By George M. Tomko:
As the hype continues regarding “Cloud Computing”, there are now tales from those who have recently experienced the current offerings of these services.
Also, there are more and more seasoned, veteran practitioners of information technology (“IT”) that have been at conferences, had prosepctive suppliers call on them and, in a number of cases, carefully “dipped their toe” in the water on a self-contained project.
But, at the end of the day, does anyone really know what cloud computing really is? I am sure this video with a number of well-known names will clear it up for you:
httpv://www.youtube.com/watch?v=6PNuQHUiV3Q
Further evidence that the hype is doing little to clarify or capture the mind share of IT leaders, except, perhaps for curiosity, comes from Tim Anderson and his recent post “Cloud Computing Survey: More Fog Than Cloud” :
“…the survey was undermined by the fact that most of those surveyed admitted to not knowing what cloud computing is. The reason is not ignorance, but the many and various ways the term is used. The common strand is that it is something to do with the internet, but even that is undermined if we describe virtual on-premise servers as a “private cloud”.
Looking at it another way, as James Urquhart recently posted: “Cloud computing is an operations model, not a technology”.
And, for now, we need to leave it there. Rather than being dazzled with the details of the underlying technologies that are being strung together to form new product offerings, we should be focusing on what this means for fundamental computer operations.
The first thing that people seem to be realizing is that the vendor-supplier relationship has some new (and perhaps re-ignited old) dynamics that are now highly-sensitised. One of the first that comes to mind is the issue of “trust”.
For IT people, trust is built on a number of foundational elements. In some ways, there is an unspoken knowledge between technically-oriented individuals about whether the person they are dealing with has been-there, done-that, in terms of delivering the “goods” on a project or two. More respected are those that have had to live with their “creations”. That is, they had to stick around and live with the results by supporting things post go-live. In other words, the solution had to work. It is great when it happens that the person(s) you are dealing with on the other side know what they are doing and can back it up with the real-world cuts, scrapes and bruises of putting these solutions in place.
When it comes to something like cloud computing, though, you are not only reliant on others to deliver something (like a product or solution). You are going to be entrusting some very valuable assets (i.e. data) behind the unknown bastions of the cloud sourcer’s world. [I think I just "coined" a phrase: "cloudsourcer".]
As Bruce Schneir put it in his recent blog post:
“IT security is about trust. You have to trust your CPU manufacturer, your hardware, operating system and software vendors – and your ISP. Any one of these can undermine your security: crash your systems, corrupt data, allow an attacker to get access to systems. We’ve spent decades dealing with worms and rootkits that target software vulnerabilities. We’ve worried about infected chips. But in the end, we have no choice but to blindly trust the security of the IT providers we use.”
Of course, the simple recognition that trust is a key factor is not enough. Those of us who have put together and been responsible for large-scale outsourcing contracts know a bit about how bad things can get on the inside of these service delivery “factories”. It is simply a nightmare management issue.
Anyone who thinks that taking out your credit card and ringing up Amazon to stand up some servers real quick probably feels pretty good about not having to traverse the enterprise gauntlet for capital or project funds and their project is well on its way.
But, unless you are a start-up or other entity that has little to no legacy applications, integration issues, highly-sensitive data, multi-national compliance issues, customer service level requirements that you can guarantee to your own customers, etc., cloud computing is going to be something that you nibble around the edges on for a long time. After a while, there will be settling of standards and the market will judge the winners and losers.
But making a full-blown decision now to put it all on the line is simply out of the question. It is not about the paint not being dry. The wall hasn’t even been sanded and primed and is not even ready for paint.
To continue Bruces Schneier’s thoughts:
“Trust is a concept as old as humanity, and the solutions are the same as they have always been. Be careful who you trust, be careful what you trust them with, and be careful how much you trust them. Outsourcing is the future of computing. Eventually we’ll get this right, but you don’t want to be a casualty along the way.”
Is the tide turning against cloud computing? In its present form, I think “Yes”. Already, we are seeing new morphing of the idea of the cloud computing construct known as “SaaS” (Software-as-a-Service). Now, of course, we see “CaaS” for computing-as-a-service as a new marketing spin.
How many names can we give to the old idea of time sharing, network computing, etc.? The answer is probably “endless”. The bottom line is that customers are currently dealing with a curiosity that will someday have to be a bulletproof, industrial strength for of outsourcing. For that, it has a long, long way to go.
I have a lot more to say on these matters as you will see in future posts. Our companion blog, CIO Rant, is also full of some deeper discussion into some of these issues. I invite you to take a look.
In any case, I would greatly appreciate comments, which are easy to post.