Business Ecology Initiative & Service-Oriented Solution

Michael Poulin

Cloud for Business: Trust is not Enough

user-pic
Vote 0 Votes

In the 5th Cloud World Forum, that took place a couple days ago in London, I visited the Executive Forum sections. Corporate executives and senior management discussed different Cloud Computing related problems. Also, many came there not to share how to work with Cloud but looking for an answer to why to do it at all.

There was a noticeable shift in the focus of CIOs and Senior Managers in an area of major concerns regarding Cloud. Guess where this shift moves to from security... The concern #1 now is business compliance with both consumers' internal policies and industry regulations. This is not a new wave however; I noticed this trend a year ago and even wrote a multi-point checklist to help consumers when contracting Cloud. It seems that now this non-technical problem of compliance has reached the surface and superseded technical issues in the eyes of decision makers.

This problem has roots in two facts: 1) many of Cloud consumers operate in the highly regulated industries (like Healthcare, Banking, Telco) while Cloud providers are not obliged to recognise these and other regulations; 2) Cloud is thought as a provider of technology capabilities being agnostic to the business domains. Apparently, domain regulations can limit technical capabilities or become contradictive and very difficult to implement.

The last and this year appear as a storm of regulations in finance (world-wide) and other areas. This storm has started to tough not the companies/institutions only but the executives personally (in some cases the executives risk to be imprisoned for not providing compliance with some regulations). This can change an environment for Cloud dramatically. I've heard opinions like "... if Cloud does not respect and cooperate in compliance, my company will not go with Cloud at all despite all financial benefits they promise".

The compliance and similar non-technical problems have been observed in my publications since 2009. Unfortunately, solutions for tough technical problems such as performances, connectivity throughput and security are not real game players. CIOs believe that it is just a matter of time for technology to resolve all these technology challenges but personalisation of the consumer needs and compliance (and alike) shot right into the Cloud's economy of scale, into abstraction from business (abstraction of business domains).

This leads to another point I made in my book : to be competitive in a dynamic marker (full of compliance requirements that change as a storm), technology has to be merged back with business under the business supervision. Instead, Cloud does whatever possible to separate them.

We know that an implementation of regulations is costly and, usually, profitless. The positive factor, however, is that consumers are more inclined to deal with the provider who is compliant with the same regulations that the consumer does. Nonetheless, the majority of regulations aim an individual transparency and visibility into internal activities of institutions, which contradicts the basis of the economy of scale in the Cloud - ability to operate with anonymous units or work. A year ago, at one of the Cloud Forums organised by OVUM, IT leaders shared their experience in dealing with a global outage in Internet with regard to Cloud; it appeared that when consumers requested Cloud providers to supply a Disaster Recovery to protect from such outage cases, they found that the cost of the Cloud services practically 'swallowed' all financial benefits from the use of Cloud in their companies.

Overall, we have a technology movement that a) promises economic benefits but has many difficult business issues to resolve to go forward, and b) raises concerns that when and if these issues are resolved, the economic attractiveness (as a global measure of the movement's effectiveness) becomes questionable and uncertain. If Cloud providers do not resolve this puzzle soon, they risk to "jumping" into the same "bang-wagon" with offshore outsourcing. Serious businesses that survived this obsession have returned or are in the process of returning their assets under the company supervision.

I am not saying that Cloud is a dead-end. There is a large society of consumers who cannot afford appropriate compliance and personalisation of technology capabilities to its individual needs. They are left to take a risk. It's more likely they will go forward with Public Cloud for the purpose of financial savings but this will become a specific SME market. Others - medium-sized and large businesses - will need to target Private Cloud for its potential (negotiable) transparency or internal visibility.

As it seems today, only IaaS has potentials to protect corporate IT from a dramatic transformation. Those IT who passed through SaaS and PaaS and returned back under the corporate roof, will likely face a new organisational and operational model. This model might comprise separate IT teams split over the BUs under the business management while a small set of technologies (like archives, e-mail, PC Support and alike) will remain centralised and shared.

The focus of these IT teams will be on the brokering between different domain-specific Cloud providers. Such brokering is about integration and balancing between different Cloud providers who agree to be in line with the specific business needs of their consumers.



ActualBookCover.jpg

WebSiteAdvert.jpg


Website counter

3 Comments

| Leave a comment

Lovely Article for Cloud Business, well overall technology for public cloud is very helpful for cloud computing and its developed a good modern for IT platform

I am not sure if I am on board for the cloud, yet. I think it's a little unsettling that your stuff is be online for any hacker to get into, so I'm not sure if I will ever do it. Any info about this?

Jensen,

there are two types of Cloud - Public/Hybrid and Private.

In Public/Hybrid Cloud, " your stuff is be online for any hacker to get into", you are correct.

In Private Cloud outside of the boundaries of your company (because if the Cloud is inside your company, it is a bad sign for the company :-) ), your stuff is in the controlled environment and you nave a visibility into it. That is, it may be as safe as in your company or even safer because Cloud provider can concentrate more resources for the cyber protection - it is its business while you company usually has different business.

Leave a comment

In this blog, Michael Poulin writes about business and technology ideas, concepts, methodologies and solutions leading to service-oriented enterprise, the primary instrument for obtaining business objectives in fast-changing environments.

Michael Poulin

Michael Poulin is an enterprise-level solution architect working in the financial industry in the U.K. and the United States.

He specializes in building bridges between business needs and technology capabilities with emphasis on business and technical efficiency, scalability, robustness and manageability. He writes about service orientation, application security and use of modern technologies for solving business problems. He contributes to OASIS SOA standards as an independent member and is listed in the the international "Who's Who of Information Technology" for 2001. View more

Subscribe

 Subscribe in a reader

Recently Commented On

Categories

Monthly Archives

Blogs

ADVERTISEMENT