an attacker to get access to systems. We've spent decades dealing with worms and rootkits that target software vulnerabilities. We've worried about infected chips. But in the end, we have no choice but to blindly trust the security of the IT providers we use. Saas moves the trust boundary out one step further - you now have to also trust your software service vendors - but it doesn't fundamentally change anything. It's just another vendor we need to trust."
Engaging this trust, John Madden believes, will of necessity involve a spot of housekeeping on the buy-side: "When there’s outages or hacks into on-demand services like Google (or even Twitter), security is always elevated as a high priority for any customer accessing on-demand services through a cloud model. Any foray into cloud will force customers to ensure that their security, compliance and management techniques are up to par… Whether we need new legislation will depend on how fast the cloud market accelerates in the next few years."
Firms will indeed need to ensure their own house is in order before moving operations out into the cloud - but the onus is clearly also on the providers to demonstrate an ability to maintain rigorous and dynamic data defenses as well as a capital advantage. However, having done so, that capital advantage is likely to prove a powerful weapon while - and after - the world drags itself back up from the economic depths. Although any wide scale transition to a cloud model would have dramatic repercussions for many aspects of the business world, there’s a growing consensus that in the long term the adoption of a cloud philosophy - both within and beyond the computing world - might become the only logical path to follow.
(Read Part 2 next week....)
iii Cloud Computing in IT Services, Ovum, 15 July 2009