This page contains a Flash digital edition of a book.
Cloud Industry Forum Cloud Solutions


DILIGENTLY THE DEVIL IS ALWAYS IN THE DETAIL


RESEA R CH C LOUD SOLUTIONS


Andy Burton cuts through the hype of Cloud


computing and offers up his advice regarding rational deployment decisions


While adoption of cloud solutions should look attractive to organisations on many levels – the achievement of flexibility, ease-of-access, imme- diate scalability, agility and cost efficiency using pay-as-you-go practices – there are equally a number of delivery aspects and accountabilities that cloud computing can touch upon that are not as intuitive and require a deeper considera- tion before contracting.


These aspects are critically important in making rational deployment decisions but are rarely given suf- ficient consideration compared to the positive hype that is so readily peddled. Anyone considering cloud services adoption must assess their decision not just on the technical constraints and requirements but also ensure they have understood the impact upon IT Strategy, IT Security, Service Contracting and Software Licensing in order to avoid pitfalls at a later date.


To put these facets into context let’s consider them in turn:


CLOUD IMPACT UPON IT STRATEGY Any one organisation based on the different applica-


tion areas and operational needs are likely, over time, to www.cloudcomputingintelligence.com


23


have a combination of on-premise, hosted, Software-as- a-Service (SaaS) and private/hybrid Cloud solutions. In fact, this is likely to become the norm and therefore a key issue in future IT strategy has got to be in demon- strating good governance of IT across a broad distrib- uted network and variety of managed and unmanaged deployment options. As such, clarity of controls, end- to-end monitoring, alerting, reporting and operational transparency are going to be key to effective IT delivery to ensure that in driving up efficiency and driving down costs, that new risks are not created due to lack of skills or tools to manage the new order of IT services. Equally, due consideration has to be given to inter-operability/portability of data to ensure that where IT applications are delivered as a service that the data owner is able to leverage maximum efficiency between on-premise and hosted services to avoid unnecessary replication or re-entry, and that data is fully recoverable in a usable form at the end of any contract term. A further consideration as part of the IT strat- egy has to be that of Disaster Recovery or Business Continuity. Some organisations use cloud as a fall back solution, others as a primary, but in either event under- standing the business continuity risk and requirement is still essential.


CLOUD IMPACT UPON IT SECURITY While security is not an issue that is wholly related to


any specific IT deployment models, it is an issue that attracts a great deal of FUD (Fear, Uncertainty and Doubt), and coupled with the nascent market conditions for cloud, there are many myths vying for legitimacy in regard to security concerns related specifically to cloud based solutions. Security has to be a proactive compo- nent of all IT operations regardless of delivery model and to be effective it has to embrace policies, practices, tools and training. There will always be those that argue that Security is easier when you have direct access and ownership of the IT equipment (favouring an on-premise approach), and there will equally be those that argue that professional cloud providers are likely to run their Datacentres to higher standards of security than the average company can afford to deliver for on-premise IT. Either in isolation is not a valid argument, When assessing cloud-based solutions it is equally important to understand with crystal clarity the accountabilities of the parties. In a SaaS delivery model, it is likely that all but password creation is in the hands of the service provider, whereas in an IaaS model the end user is likely to have root access control to their infrastructure and therefore are responsible for defining and managing the bulk of security practices.


January 2013 CCI Magazine


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68