||Add To My Personal Library
October 23, 2009
Vol.31 Issue 26|
Page(s) 38 in print issue
Prepare Your Enterprise For Cloud Computing
Plan Carefully Before Beginning The Transition
As cloud-based computing infrastructure continues to expand its influence, IT managers are challenged to build a realistic roadmap for implementing it. Despite old assumptions that cloud computing solutions can simply be farmed out to any third-party provider and subsequently forgotten, the reality is significantly more involved. Plan carefully to avoid busting the budget, missing the target, or both.
• Choose a few commodity service scenarios, such as email, seasonally impacted applications, and test environments, for earlier migration. View cloud-based infrastructure as complementary, not a mandate for replacement.
• Avoid vendor lock-in at all costs. Make sure repositories are easily pulled back for disaster recovery as well as application migration.
• Security is a little different in the cloud. Leverage already-existing security processes and frameworks to ensure consistent data and application integrity during and following migration.
The benefits can be significant. Peter Coffee, Salesforce.com’s director of platform research, says over time, common IT needs such as email and personal productivity tools will increasingly be served from the cloud.
“The capital costs and continuing labor burdens of buying and operating servers, applying security patches, and running the costly and fragile stack of middleware to support modern collaboration capabilities are obvious targets and are being blown away by rapid adoption of services such as Gmail and Google Docs,” says Coffee.
Not So Simple
That optimism, however, is tempered by the inevitable realities of delivering any IT service in a modern business context.
“As IT resources move into a cloud environment, things get a bit complicated,” says Agatha Poon, senior analyst for enterprise research with Yankee Group. “There is also confusion about which type of cloud needs to be secured, and how much security is necessary.”
Despite the myriad choices that face IT planners—private cloud vs. public, complete migration vs. integration of existing applications into cloud-based infrastructure, virtualization strategy and end-user training, for example—cloud-based initiatives are little different than any other IT investments. They demand an up-front strategy. Ilan Sehayek, CTO of Jitterbit (www.jitterbit.com), says they also demand up-front goal definition.
“A plan for integrated cloud computing must be implemented within the context of the organization’s overall business strategy,” says Sehayek. “Without such a plan, organizations are likely to end up reimplementing and migrating from standalone implementations in the future.”
Setting realistic goals is critical because it establishes a baseline for measuring post-implementation performance. Sehayek says productivity improvements can make for solid business cases.
“Organizations may not be able to completely free IT from any involvement, but look for productivity gains of 50% or more—it’s about a visible overall improvement,” he says. “If approached with the right plan, meeting these goals should be very achievable.”
Those goals should be fairly targeted toward specific applications and use-cases that can benefit most from migration into the cloud, says Mike Ferris, director of product strategy at Red Hat (www.redhat.com). Avoid the temptation to make everything cloud-enabled.
“Consider seasonal demands, cases which require peak loads that may not justify capital expenses, or even project-based activities which have high variability in the types of resources,” says Ferris. “Migrating development and test environments to the cloud is a common first step.”
Cloud-based solutions aren’t immune to security-related concerns, so organizations considering them must incorporate security into their planning processes. Vaclav Vincalek, president of Pacific Coast Information Systems. (www.pcis.com), says the risk is easy to understand: If your company can connect to something in the cloud, anyone else can potentially access it, as well. This doesn't, however, render the cloud inherently less secure than more conventional infrastructure.
“Cloud computing has the potential to be even more secure than what companies can provide in-house because cloud computing vendors can bring economy of scale, with higher-end technology,” he says. “If a business is considering moving to the cloud, they should be asking the cloud provider how they provide security. They have a firewall, but how is it configured? Do they have an intrusion detection system? How would I know if there’s a security problem? Does this cloud provider offer backup and restore capability on your behalf?”
Vincalek says security planning for the cloud isn’t much different from security planning for conventional architecture. Whatever questions you’d normally ask your own IT people, he says, should also be directed to the cloud provider. Security goes hand in hand with data portability. According to Joe Cooper, CEO of Virtualmin (www.virtualmin.com), a company that provides software to help build and manage cloud-based services, vendor lock-in is a significant risk.
“Data portability should be the first thing you ask of your cloud-computing providers, and if you don’t like their answers, talk to other vendors,” he says. Once openness is assured, Cooper recommends building a go-slow adoption framework.
“The best success stories we’ve heard, so far, are companies that have approached the cloud as one more option for deployment and development, rather than as a mandate,” says Cooper. “Cloud-based services are powerful and potentially much more effective than in-house deployments, but they are also disruptive to business as usual. So, use the cloud for new services and the new capabilities it enables, without feeling guilt that 95% of your infrastructure is still old-fashioned and not ‘in the cloud.’ ”
Keep It Methodical
Cooper adds that gradual adoption also allows companies to identify which providers are really looking out for their best interests and which ones are best equipped to deliver open standards and data portability.
Yankee Group’s Poon says as important as it is to focus on technologies, processes, and vendors, the human factor cannot be ignored, either.
“Organization readiness will have a ripple effect on enterprise use of innovative technology and solution,” she says. “Problems often arise when enterprise IT overlooks the diverse needs of internal users and tries to force the new solution onto users who simply consider it as a disruptive force to upset the status quo.”
Although this doesn’t mean companies should avoid pursuing innovative solutions, Poon adds, it does reinforce the importance of preparing employees for any significant changes to infrastructure. Ultimately, how any solution—cloud-based or not—is leveraged by your people will largely determine how successful it is.
by Carmi Levy
Join Forces With The Business |
Like any IT-implemented solution, cloud-based initiatives can’t simply be implemented based on simple performance-based metrics. Partner with the lines of business to better understand the ROI of potential projects and build solid business cases for them.
“For cloud computing to be effective, it needs to be connected to the rest of the enterprise rather than being an island,” says Chandar Pattabhiram, vice president of product marketing at Cast Iron Systems (www.castiron.com).