You are on page 1of 25

White Paper

Cloud Computing –
Still a Long Way to Go
About the Author Abstract/Executive summary
The global recession has taught the IT world to strike the economical balance by
optimizing their hardware, software, tools, hosting environment and services to
render highly acceptable, dynamic, speedy and flexible support to the business to
help them sustain, survive in one of the most difficult economic situations and still
continue to create competitive advantages in market place.

Sunil Tadwalkar is electrical engineering graduate, Although in global recession the IT organization’s primary objective is to keep the
working as practice Head in Mahindra Satyam in lights on, it is not stopping them to look at other innovative approaches of using
corporate solution group. Sunil has over 11 years of
process automation, virtualization and cloud-computing to leverage from best
experience in different capacities primarily in the
areas of Program and Projects Management, Focused available technology to address the highly dynamic, and volatile business needs.
Initiatives, Global Business Delivery, Quality and IT Such innovative approaches are meant for reducing the Total Cost of Ownership
Consulting, service offerings, resource management,
mentoring and training. He is certified PMP, CQA, (TCO) as well as cost of operation and maintenance (OPEX) of IT functions drastically
ITIL, CMM, CMMi, PCMM, ISO9001, Tick-IT auditor. in a break through manner. As a result business dynamism, cost and technology is
driving the next generation of IT services to be delivered.

The world is becoming service centric and each of the IT component such as
application, tool, storage, server purchased by the enterprise will need to
demonstrate its value against the business dollar spent on each of them. Just in
time service with lightening speed accompanied with enormous amount of elasticity
is what business is expecting from IT to deliver from now onwards.

Cloud computing is a logical evolution and innovated version of Information


Technology delivered from a popular web enabled (Internet based) world to the
entire business world and social community. In its nascent stage, cloud computing
addresses the emerging need of Hosting, Managing and Delivering (HMD) software,
application, platform and infrastructure in ever needed service format that too on
the basis of consumption or usage. Most fascinating part of cloud is that, organizations
can pay to cloud vendor on a pay as you go basis or pay per user or pay per
transaction.

With such a wonderful means of delivery without asking upfront any investment,
it would not be surprising if there are big game plans already under way by Cloud
Vendors to make cloud computing environment viable for every piece of technology,
application, tool and hosting environment in an integrated and secured manner.
The biggest Unique Selling Point (USP) of cloud computing is traded on the basis
of its ability to quickly respond to demand spikes and host new business application
faster without the need of internal IT department. The mind share of IT world is
towards separating applications and services from the underlying infrastructure so
that IT departments can be more flexible in supporting the business

Inside the Issue: Abstract/Executive summary ..1 Introduction ..2 What is cloud computing? ..4 Cloud computing models ..5 Cloud
representation as per need of organization ..6 Virtualization and cloud computing ..8 Compliance and Regulations
on cloud computing ..9 Deploying cloud ..10 The IT players in Cloud computing ..12 Adoption of cloud ..13 How
to get prepared for cloud computing services ..14 The cost of cloud computing services ..17 Some deployment
stories ..18 What the IT world is gaining ..19 What are the existing and future challenges? ..21 Steps towards
meeting the challenges ..22 In summary ..24 References ..25
White Paper

Cloud computing offers huge revenue potential as a sky line business at a time
when traditional wire line business is shrinking. Although for some aggressive IT
organizations (such as BT) use of cloud computing services is at concluding stage of
their pilot, for rest of the IT firms it is at the stage of starting of pilot or in the
middle of running pilot. It is forecasted that in the next two years more than 16% of
IT professionals in U.S., U.K., Germany, and Japan will plan to invest in cloud
computing, according to a survey conducted by Harris Interactive and sponsored
by Microsoft. It is also expected that around 10 to 30 % of the IT budget meant for
building application and services to support the business will provide considerations
for cloud computing environment.

Technology and business work hand in hand for each other in many ways and both
provide advantages and disadvantages to each other. Cloud computing is changing
the way business is done by offering scalability, flexibility, speed of operation along
with positive impact on CAPEX and OPEX. On the flip side since it encourages
open standard like internet it makes the cloud customers difficult to exercise control
with their cloud vendors. Moreover conformance to regulatory compliance and
security standard, Data privacy, confidentiality and security are few questionable
issues yet to get addressed.

Cloud computing is changing Gartner predicts the market for cloud products and services will move from US$46.4
billion last year to US$150.1 billion in 2013. Also according to an October 2008
the way business is done by report from IDC, customer spending on IT cloud services (business applications,
offering scalability, flexibility, application development/deployment, system infrastructure software, storage and
speed of operation along with servers) will grow almost threefold by 2012, to $42 billion. IDC said the growth of
cloud services "is being driven by the ease and speed with which users can opt with
positive impact on CAPEX and
better economic benefits especially in current economic condition." Gartner expects
OPEX. a 21.3% revenue increase in 2009 to $56.3 billion, and Merrill Lynch forecasting a
$160 billion market by the close of 2011. A new study commissioned by Avanade
shows a 320% increase over the past nine months in respondents reporting that
they are testing or planning to implement cloud computing. Each firm uses different
definitions behind cloud computing, which helps explain the wide variances in
market sizing estimates.

The white paper elaborates on concept of cloud, types, and forms of deploying
services, early adopted, cloud vendors, and tips on selecting vendors. Finally it
touches on existing and future challenges.

Introduction
In last few years ,business spectrum and consumer pattern all over the globe has
turnout to be highly demanding in nature with the recent addition of new challenges
such as recession, economic meltdown etc. The survival of business is weighed on
its ability to change rapidly along with business climate. CIOs and CEOs have been
asked to get in to the habit of doing more with fewer resources by challenging their
efficiencies, and productivity. They are also compelled to serve every new business
requirement with innovation and idea which is never been implemented by any of
their competitors. The IT functions which are amalgamated with business have
started facing herculean task to manage with decreased trend in capital and operating
cost along with demonstrable value, although there is steep increase in demand for
new business processes to support.

2
White Paper

The mantra of doing more and more with less resource has transpired technology
experts to reinvent the wheel to deliver IT applications to the business. There's a
shift away from building and owning IT assets to purchasing services as a way to
reduce costs. Virtualization and cloud computing have been the new IT landscape
which offers fundamentally faster, scalable and more cost-effective alternative to
on-premises application development , deployment and servicing solutions which
you can virtually avail from any location all over the globe.

Cloud computing is transformational platform which hosts practically every piece


of hardware, software, tool, applications without looking at its origin, color,
community etc. The cloud computing has a store for accommodating every size of
business IT function how so ever it is small, medium or large and yet take any
transient load during spike demand. Due to this cloud computing is moving from
its pilot stage to deployment and further to service the business as and when needed.

Virtualization allows the There are some outstanding issues and challenges which cloud computing
technology needs to address in next 5 years and they are relating to security and
sharing of infrastructure to privacy of business data in remote 3rd party location, dreaded concerns about
improve utilization rates; platform lock-in, worries about reliability/performance, transfer of data to third
service automation and party, regulation etc. Cloud vendors are already addressing them on top priority
and as the industry matures the solutions will be available to plug in those loop
change management tools
holes
ensure IT processes are run in
Cloud computing doesn't just have technology aspects but profound business aspects.
a standardized way; and
It's a new model for delivering and consuming IT more efficiently, in turn reducing
non-differentiating business CAPEX and OPEX by making use of economies of scale. Many of the technologies
services like email, payroll, to enable cloud computing are maturing. Virtualization allows the sharing of
development and test are infrastructure to improve utilization rates; service automation and change
management tools ensure IT processes are run in a standardized way; and non-
being standardized and differentiating business services like email, payroll, development and test are being
outsourced. standardized and outsourced.

Any web-based tools and collaboration tools can be effectively hosted in the cloud.
Visualization services over the Internet of complex data correlations can also be
done in the cloud.SOA is a good way of preparing applications for delivery in the
cloud. Cloud drives companies to accept standardization. One can look at IT
landscape; what is not managed efficiently and what isn't providing a strategic
service to the business, then develop a transformation plan for these services to
move to the cloud. If you standardize the business processes and every new
application by moving to cloud then the cost reduction will follow.

Research and analysis firm Gartner has released the Hype Cycle report for 2009,
which evaluates the maturity of 1,650 technologies and trends in 79 technologies.
The report which covers new areas this year defines that the Cloud computing is
the latest growing trend in the IT industry, stating it as 'super-hyped'

Google Inc., Microsoft, Yahoo Inc. and a handful of other vendors will invest about
$5 billion this year to build out the infrastructure to sell IT through the "cloud,"
according to Gartner Inc. by 2009.
White Paper

What is cloud computing?


Internet to cloud computing
The invent of internet taught IT world how to use the front end of business
application at the ease of browser but the control of data ,application, its storage
and deployment was still resting in individual premises of every organization. It
was a need of time that business house were looking for someone to help them in
developing, installing, configuring, testing, staging, and running their hundreds of
business application from SAP, Microsoft, and Oracle in failsafe environment with
lesser time and headache which can minimize their cost of requiring office space,
power, cooling, bandwidth, networks, servers, and storage etc. Business houses are
increasingly focusing on core competencies and business priorities by handing over
IT functions to third party vendors as much as possible.

You don’t have to worry Cloud-Computing: a new mantra


Cloud computing derives its name from cloud which represents data centers,
about performance issue
technologies, infrastructure and services delivered through internet.Cloud
when business transactions computing is defined in many ways by many experts. For someone it is a set of
goes up, it is automatically disciplines, technology and business models used to deliver IT capabilities (software,
taken care of. Moreover you platforms, hardware) as an on-demand, scalable, elastic service.

don’t have to worry about up For others cloud computing is, “A mode of delivering services on a scalable and
gradation of your hardware, virtualized infrastructure using Internet technologies." It hosts customer’s business
application in scalable platform and bill it as per usage or consumption. It’s a way
software, tools or hosting of delivering business value by speeding –up efficiency and productivity
environment for that matter.
Cloud computing is a computing model that lets you access shared IT resources in
service format as per your need ( hardware, software, tools and storage) over the
Internet, without having the need of buying, installing, maintaining and managing
them of your own. Eventually you don’t have to run your application on your own
platform and with your own data centre. Just subscribe it, log in, customize it and
start using. You will get billed as per the usage, that is all … you don’t have to
contact your IT department to host the application. All this will cost you dramatically
less and with greater performance. You don’t have to worry about performance
issue when business transactions goes up, it is automatically taken care of. Moreover
you don’t have to worry about up gradation of your hardware, software, tools or
hosting environment for that matter. Risk of technology obsolescence is none.

Cloud features
The cloud really touched on several concepts: interoperability, workload
redistribution, monitoring and scaling. Interoperability allows users to run the
application anywhere which is built once. Workload redistribution enables movement
of an existing process from one cloud to another in a seamless manner and relatively
quick.

Services delivered through cloud


Cloud can deliver multiple services in mass scale ranging from communication,
collaboration , training, social networking to hosting business applications more
over cloud infrastructure can be used for online backup solutions and storage
services, Cloud computing is a pay-per-use model for enabling available, convenient,
on-demand network access to a shared pool of configurable computing resources
(e.g., networks, servers, storage, applications, services) that can be rapidly
provisioned and released with minimal management effort or service provider
interaction.
White Paper

Cloud computing models


The dominant or proven services model on how computing services will be delivered
in cloud is yet to get established since most of the services are getting tried and
tested. Currently it leaves with numerous choices to those who are opting for
cloud services. Various versions of models may emerge in near future with
combination of multiple service packs suitable for every size of industry (such as
small, medium and large). Also in the form of hardware, software or platform which
can be hosted in cloud computing environment and serviced to IT customer. The
service component is made available through on demand services model or
subscription based model.

Enterprise cloud computing model


Today very few cloud computing solutions are enterprise ready since there are
outstanding issues on movement of large volume of data and multiple applications
on multiple platforms, data security, storage, and archiving information
confidentiality, regulatory and change management as well as limitation on hosting
of certain business applications ( not all)which needs to be addressed. Cloud has to
turn out trustworthy for business class and critical application computing since all
of them would be crossing the fire wall. Enterprise is also looking for stringent
SLAs, bandwidth and extensive support (24X7) for critical applications.

Flavors in cloud computing


Cloud computing takes multiple routes and formats while delivering the services
since it accommodates host of IT components such as infrastructure, platform,
software’s etc. On a major scale the cloud services are delivered in three formats
The beauty of IaaS is that, it such as Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service
caters for any transient spike Infrastructure-as-a-Service
in demand within no time Infrastructure-as-a-Service (IaaS) is one category of cloud computing offerings that
without the need of making make basic computational resources — such as storage, disk space, and servers
available as per service demand eliminating the need for installing physical machines
extra provisions.
at cloud customer’s premises. IaaS eliminates the need of capital expenditure towards
buying the infrastructure components by the organizations when they want to deploy
their large scale applications.

Since IaaS service is available on the basis of pay-as-you-go, it allows companies to


scale up and down as per their real-time business needs, rather than having to pay
up front for entire infrastructure that may or may not get used. The beauty of IaaS
is that, it caters for any transient spike in demand within no time without the need
of making extra provisions. This is a very attractive proposition for the small and
mid size businesses. The players who provide such services are Akamai ( for Net
Storage and CDN services),Amazon ( for Elastic Compute Cloud/EC2 and Simple
Storage Service/S3), Go Grid (Cloud Servers and Cloud Storage), Joyent (Accelerator).

Platform-as-a-Service
Platform-as-a-Service (PaaS) is one of the fast-growing service flavors of cloud
computing which offers scalable, quickly and easily deployable web platform.
Although large scale enterprises are running multiple business applications on
multiple platforms, PaaS provides them solution for running their business
application on every latest version of platform eliminating the need of buying
multiple license software’s. The players who provide such services are Akamai
(Edge Computing), Elastra and Right Scale (platform environments for Amazon’s
White Paper

EC2 infrastructure), Google (App Engine), Microsoft (Azure), Oracle (SaaS Platform).
In this case cloud will act as a functional platform model, where the user subscribes
to the use of a set of functional services, rather than to a set of hardware capabilities.
Cloud providers will make provision and move functions around their own cloud to
meet the needs of dynamic workload. Many PaaS vendors have also created their
own language to be used to link components together.

Software-as-a-Service
Cloud computing began with this service format of Software-as-a-Service (SaaS),
where complete end-user applications are deployed, managed, and delivered over
the Web. SaaS continues the cloud paradigm of low-cost, off-premise systems and
on-demand, pay-per-use models, eliminating development costs and lag time. This
gives organizations the agility to bring services to market quickly and frees them
from dependence on internal IT cycles. The speed and ease with which SaaS
applications are purchased and consumed has made this category of cloud computing
offerings the most widely-adopted today. Important cloud SaaS vendors and services
include, Adobe Web Connect, Cisco WebEx, Google Mail, Hotmail, Yahoo! Mail
(communications applications) Demand ware (e-Commerce), Net Suite (Accounting,
ERP, CRM, and e-Commerce), SAP Business by Design (HR, Finance and other ERP
applications), Workday (HR, Finance, and Payroll).

Cloud representation as per need of organization


The internet or web based technology of cloud computing with objectives of sharing,
optimizing its hardware, software and tools to multiple customers makes it impossible
for organizations to maintain Confidentiality, security and privacy of data,
Owning and managing a applications and business traits. This poses serious concern to the organization in
private infrastructure is less maintaining their confined identity on cloud. To address this concern, the cloud
cost-effective for a business, services are available in private and public domain and characterized as private or
personal and public cloud
but it increases the
Private cloud
organization's ability to
The concept of private cloud emerged from the basic need of exclusiveness and
manage and protect data. confidentiality in what organizations want to do while services are handled by the
cloud vendors. The private cloud model allows an administrator to manage his
technology infrastructure from a single point and assign resources as needed. Owning
and managing a private infrastructure is less cost-effective for a business, but it
increases the organization's ability to manage and protect data. This is especially
important for businesses that have strict compliance regulations.

A private cloud is the transformation of the data center into a modular, service
oriented environment that makes the process of enabling users to safely procure
infrastructure, platform and software services in a self-service manner. Most current
private cloud computing environments consist of reliable, highly scalable services
that are built on virtualized servers and provided as a service via the Internet. The
services can be billed on the basis of amount of time used by a specific application
or server by a particular department within the company.

Some cloud vendors offer private cloud services as a virtual private cloud which
offers a secure, scalable tunnel so that an organization can easily extend its available
resources out into the cloud seamlessly, with little or no disruption in the network
or application network architecture. Such cloud ensures no degradation of
performance. There is some private cloud communities who can build Condominium
White Paper

clouds and condominium fiber confined to their members only, who shares the
resources to its members only to allow them to scale and use it for their close
business users.

Private cloud computing deployments can save cloud customers from 40% to 80%
on physical space, cooling and utility costs. A well-planned private cloud can double
or triple cloud customer's utilization and ROI of corporate assets.

Personal cloud
Based on the variety of computing needs the concept of cloud is further broken
down from private to personal cloud, in which developers could use a personal
cloud that would allow them to configure their local environment, develop and test
web applications in multiple ways virtually from any location and they can copy
the version on laptop to work offline when cloud services are down.

Public cloud
Public cloud is a cloud computing service available with virtually no boundaries on
CIOs are waiting for cloud
service scalability and resource tapping and is almost like internet service in terms
services to get matured, of accessibility. It carries a serious concern of security and privacy of data. CIOs
secured and SLAs to address are waiting for cloud services to get matured, secured and SLAs to address business
business and compliance and compliance commitments before they opt for public cloud. Public cloud
computing services are especially useful when you want to test application in public
commitments before they opt cloud environment. Public cloud provides economics with large scale.
for public cloud.
Trade off between Public and private cloud
Enterprise Organizations are looking at cloud computing opportunities by doing
pilots and trials under internal and private cloud environment which is secured
and can be controlled to some extent. The start-up SMBs use public cloud since
investment is lowest. Internal and private cloud adoption will happen over the two
years while public cloud computing and internetworking between public cloud
services providers will be five to seven years of plan by then the security issues
may get addressed. Public cloud is a favorable ground for open source which is
supported by cloud vendors such as Amazon.com, LAMP, and AWS. Many of these
internal private clouds are built on open source (Linux, MySQL, Eucalyptus) etc.)

Combine cloud or switching over


Cloud customers have an option of using an internal private cloud to manage the
normal workload, with the capability to burst out to the public cloud for peak demand,
and they don't have to manage that in-house. Such marriage between the public/
private clouds provides a hybrid solution and can be tried as a virtual lab at every
organization. The future of the cloud is seen as a combination of private, traditional
data centers, hosting, and public clouds.

Cloud Optimization Services


Although cloud computing services are based on aspects of performance, scale and
reliability while delivering the robust services to enterprises. Economical model of
peering may pose serious consequences. It may result in, overburden, packet loss,
service degradation, slow and uneven performance of cloud-based applications.
Such issues are addressed by certain cloud vendors with unique routing,
communications, and application optimization technologies to accelerate IaaS, PaaS,
and SaaS services across the cloud. Path Optimization technology monitors real-
time Internet conditions to identify alternate paths over the Internet that are faster
than default BGP-defined routes. In addition to accelerating the long-haul Internet
White Paper

communications that are necessary for dynamic cloud applications and uncacheable
content it also improves the reliability of these communications by routing around
trouble spots, finding alternative paths that optimize connectivity.

The greatest possible application performance and scalability are achieved when
the application itself can be distributed to the edge of the cloud, close to the end
users. Application instances are automatically created in different cities and regions
based on real-time demand — something that cloud vendors such as Amazon EC2
and Google App Engine cannot do. This allows edge computing customers to enjoy
truly maintenance-free scalability in addition to unparalleled end user performance.
Edge computing is designed to work seamlessly within a hybrid cloud environment.
By deploying content-centric application components — such as site search, surveys
and contests, or page assembly — at the edge of the cloud, while running sensitive
or transaction-oriented application components at the origin infrastructure, the
application can be scaled and the end user experience can be optimized, while
The greatest possible meeting the different business requirements of each application component.

application performance and Securing Cloud Applications and Platforms


Since the public cloud platforms are as vulnerable to Internet threats and service
scalability are achieved when
attacks as traditional Web sites and applications, some vendors (such as. Akamai)
the application itself can be have developed network acts as a “secure perimeter” that eliminates public entry
distributed to the edge of the points to cloud infrastructures, helping to keep malicious DDoS attacks, Internet
cloud, close to the end users. worms, hacker threats, and attacks on application vulnerabilities outside the origin
data center.

Technologies such as DNS security, IP layer protection and access control, HTTP
origin cloaking, and application request checking are also developed. By providing
additional layer of security, you can completely ‘cloak’ a Web site from the public
Internet by effectively removing the origin from the Internet accessible IP address
space, or in-cloud Web Application Firewall can identify attacks in HTTP and SSL
traffic before they get to application servers, protecting cloud services right from
the edge of the cloud.

Ensuring Site and Application Availability


Cloud optimization services are so necessary — to provide resiliency from the many
potential pitfalls preventing the successful delivery of cloud services to end users.
Cloud optimization service includes Site Failover, offering multiple options for
enterprise business continuity in case of origin or cloud server failure. Some vendors
have developed cloud-based traffic management system that allows an enterprise
to balance traffic between multiple entities based on a variety of business policy
and Internet performance factors. These service options, combined with a 100%
uptime SLA, enable enterprises to leverage cloud computing — in any form they
wish — while maintaining the rock-solid availability their businesses demand.

Virtualization and cloud computing


Virtualization is the technology that gave birth to the current cloud computing by
evolving IT infrastructure. It is backed –up with the concept of optimization and
utilization of IT infrastructure in a shared environment so that multiple cloud
customers can access the computing environment virtually from anywhere any
time for their business application from the common source. Cloud computing has
adopted and embedded the virtualization concept while making the IT infrastructure
White Paper

flexible, scalable and available to the business users anywhere. Virtualization


objectively aims at utilizing the CPU power to its fullest capacity in an efficient
manner and by making it available to multiple users from multiple locations. Server
virtualization and cloud computing are, in many respects, two sides of the same
coin. Ideally, corporations and their IT departments can meld the two so that they
work in a synergy to achieve their business goals.

Compliance and Regulations on cloud computing


Although cloud customers are seeking services from cloud vendors for data backup,
storage, records management and availability of log files etc., however prima facie
it is cloud customer’s responsibility to ensure that the legal, regulatory and audit
obligations are fulfilled for the applicable IT services of that region and country.
There are various laws and regulations applicable which include data privacy laws
and Payment Card Industry Data Security compliance standard relating to credit
card payments in cloud or a SAS 70 Type II audit which are applicable even if you
are opting for services from cloud vendors. Cloud customers are subject to myriad
laws or regulations such as SOX, 404 (in USA) that stipulate in what manner and
how long data has to be kept and how do you ensure the audit and control of financial
Computer scientists at NIST, in information. Countries like Germany and the U.K have specific regulations relating
collaboration with industry to email The Federal Rules of Civil Procedure (FRCP) those U.S. lawyers must follow
and government, are in civil cases require the disclosure of electronically stored information at an early
stage of a case. EU's privacy restrictions and Massachusetts data protection act is
producing a special
host of such regulatory needs. Laws and regulation such as Markets in Financial
publication that covers cloud Instruments Directive, or MiFID, (in the UK); JSOX (in Japan); or Corporate Law
architectures, economics, Economic Reform Program, or CLERP 9 (in Australia)?
security, and deployment If you have cloud customer’s data in the cloud, it is necessary to demonstrate the
strategies. Some professors in controls that ensure compliance with published privacy policies and with the privacy
and freedom of information regulations in force in all of the countries where you
universities are working on a
do business. Any kind of official records stored on cloud resources -- files, documents,
framework for building emails, instant messages, memos, forms, scanned images, etc. along with its retention
infrastructures that are more policies comply with Federal Rules of Civil Procedure in the case of a law suit, or
accessible, reliable, efficient, with DoD 5015.2 record-keeping regulations?

and yes, understandable. In fact, Gartner Inc. published a report sometime back stating that security, privacy
and risk of compliance will prevent adoption of cloud computing in regulated
industries and global companies through 2012.

There are multiple bodies working in parallel to develop cloud computing, service
portability and interoperability standards across the cloud platform. Computer
scientists at NIST, in collaboration with industry and government, are producing a
special publication that covers cloud architectures, economics, security, and
deployment strategies. Some professors in universities are working on a framework
for building infrastructures that are more accessible, reliable, efficient, and yes,
understandable. A more holistic standard to cloud computing has been that of
Cloudware, Cloudware is focused on streamlining things like database integration
and replication into a cloud environment.

A major systems-management standards body has formed a group dedicated to


developing open management standards for cloud computing. The Distributed
Management Task Force (DMTF), whose board includes representatives from
companies such as AMD, Cisco, Citrix, EMC, HP, IBM, Intel, Microsoft, Novell, Red
White Paper

Hat, Savvis, Sun and VMware announced the creation of the Open Cloud Standards
Incubator (OCSI) group. The existing DMTF specifications including the Common
Information Model (CIM), Open Virtualization Format (OVF), WBEM Protocols,
member submissions and investigation of opportunities for collaboration with other
industry standards bodies

Addressing compliance requirements:


There are multiple ways cloud vendors and cloud customers are trying to fulfill
the compliance and regulatory requirements although there are issues relating to
knowledge of where data lives, where it is stored and who has access to it
• The cloud centers are equipped with SAS 70 certification and some capability for
auditing.
• A rigorous security process around cloud customer’s data is established and is
being reviewed when loop holes are observed by some cloud vendors. Due to
which, every new product that comes out will have security review when it
comes out.
• The enterprise cloud customers would generally integrate their own
authentication and access control system with cloud vendors. There could be
authentication at cloud vendor level or cloud customer level backed-up by heavy
scrutinization.
• If there are data breaches and potential loss of personally identifiable information,
then the compliance officers considering the cloud will look at previous accidents.
• Regular background checks of employees and their certification for performing
certain tasks also helps in ensuring that authorized personnel are handling the
policy tasks. These authorized personnel can work with cloud vendors key team
members to draft the legal and security service agreements to ensure that
protections exist and perform tasks related to sensitive data.
• Some of the ways are to build indemnity or defense into the terms of services
rendered by cloud vendor who ultimately has some liability in the case of a
data breach and can get sued

Deploying cloud
Private cloud deployment
Minimum six months of time
Constructing and deploying a private cloud specific to the organization requires
is essential to develop, pilot detailed estimation of total cost of ownership (TCO) The cost components such as
and deploy the plan and cost of lease/rental facilities space, the cost consumptions of power, IT services,
further perform the upgrades. selection and configuration of its deployment, production and test virtual servers
backup and disaster recovery, storage and third-party management tools that are
For large organizations, the crucial to support an on-demand cloud computing services model. Minimum six
changeover to a private cloud months of time is essential to develop, pilot and deploy the plan and further perform
may take a year or more. the upgrades. For large organizations, the changeover to a private cloud may take a
year or more.

Here are some specific points to be noted during private cloud deployment:
1. Prepare a comprehensive plan on which services to be sent to the private cloud,
which to keep in-house and which are safe to leave outside the relatively safe
confines of the firewall.
2. Construct a detailed blueprint of how you will manage the security aspects of
your private cloud including authorization, authentication, access controls,
isolation management, integrity and policy management and trusted virtual
domains.
White Paper

3. Licensing of software databases and other tools need to be decided


4. Determine the exact cost of downtime and the level of uptime, performance
and also prepare contingency plans. Set –up SLAs in collaboration with cloud
vendor that addresses your business needs
5. Add suitable clauses if the conditions are not met. Remediation can consist of
cash rebates or future service credits.
6. Set up suitable Operation Level Agreements (OLAs) to understand how everyone
will work together to meet and maintain the company's service-level
requirements. OLAs are designed to set forth a plan of operation and determine
which person or group within the company is responsible for specific duties and
systems. The OLAs will be an important adjunct to the SLAs for your private
cloud computing environment.
The cloud vendors will allow 7. Resources on internal application and storage infrastructure will be free once
cloud-based storage and other content services are resumed. If you add some
only authorized cloud caching to your local unified application delivery network then you can improve
customers to create such a performance and further reduce the cost of serving that content because it will
tunnel, and it needs to be only be accessed periodically, keeping your cloud-related resource consumption
to a minimum.
deployed on a platform that is
8. For large data transfers one can use WAN optimization and application
able to be integrated into the acceleration techniques to improve the performance of large data transfers across
provisioning process such that the Internet. The cloud vendors will allow only authorized cloud customers to
the management of such create such a tunnel, and it needs to be deployed on a platform that is able to be
integrated into the provisioning process such that the management of such
external connectivity and external connectivity and access doesn’t end up consuming human operational
access doesn’t end up cycles.
consuming human 9. Point-to-point encrypted, optimized and accelerated tunnels are used for data
transfer with additional Hardware, software with suitable configuration at both
operational cycles.
ends of the connection.
10. The process, costs and duties for discovery and preservation requirements need
to be negotiated up front, and the appropriate protocols for maintaining attorney-
client privilege should also be established at the outset.

Services offered by Cloud vendors.

In general most of the loud vendors will offer following services


1. Strategy Consulting Services. The cloud vendor helps its cloud customers take a
strategic look at cloud services including preparation of business case and total
cost of ownership (TCO.). Such services include consultation on which
applications to migrate, when to migrate etc.
2. System Integration Services. This service is given to those cloud customers who
are building private clouds for large enterprises. It provides expertise on
integration between applications and the cloud environment.
3. Engineering Services. Software vendors that want to put their applications on
the cloud will need someone to re-code it for multiple users.
4. Cloud solutions. The public cloud services such as e-mail, ERP, storage, back-up,
and security in the cloud.
White Paper

The IT players in Cloud computing


Cloud computing encompasses everything from pay-as-you-go software subscriptions (Software as a Service, or SaaS) to platform
to infrastructure that can be provisioned and scaled up or down as business needs dictate.

Multiple players are available to provide services; some of the key players are listed in Table-1
White Paper

Adoption of cloud
Analysts survey shows that since last one year, adoption of cloud computing is on
the rise, with 50 percent of Global 2000 companies already opting for cloud
infrastructure or are planning to do so within a year. In another survey of 104
Global 2000 companies conducted by AppLabs, 30 percent of respondents were
already using the cloud, while 20 percent said they were looking to move their
applications onto it within the next 12 months. For the group not planning to adopt
the infrastructure, 29 percent said lack of awareness deterred them from moving
their applications to the cloud. Another 21 percent each cited security concerns
and a dearth of technical expertise. Cost was a factor for 19 percent of respondents,
while 10 percent said limited services held them back from jumping on the cloud
bandwagon. Cloud computing paradigm is fast evolving "from a futuristic technology
to a commercially viable alternative".

Many Asian governments are committing to economic stimulus spending, while


These two factors have laid
their citizens are demanding for more responsive public services. These two factors
the ground for countries in have laid the ground for countries in the region to transform themselves into digitized
the region to transform cloud nations. "Singapore is among the most advanced and progressive public sectors
themselves into digitized in the world in terms of ICT investments and vision, and the government are
continuing to invest in IT to further transform the public sector." Springboard said
cloud nations.
US$14 billion had been earmarked by Singapore as governmental stimulus spending
to spur the use of IT in the public sector so as to transform the nation's healthcare
and transportation sectors as well as

Adoption cloud is typically done by smart organizations with a wait-and-see attitude


combined with proactive prototyping and a selection process that will help them
select the best set of cloud computing services and tools. Early trials with non-
mission critical applications will be a useful way to help everyone in the organization
gets up to speed on cloud computing technologies and how they integrate with
existing IT processes.

Candidates for adopting cloud computing services?

1. Anybody with a need to make data and processing available to a large number of
users is a good candidate. Workloads or applications with unpredictable or capacity
requirements play well in the cloud computing model. Project such as a marketing
campaign are well suited for hosting.

2. Software development organizations will be among the first because they have a
vested interest in making it work. They can use a cloud-like environment for
integration with other application components. And when they want to migrating
environments to QA and onward

3. CDNs [Content Delivery Networks] service providers are most likely to adopt
cloud.

4. Utilizing the cloud for requirements management is a better use of their time.
"The important thing is we don't need to manage the back end, which is critical.

5. Application development and testing in the cloud is ideal proposition if you are
looking at cutting infrastructure cost of build and test environment that replicates
the production environment. It's the best way to use the cloud on a short-term
rental capacity basis. If you are conducting large performance tests that simulate
400,000 people hitting that application, cloud provides the cheaper way to handle
that kind of load.
White Paper

6. Autonomous applications, or ones that don't interact much with the back office,
are also a good fit for cloud computing.

7. Public website hosting and content delivery

What you cannot host on cloud

1. Those back-office applications which are not designed to scale on a cloud


platform, because they may not be simple to administer since they often requires
clustering which may be tricky on any platform

2. Cloud computing may not be suitable for outsourcing large data centers, according
to a new report from McKinsey & Company

How to get prepared for cloud computing services


During planning phase

1. Business assessment and Strategic planning: Cloud customers need to have


clear understanding of their business goal for moving towards cloud along with
short and long term ROI. Also what will be the impact on bottom line and top
line, what are the current Total Cost of Ownership (TCO) and how much it is
expected to reduce by moving to cloud? The SWOT analysis is essential before
finalizing the decision to move to cloud. Consulting and involving the finance
department may be a right move.

2. Realize the hidden costs: Organization should check with cloud vendors for
all hidden costs such as management, governance, and transition costs including
staff training which may flare up at the later stage and hence need to be factored
before moving to cloud services

The IT team needs to prepare 3. Assessment of IT software assets and people: While assessing the IT assets,
the questions such as, how will it affect Service-Oriented Architecture (SOA)
a program charter, Reorganize
strategy? How is disaster recovery plan impacted? What about backups and legally
IT teams according to mandated data archiving policies? What is the risk profile for using cloud
application functionality and computing services and what is the mitigation strategy? What is the potential for
engage them during platform lock-in and how can it be avoided? Shall be addressed, prioritization of
putting eligible standalone applications (e.g., sales promotion programs, emails,
deployment, migration and
HR benefits etc.) in the cloud is of prime importance and shall be thought by
testing of application on cloud business users. The IT team needs to prepare a program charter, Reorganize IT
although cloud vendors may teams according to application functionality and engage them during deployment,
be doing part of it. migration and testing of application on cloud although cloud vendors may be
doing part of it.

4. Knowledge transfer: The business and IT users have to be trained in cloud


environment. Their familiarization to cloud concept, terminologies is of prime
importance, moreover they will have to get convenience on the benefits of cloud.
Also it is essential to understand what are the due diligence issues

5. Business continuity management: Before migrating the applications to cloud


environment it is important that the entire environment for the cloud service is
mapped out and a disaster recovery plan is set up
White Paper

6. Migration strategy: A clear strategy of which application should be migrated to


cloud first and why shall be clearly documented. Best way to make a beginning
is with non critical applications such as e-mails, content hosting. Core functions
will probably stay in the corporate data center; but storage, legal, and disaster
recovery are good things to move to the cloud

7. Prepare a back-out strategy: A plan for back out of cloud is essential even if it
is not given by cloud vendor so that if you get in to serious issues with cloud
vendor you should be able to continue with the business by restoring back your
systems

8. Go for proactive prototype or pilot: It is essential to clearly establish the


technical and commercial outcome of migrating the applications to cloud by
conducting detailed pilot with one or two key business applications which may
have lowest business risk. Such pilots should check the viability, performance
and integration issues as well as service support capabilities of cloud vendors.
Test your system around the clock to make sure that the service offerings being
provided to you are top-notch and meet your goals. It is also very important for
you to map out the network's architecture completely, so you always have an
insider's view of the service.

9. Evaluate cloud vendor: While evaluating the cloud vendor, it is desirable to


gather information from other organizations that have opted for services from
cloud vendors being evaluated and make a comparative analysis of service
performance, issues faced and potential risks. This will help in making informed
decisions. It is helpful to talk to multiple cloud vendors too

It is also very important for While evaluating, selecting and finalizing the cloud vendor following important
aspects should be considered
you to map out the network's
architecture completely, so Technical scrutiny:

you always have an insider's A careful analysis is essential while evaluating cloud vendors technically. Following
areas are very important to check back with cloud vendors
view of the service.
• Data related: What type of business data will be preserved, in which format and
which location? How is the data collection to be done? What will be the allowable
duration for data? What are the confidentiality and privacy norms and how the
data will be made available for compliance and regulatory requests? How data is
encrypted? Does the cloud vendor use any sub-contractors or rely on any
partnerships to process the data? Is the data backed up and if so, where are the
backups stored? What is the frequency and periodicity of data back-up? What
happens to copies of the data if the relationship is terminated or if the cloud
vendor fails? Will the cloud vendor provide archival copies of the data to the
customer? How will the cloud vendor react to legal inquiries about a customer's
data set? What types of auditing tools are available? Do the administrators have
to have access to the data? What tools are used to make sure the backup (or a
copy of it) doesn't go on a CD or thumb drive but only through an approved
system?

• Which platforms are not supported and which configurations are not possible?

• How database licensing would be handled, who will have licenses?

• What is the scalability, redundancy and availability during staging and production
White Paper

• What virus protection is there and how regularly are vulnerability scans and
penetration tests run?

• How often their systems will be backed up? Are the back-ups encrypted? Where
are they stored

• Can cloud vendor be able to respond to an e-discovery request?

• What is the cloud vendor’s window for scheduled maintenance, when systems
may not be available? How the infrastructure and services are utilized to provide
persistent access to needed applications and data sets.

Service Level scrutiny:

• SLA related: What are the SLAs relating to reliability, performance, response
time, security parameters, data privacy, reliability/availability and uptime, data
and infrastructure transparency? Elaborate SLAs are the most effective way to
achieve the business objectives. Does SLAs specifically addresses managerial
issues , intra cloud quality of service, allowable downtime, specific performance
levels, cost and time to recover from outages, provisions for lost data and any
security breaches, as well as backup, disaster recovery and storage. Does service-
level agreement guarantee a specific amount of uptime?
How is the customer credited
• Security service related: What security service assessments client has in place?
or compensated for an
Do the administrators have to have access to the data? What tools are used to
outage? What level of make sure the backup (or a copy of it) doesn't go on a CD or thumb drive but
redundancy is in place to only through an approved system? Ask for a description of the infrastructure,
minimize outages? What the format in which the data is held, what happens to backup tapes, and whether
or not you can have specific retention processes applied to your data.
alternative methods of access
are offered if there is an • Governance and compliance related: What governance and compliance
standards are followed and complied with. What certifications cloud vendor has
outage? obtained (such as ISO27001, BS25999, and ITIL)? Do they have a data back-up
and retention process?

• Communication and reporting related: What are the statuses reports, measures
and analysis trends generated and delivered to cloud customers? What is the
periodicity of service review? Which parameters are tracked, monitored and
reported?

• Service Failures: What arrangements cloud vendor has in view of equipment


failures or power outages? How is a services outage defined? What tools are in
place to determine the severity of the outage? How is the customer credited or
compensated for an outage? What level of redundancy is in place to minimize
outages? What alternative methods of access are offered if there is an outage?

Business Level Scrutiny:

• Customer references: Check out the references from similar cloud customers
from whom the cloud vendor is providing services, check with them the problem
faced and challenges during start-up and steady state position during service
period. How long the cloud vendor is providing services

• Intellectual property: How it is protected. What are the arrangements cloud


vendor has towards its confidentiality
White Paper

• Pricing structure: What is the pricing structure? Which costs are not included
in basic services? Are charges based upon traffic, usage or storage limits? What
are the minimum and maximum limits? What are the applicable taxes, duties,
fees? Is there any type of price protection? Are there licensing fees above and
beyond the service fees?

During Implementation phase

• Retain control over the application's environment. When you opt for services
from cloud vendor. It is necessary to make sure that system is under the control
of cloud customer. Create appropriate documentation, measures, and metric and
keep records of all communication with cloud vendors along with issues,
challenges faced.

• Engage cloud vendors to deliver services to the remote offices. Cloud


customers may not have IT staff at these locations, it will be much more cost
effective to avail such services and integrate with your own systems.

• Consider deals of shorter duration such as 1 to 3 years period renewal


every year. This would make it easier to switch if your current provider is not
aggressively looking for new and better ways to help the business and create
Moreover scaling the IT value.
requirements up and down is The cost of cloud computing services
feasible with no extra Moving CAPEX to OPEX: One of the top motives of IT organizations moving to
cloud environment is, its ability to bring down the Capital Expenditure (CAPEX) to
investment since it will be
minimal and use CAPEX to cater for operating expenditure (OPEX) based on
based on consumption again. consumption or usage of IT services. Moreover scaling the IT requirements up and
Capacity and volume down is feasible with no extra investment since it will be based on consumption
requirements doesnot add any again. Capacity and volume requirements doesnot add any extra CAPEX. The OPEX
can be tightly controlled by the cloud customers.
extra CAPEX. The OPEX can
be tightly controlled by the As cloud services grow the costs may shoot up over time. Cloud customers need to
consider the cost of switching over to other cloud vendor and the costs of integration.
cloud customers. Start-up cost of cloud services and cost during long run of services may be different.
Services such as data back-up, storage, data access, archival, disaster recovery may
cost additionally if not factored in basic services tariff

Charging system
On a small scale, charging per instance makes sense, in that you pay for the
minimum capacity you need as you go. Large cloud customers think that the pricing
models based on usage do not holds good for large businesses with heavy transaction
volumes. But if you are a startup more concerned with gradual and affordable growth,
such on demand pricing models make sense. The pay-as-you-go pricing model
allowed us to grow little by little and use incremental services without up-front
infrastructure investments.
White Paper

Some deployment stories


Several deployment stories of cloud customers are emerging with variety of services being hosted on cloud and indications on
numerous business benefits. Table-2 lists some of them
White Paper

What the IT world is gaining


Cloud computing provides numerous advantages at business and technical level to
cloud customers, few of them are listed below

Business view

• Cloud computing services have proved to be 5 to 7 times cost effective, according


to the analysts report, study made at universities as well as from the
implementation report of early adopters and in a deep recession, the lowest
common denominator is cost. Any technology, proven or not, that promises to
cut costs will get attention – whether IT likes it or not. Some low-criticality
applications like email, promotional services on cloud computing will have
positive impact to several users.

• The computing power and storage capabilities of cloud infrastructure are amazing
and for simple e-mail application as per Gartner if companies have to spend
between 10 to 100 $ per user per month it can come down drastically to 1 to 5 $
per user per month. Cloud in this instance is really managed hosting. The
challenge is to get enough compute capacity at a cost below what a company
could stand up in internal virtual environments themselves.

The challenge is to get • Most small and medium businesses simply don't have the time, expertise or
enough compute capacity at a money necessary to buy, deploy and manage the computing infrastructure needed
to run their solutions on their own. Cloud computing provides breather, since all
cost below what a company IT services are available on subscription basis based on your consumption pattern
could stand up in internal and you don’t have to go for buying any capital item. Services such as CPU
virtual environments cycles, bandwidth, and application logins in the cloud will be reasonably cheap
and extensively commoditized for the foreseeable future
themselves.
• Benefits for the business can be significant: faster project times to market, given
that IT is not waiting for servers to open up to start testing a new application; the
ability to tell a department that the new application it wants tested will take a
couple of days or weeks vs. months; and of course, the knowledge that you will
not have to expand your environment or even build one.

• Since the service capacity, space, up and down scaling is all offered on the basis
of pay as per your demand the Capital expenditure (Capex) will be nullified and
will be transformed to an Operating expenditure (Opex) which will be essentially
on usage basis and can be tightly controlled

• It is possible to switch to other cloud vendor with minimum cost

Technical View

• Shared infrastructure will provide better hardware utilization since more cloud
customers, applications, users and transactions can be realized per machine.

• Automation and dynamic configuration enables self-service, rapid provisioning


and flexible workload assignment.

• With elastic scalability one can achieve fine-grained capacity and demand
planning

• Cloud provides comprehensive management of an application, hardware,


software, network, tools, security and data
White Paper

• The ability to back out if problems arise.

• Users can work online and offline from many locations

• Since the cloud environment has applications delivered through web browsers
which will be front end and backend will be powered by highly-scalable databases
hence it is possible to see Separation of data from apps and it can exist in separate
locations much more easily and effectively. The opportunity here is to allow the
front end apps running in the cloud to tunnel in and connect to the data of your
own private data center.

• Cloud computing applications in future may not be session-sensitive Web pages


that deliver applications that are unavailable when there's an issue with Internet
access or loses a user's form data when a backhoe accidentally cuts a fiber line.
There will be an offline component in addition to the standard online component
to the web application. Thus offline functionality stores the application locally
and caches user data so that any interruptions to a Web session or connectivity
outages allow users to continue to work uninterrupted. Then when Internet
connectivity is restored, any work and changes made offline are simply synced
up with the online version of the application.

• The access to cloud applications will be feasible 24x7 through any mobile
device anywhere since internet will be available through high speed mobile
devices

The specific benefits of cloud computing can be summarized in following way in


Table-3
White Paper

What are the existing and future challenges?


Prima facie there are few key challenges which are prohibiting every organization to move to cloud although there are positive
steps taken by the cloud vendors in addressing those issues. In fact analyst firm Gartner Inc. once published a report stating
that security, privacy and compliance will prevent adoption of cloud computing in regulated industries and global companies
through 2012

1. Cloud computing in its original state is not secure .Confidentiality ,protection and preservation of customers proprietary
data coupled with need of meeting of regulatory and compliance standards are major obstacle preventing organizations to
make all out movement to cloud.
2. The other concern being mixing of sensitive data with other cloud customers due to the use of Shared Web servers and
practically every component of the OSI layers 1 through 7 is shared -- not just the application layer -- so the attack surface
can be exponentially increased. Forensics investigations and any e-discovery requests may be difficult due to the complexities
of the cloud. Security right from user authentication to transaction processing to back-end data access needs to be in place
and is of prime importance.
3. Interoperability between two clouds for sharing data and information as well as seamless Integration between various
applications is difficult to do currently.
4. Pricing model, ROI, customer centric performance based SLAs are some of the business level challenges which are not clear
to the cloud customers.

The other challenges faced by cloud customers are enclosed category wise in below Table-4
White Paper

Steps towards meeting the challenges


Some of the solutions which are being adopted by the cloud community are

• Independent Third party audits, logging and monitoring systems will need to be
enhanced, and incident response processes will undoubtedly. Cloud Vendor
and cloud customers may have to sit together and implement some measures
like role-based security and privileged access while embarking on cloud based
services

• The nonprofit entity like Cloud Security Alliance (CSA) is trying to promote the
use of best practices for securing cloud computing and will educate practitioners
on security aspects according to Searchsecurity.com. The CSA will address more
than fifteen areas of security issues with prime focus on governance and
operations. In parallel several organizations have also doing some research for
securing data in the cloud. Both the Cloud Computing Alliance and the Open
Cloud Manifesto have LinkedIn groups and can use some help, especially from
security professionals working in large enterprises with service provider class
networks. The cloud customers are expected to help cloud computing vendors
address security in their software delivery model. Security vendors are already
responding to the trend. VMware Inc. released APIs and next version of its OS
for cloud computing to security vendors under its VMsafe program. Symantec
Corp., McAfee Inc., Trend Micro Inc. and others are integrating security tools to
address virtualization.
White Paper

• There will be a need to establish a de facto standard or certification to allow


cloud customers to understand the security level differences the cloud vendor
may have. Standards like SAS 70 Type 2 have listed controls around confidentiality,
integrity and availability of the data on systems. It recommends that service
providers conduct regular third-party risk assessments and make the results
available to customers. Other domains addressed in the report include compliance
and audit, recommending service providers adhere to SAS 70 Type II audits and
ISO 27001 certifications, as well as a greater uniformity in comprehensive
certification scoping. Encryption and key management, storage issues, application
security concerns and virtualization security problems are also addressed in detail.
The other issues addressed are trusted relationships, federated services, auditable
standards, third-party monitors, pseudo-clouds and other solutions.

• Cloud Vendors like Google encrypts data in transit and gives admins the option
to turn on SSL. The data is spread across multiple machines, so you don't have a
single machine to attack like the typical environment; this model is more secure
than the encrypted server model. Production data is not mixed with testing data,
customer access is not mixed with developer access, and sensitive workloads are
kept separate from open or promiscuous applications. Security patches are kept
A unified approach that up to date, configurations are monitored for breaches, workarounds are applied
for zero-day threats and malware detection systems are constantly updated.
describes the Interoperability Virtual images, hard drives and backups are encrypted and password-protected.
standards and its compliance
• Some groups are working on a Private Virtual Infrastructure (PVI) in which, the
requirements may be data center is "under the control of the information owner" while the fabric is
essential. Vendors like Azure under the control of the operator (of the cloud service). The cloud vendor and
runs non-.NET technologies cloud customer are required to share certain types of security information, and
service level agreements (SLAs) along with the roles and responsibilities of all
like PHP natively and parties in the agreement. Every service in the cloud must be able to report security
developers can expose their properties, and that the properties must be cryptographically bound and signed.
services over several Future Challenge
standards, including REST and No long-term vision for cloud computing interoperability is visualized. So far the
SOAP and developers can consensus among the cloud vendors on openness and interoperability in cloud
computing is not yet well thought. A unified approach that describes the
configure applications hosted Interoperability standards and its compliance requirements may be essential.
on Azure to communicate Vendors like Azure runs non-.NET technologies like PHP natively and developers
with end users via a browser, can expose their services over several standards, including REST and SOAP and
developers can configure applications hosted on Azure to communicate with end
on-premises servers or even
users via a browser, on-premises servers or even other clouds.
other clouds.
Cloud computing change management
Switching over to cloud computing environment brings in lots of change
management issues with the organizations and it has to be a decision of whole
company. On one side IT department may be resistant to do certain things because
they are going to lose control, on the other hand business users may become
aggressive because they may not have to contact internal IT department to host or
change their application since it will be done by cloud vendors. The whole switchover
program will call for systematic process to effect the changes by taking all
stakeholders in to confidence.
White Paper

Migration of application and data to cloud environment will require very clear cut
policy, understanding and collaboration between senior management, business
users, IT users ,finance department and customers because everyone will have
vested interest. Every stakeholder has pros and cons in switching to cloud
environment which will have to be justified and approved by management as a
policy.

Many times decoupling business processes from software applications will call for
transformational change in the form of service-oriented architecture (SOA) and
business process management (BPM).Also re-architecture of certain applications
to take advantage of Web-oriented architectures preferred in cloud that exploit the
distributed data and distributed processing model would require development team
to restrategize and restructure the application.

The changes in billing model, consumption pattern of IT services including


compliance and regulatory fulfillment, back-up, and disaster recovery and business
continuity management, data privacy will call for significant changes in organizations
policy.

In summary
The new trend in innovations The future of cloud computing
will bring in lot of maturity In today’s economy, with limited budgets and a highly dynamic market, it is critical
and reliability in cloud to be able to refocus organizations resources and check the viable options with
cloud computing which can provide expected benefits.
computing along with better
governance and security Without getting trapped in to the cloud hype cloud customers can start in
experimentation and pilot mode in public cloud with non critical applications and
models once technologies
once the security and service level assurance related issues improves ,they can
start functioning seamlessly migrate hosting environment and data centres to dedicated private cloud services.
and reliably. With drastic The market right now is really a subset of the managed hosting business - which is
improvements in WAN speed, a $9 to $10 billion a year that just continues to grow. The computing environment
the future trend will of future will always be cloudy with variety of sizes and shapes touching each other,
one can chose the right environment, tools and cloud vendor to prove that
increasingly see the front end
organization is always on 7th cloud in it computing.
of applications separated from
Widespread acceptance of virtualization environment and clouds will happen in
the backend which has stages - a couple of issues associated with data security, interoperability, separation
scalable databases. of service layer still need to get addressed. The new trend in innovations will
bring in lot of maturity and reliability in cloud computing along with better
governance and security models once technologies start functioning seamlessly
and reliably. With drastic improvements in WAN speed, the future trend will
increasingly see the front end of applications separated from the backend which
has scalable databases. This may happen more easily and effectively even by allowing
companies to host the data inside their own private data centers and simply allow
the front end apps running in the cloud to tunnel in and connect to the data. There
could be move towards development of offline component of web application in
addition to the standard online component which stores the application locally and
caches user data so that any hiccups to a Web session or connectivity outages allow
users to continue to work uninterrupted when Internet connectivity is restored,
any work and changes made offline are simply synced up with the online version
of the application.
White Paper

The cloud customers would like to continue to keep business ownership with them
and workout better trade-off with cloud vendors for service ownership. The best
way to handle cloud computing needs of future could be that organizations form an
ecosystem as a cloud community and extend the cooperation to tap the potential of
cloud environment on mutual trust.

References
1 White Paper-5 Reasons CIOs are Adopting Cloud Computing in 2009 by sales
force .com

2 White Paper-Akamai and Cloud Computing-A Perspective from the Edge of the
Cloud by Tom Leighton, co-Founder and Chief Scientist, Akamai Technologies

3 Whitepaper-Preparing for cloud computing: The managed services revolution


by Caroline Chappell

4 Cloud and upgraded computing future brightens despite overcast economy.By:


Dana Gardner, Principal Analyst, Interarbor Solutions

5 Cloud computing: A new era of IT opportunity and challenges- Posted by Dion


Hinchcliffe

6 Cloud computing and application security: Issues and risks by Kevin Beaver,

7 Cloud computing defies one definition, so here are a few of the latest by Christina
Torode, Senior News Writer

8 Tips for integrating server virtualization in a private cloud by Laura DiDio,

9 Wipro Voice: Why Cloud Computing Is Here to Stay (Even Though No One Is
Closing Their Data Centers Just Yet) by Anand Ramakrishnan

10 The real cost of cloud computing services Christina Torode, Senior News Writer
07.08.2009

11 Cloud computing:12 reasons to love it or leave it by Linda Tucci

12 A Cloud Computing E-Book

You might also like