FEATURE ARTICLE

This article originally appeared in the April 2012 issue of Cloud Computing Magazine.

While cloud computing is still in the early stages of growth and widespread adoption is still several years out, few would argue cloud is a game changer. At this phase in the cloud movement, as cloud-based services are on the rise and service providers continue to emerge, it’s an exploratory time for businesses which areundergoing the validation of cloud.

As the market matures, over the past eight to 10 months, CIOs across industries have been focused on the rationalization of cloud, Dan Kent, the federal CTO of Cisco Cloud, recently told Cloud Computing.U.S. agencies have been one of the biggest adopters of private cloud thus far, leveraging the many benefits associated with cloud computing.

“Businesses and agencies are going through the understanding that the private cloud is a good way to get familiar with the technology and to look at each application specifically – determining which applications should go somewhere other than on their private cloud, and does it need to be customized versus standard,” explains Kent. “They are of course weighing security concerns, which has proliferated this movement to bring private cloud. There is a lot of collaboration in how to move voice and video into these other apps into off-premise environments.”

While a recent IBM (News - Alert) study found that organizations are embracing the pay-as-you-go concept of cloud as a way to reduce the complexity and costs associated with traditional IT approaches, only 38 percent of IT decision makers cited cloud as a leading priority for the entire company.However, it’s clear that cloud will grow exponentially in the next few years – the number of respondents whose companies have substantially implemented cloud is expected to grow from 13 percent today to 41 percent in three years.

“The initial gut instinct is, if I go to the cloud I can bring down my costs…but it almost becomes not the cost of the software or the licensing or hardware, it becomes an operational consideration,” says Kent. “How can I do more with less? It equates to cost and looking at your resources.”

Public vs. Private

Regardless of which cloud modelis best for an organization, all forms of cloud computing are on the rise with many different adoptions patterns are taking hold, according to Rex Wang, vice president of product marketing at Oracle (News - Alert).

“The industry is moving from the early adopter stage to a mainstream form. We see cloud adoption rising rapidly, both in public and private and we see many different adoption patterns, not just one or another since there is not one single model that covers everything,” says Wang. “Businesses want the freedom to make their choices and to even change their mind.”

Companies must consider business criticality of the applications they want to move to the cloud, regulatory issues, required service levels, usage patterns for the workloads and how integrated the application must be with other enterprise functions. But regardless of which model an organization selects after evaluating how to best implement cloud, they are going to make certain trade-offs in either direction.

“What’s great about public cloud is it’s a form of outsourcing. There is a tradeoff between the control you get in private cloud versus the visibility you get with in a public cloud. If it involves integration with your own data center, it’s made easier in a private model,” explains Wang, who says there is currently a wider-spread adoption of private clouds.

With the public cloud, companies are paying for the service as an operating expense, whereas with the private cloud organizations are encumbering both capital expenses and OPEX.

“It’s like buying versus renting a house. The idea that public clouds are always cheaper is a myth if that enterprise has sufficient economies of scale. If they have sufficient scale, private clouds can be cheaper at some point during the breakeven period,” says Wang.

A public cloud can gives companies, especially small and medium-sized businesses, the flexibility they need – but they surrender direct control, according to Steve Garrison, vice president of marketing at Infoblox (News - Alert).

“I don’t have to build it, I can try it. It is that utility mindset. All I really need to do is how to manage that SLA,” says Garrison. “But if I ask for a change, how fast does that happen? The real reason why everybody wants to try public cloud is that it means no CAPEX averted. Because you aren’t building it you are just treating it like a utility, and I am writing a check every month to pay for it,” adds Garrison,a notion that comes with the drawback of not fully understanding what’s happening behind the scenes.

“When I don’t build it, I don’t learn it. I don’t know what’s going on under the hood,” he says.

Another so-called tradeoff is security. The term “cloud security” may sound like an oxymoron. Certainly, we know that cloud computing is imposing change to IT strategies, but is security a real or perceived threat in the cloud, and does a private cloud mean better security?

“There’s perceived differences at least about the security around private and public cloud. It’s a hotly-debated topic, one that is perception-based,” maintains Wang.“In a private cloud, an organization has control of and perhaps greater confidence in security. In a public cloud you are entrusting someone else controlling that for you. There is a basic tradeoff between private and public. We see people adopting both on a case-by-case basis. Organizations are making the decision based on ‘should I put this in my private or public cloud.’ So it’s not a question of which, it’s a question of both.”

In further breaking down the concept of security, there are three core issues that are intertwined, according to Wang: 1) Data loss or unauthorized access because of an attack; 2) privacy and the idea of isolating customer data from neighboring customer data from one tenant to another tenant; and 3) regulatory issues that dictate where data must reside.

“First the technology itself needs to be secure. Next, the data centers themselves that house the technology has to be secure. There is also the physical security of the data itself,” explains Wang.

“Some industries are more sensitive to regulatory issues or are simply more conservative, so they may have a preference for private clouds. They have the resources, the scale and the structure to move in this direction,” Wang concludes. “As far as public clouds – today there are a lot of them and they are quite popular. Public clouds tend to offer one thing and they do it particularly well – it’s a standardized offering.”

Hybrid: The Best of Both Worlds?

As cloud computing matures, the term “hybrid” has taken on an ambiguous connotation – but in its fundamental form, a hybrid model draws on the resources of both public and private clouds. Hybrid clouds can meandifferent things to different people, explains Wang, as there is no such thing as a one-size-fits-all cloud solution.

With hybrid, there is reference to“cloud bursting,” a type of overdraft protection, which allows businesses to move their workloads from private to public cloud, or from within their own data center into the cloud. There is also hybrid across the application lifecycle, which means organizations might do tests in one cloud and might do deployments in another cloud. Another definition of hybrid is one that is used across a business process.

“It’s a little bit like integration across clouds in that you are putting one business process in one cloud, and another part in another cloud,” Wang explains.

In the recent report, “Hybrid IT: How Internal and External Cloud Services are Transforming IT,” Gartner states that although businesses have adopted public cloud services for non-critical applications, they are still using internal IT functions for core capabilities.

“IT organizations are taking an ‘adopt and go’ strategy to satisfy internal customer IT consumerization and democratization requirements,” says Chris Howard, managing vice president at Gartner.

“Many IT organizations are adopting public cloud computing for non-critical IT services such as development and test applications, or for turnkey software as a service (SaaS (News - Alert)) applications, such as web analytics and CRM that can holistically replace internal applications and enable access for a mobile workforce.”

The industry is moving in a hybrid direction since it’s not an “either-or” type of decision for businesses when it comes to private and public models. Both have their advantages and rather than imposing the choice of one over the other, it will be this “hyper-hybrid” model defined by Deloitte (News - Alert), which means multiple clouds must link back to the core and often to each other.

“Ultimately that’s where most people want to go. We see people being able to move workloads around different providers and to do that it requires some standards and management systems that can manage across multiple clouds in an integrated federated manner,” says Wang.

As cloud computing matures and standards become established, it willenable portability and interoperability – which nowstand as an obstacle toward migration to the cloud.

“Today the perfect hybrid is the disaster recovery scenario or the bursting of a certain application at a point so I can expand out if I need to,” adds Cisco’s Kent. “Today, those are the standard hybrid cloud operations. Going forward we are going to see more use cases going into the hybrid model. Still I think a normalization as to what is hybrid cloud has to occur because it means a lot of things to a lot of people.”

As with any new technology, IT decision makers must immerse themselves and understand the context of the user while balancing business needs – a tall order for any CIO. Kent suggests the following best practices:

1)      Get familiar with the technology. The best way to achieve this is through a private cloud or pilot. Evaluate the operational impact on all your systems when you start automating the data center.

2)      Start small. Understand the various cloud offering that are out there. Start with a SaaS (Software as a Service) model or remote storage. Understand the various capabilities in the marketplace. Understand the importance of SLAs (service level agreements).

3)      Go off premise with something that will have a big enough impact so that the organization candecide if they want to get that capability longer term. Don’t jump into cloud and then stop there. Look at your applications based on performance, not just based on cost savings.

Looking ahead as all three models become more defined, Garrison says cloud is redefining the role of CIO.

“We see this moving full steam ahead. It gets back to what’s fundamentally changed in IT, which used to be very rigid with a once-a-year planning schedule. Business units and users now have so much control and choices to do things without IT involved,” Garrison says. “IT has to show value and this is a concern of CIOs. He has to show time to value – by building a private cloud or managing the MSPs outside so IT isn’t just burning up the tools they’ve bought. That’s a cultural change. Cloud makes them interact in a new way.”