If 2009 was a breakout year for cloud-computing innovation, then 2010 has the potential to be the defining moment in tech history for cloud adoption, according to a recent survey of CIOs.
While there has been much hype around cloud computing, 60 percent of IT executives polled plan to implement cloud technology in 2010, according to analysts with IT research firm GlassHouse Technologies Inc. . Further, 72 percent consider internal clouds their highest priority. Titled "CIO's Guide to Cloud Computing," the poll of 100 North American IT executives explains not only the trends but also best practices and strategies to manage and implement these environments so they are in line with business objectives.
A cloud-rich 2010 does not seem that far-fetched. Gartner estimates the current market in 2009 for cloud services to be nearly $50 billion, and predicts this will grow to $150 billion in 2013.
But if your company is in the early stages of investigating cloud computing, you are not alone. Nearly 60 percent of all executives admitted in the survey they had not yet named a point-person for cloud computing initiatives.
"For most CIOs, cloud computing is a relatively abstract concept. For practical consideration, cloud needs to be addressed in the context of immediate issues and future opportunities for enterprise IT," said Jim Damoulakis, chief technology officer at GlassHouse.
Of the three main categories of offerings -- infrastructure as a service (IaaS), platform as a service (PaaS), and software as a Service (SaaS) -- the GlassHouse report found about 42 percent of those surveyed considered IaaS the cornerstone of their cloud-computing strategy. Examples include many public cloud services such as Amazon.com Inc. (Nasdaq: AMZN) EC2 and various service providers (Rackspace Managed Hosting , Savvis Inc. (Nasdaq: SVVS), Go Daddy, for example) shifting from pure-play collocation and hosting, to "virtual dedicated," and to shared, multi-tenant cloud services.
Another area garnering interest was the hybrid -- or federated -- cloud. Software vendors like VMware Inc. (NYSE: VMW) and Microsoft Corp. (Nasdaq: MSFT) position hybrid or federated clouds as the building blocks for cloud computing. That's where these vendors say the core evolution of IT functions gradually shifts from purely internal IT services to incorporating aspects of external or public clouds. As services evolve, aspects of an internal cloud could potentially shift or be outsourced to remote sites via VPNs and/or other techniques, GlassHouse found.
Scenarios where hybrid clouds could be used today include, but are not limited to: virtual labs for test, development, and staging; line-of-business application migration or hosting; and disaster recovery, among others.
Hybrid clouds will likely grow in popularity among medium-to-large IT organizations as more customers deploy virtualization technology on platforms such as VMware vCloud, Microsoft Azure, and Citrix Systems Inc. (Nasdaq: CTXS) Cloud Center (C3).
"Cloud readiness requires viewing current offerings through the lens of a service provider," Damoulakis said. "Cloud vendors offer services with certain defined commitments and associated costs for delivery. If you cannot express existing service capabilities in the same manner, how can a meaningful build vs. buy cost-comparison be done?"
It's obvious that 2009 ushered in significant innovation in cloud computing and every CIO and their executive staff is starting to understand the benefits and drawbacks of various trends. The trick now is to figure out how decisions made today will impact your organization, and influence your roadmap over the next two to five years.
— Michael Singer, Senior Editor at Internet Evolution. is focused on executive (Executive Clan) and midmarket (Midmarket Clan) issues.
Mary - I have been surprised that some of the security concerns have not seen more innovation. When enterprises' networks have no connectivity, security was easy. But as Internet access grew security became an entreprise concern with most mid to large size enterprises doing at least annual penetration testing. Essentially white hack testing that tries to find the security holes.
As enterprises have adopted more and more cloud based services, there has not been a growth in a way to actively test the security of these services.
I've always viewed the cloud as an extension of the enterprise - not a replacement for and as such the same security testing you do internally needs to be considered for these cloud providers.
Freeze-dried beer and liquid steak? Man, you are making me hungry.
Indeed, these are the things low-carb dieters are seeking! =)
I'm also wondering what steps you would recommend to fixing the problem. Are standards to little, too late? Should early adoptors stop what they are doing until its better tested?
As for the issue of Standards, I'm SURE this is the way to go... but REAL STANDARDS not 'industry best practices' developed by the keepers of the keys, such as those the SNIA developed for storage or that the CSA is considering for cloud (storage), or even those the CCHIT is working on for healthcare information.
REAL Standards are those with an IEEE, ANSI, or ISO pedigree... developed in an open environment, consensus based, publicly reviewed, and able to be used and met by ANY and ALL interested parties, not just the select few that agree to "pay to play".
This second step is a tough call, but I think it may be the best course of action. There are no SLAs in place yet that put the blame for data exposure or loss of access strictly on the service providers, which means the clients had better have a SERIOUS dose of 'caveat emptor' in their toolkit, and they better be willing to shoulder all of the costs related to the impacts of one/both of the aforementioned possibilities.
Freeze-dried beer and liquid steak? Man, you are making me hungry.
That said, I admit that the industry is not there yet when it comes to fully realized cloud computing, but it seems to me that it took us awhile to adopt TCP-IP.
I'm also wondering what steps you would recommend to fixing the problem. Are standards to little, too late? Should early adoptors stop what they are doing until its better tested?
I'm not convinced of all the cloud hype either, but it does seem like a logical progression of networking. It's at least a great testing ground for the future data delivery and storage systems.
Whatever the industry, standards will have to exist before the full benefits of Cloud Computing will be realized.There will need to be business process standards that encapsulate the various processes, message format standards that define minimum message content, and minimum service level standards that define performance requirements.Just as a computer is constructed by combining the services of a hard drive, video card, cpu, etc. and connecting them all with a motherboard, IT services must be stitched together in order to meet the needs of an organization.It is naïve to believe a bunch of individually developed services without a common vision will arbitrarily meet the business requirements.Then again, it is said if you throw a million monkeys in a room with typewriters and let them bang away for a million years you will recreate all the great works.
Liquid steak might be easier to consume and digest, and MAY even taste similar, but it would take a HELLUVA marketing campaign to get folks to do more than just look at it though =)
Having drawn swords and done some intellectual sparring with the CSA folk, I can tell you they are all about the model but not about the detraction from it. And no matter how many people openly shriek that the Emperor has no clothes, they continue to parade down the street.
Give some thought to a range of clients from any number of industries, regulated and not, private and public, small to medium (and larger) all placing their information assets into this 'cloud'. Now, given the physical nature of storage devices (SAN, NAS, RAID, whatever) how do you develop a model that isolates everyones information from that of others... not virtually, but PHYSICALLY and ensures no data will be commingled in storage, in replicated sets, or in an offline backup?
And when any one (or more) of these clients get involved in some form of a lawsuit, and someone presents them with a discovery request to "produce all data related to..." and they have their meet and confer between parties and are rerquested to provide an ESI data map of their assets... how do they describe their 'cloud' stored assets and how they are managed?
Will the cloud providers be willing to come into these meetings and describe their structures and show how data is logically isolated and can be placed on a destruction moratorium to satisfy a legal hold? How it will not be further manipulated once notice is given? What about any other data in those clouds that occupies adjacent sectors, blades, whatever? And what about backups (possibly to off line tape repositories) that are sequentially generated to take advantage of real time capture and mix data belonging to multiple clients?
Next thought? Freeze dried beer.... it'll be easier to carry, you can just put it in your pocket, and it'll take a lot less room to store and also do away with that pesky refrigeration concern. =)
Power outages, from natural causes (system overload, transmission line failures, power grid issues, etc.) or disasters (earthquakes, floods, tornadoes, terrorist attack, etc) and the impact on clients being able to gain access to their information in the cloud. What would be worse... an unintentional exposure of your information to others or a complete loss of access to it for some unspecified amount ot time?
And the natural disaster scenario also comes with snacks to go with that freeze dried beer... communications failures. If by sattelite/tower/wireless, high winds or an earthquake can result in changes to the telemetry of physical devices involved in the transmission of signals, if by fiber optics or other cable services, earlier this year when someone sabotaged the fiber optics system in Silicon Valley it resulted in chaos for some financial clients and other high tech firms. Even 911 services were down.
I'm not saying never, or not in some cases, but the models have a long way to go before they are ready for prime time. Still a pipe smoke dream to me, and I'm not too sure what's in that pipe right now...
Both of you have valid concerns about security. Like all networks, there is no 100% way to prevent breaches and there are still a lot of unknowns.
The recently formed Cloud Security Alliance (CSA) seems to be on the right track. The group has about 25 members and is working with SACA, OWASP and the Jericho Forum. Earlier this month they teamed with the established Distributed Management Task Force (DMTF) to come up with best practices. We'll hear a ton more about it at the Open Group Conference in Seattle in 2010, I'm sure. The recommendation now, however is to use the cloud at your own comfort level.
I've spoken with startups, mid-tier and enterprise architects who have a strategy for cloud use and are definately taking steps to ensure pandemonium does not negatively impact their business.
That said, whether IT is ready for it, this elephant is walking. I see companies already taking off their blindfolds and making sure they're not stepped on.
...if organizations will ACTUALLY be adopting or will simply continue considering the vaporous technology.
While wikipedia and other sources have posted their definitions of cloud storage, cloud computing, etc. it's still a lot like the "Blind Men and the Elephant" in the real world.
As Mary mentioned, security is a real concern, especially when it comes to a "public cloud" or a "quasi-public cloud", but there are even similar concerns in a "private cloud" when it comes to applying access controls to certain content.
As you said, CIOs are giving consideration to it, but this is only one leg of the stool when it comes to managing an organization's information assets. The three primary legs are Records Management, Legal, and IT... and the fourth leg is the user community. Services, Rules, Tools and Access are the respective roles these functions serve in. Even Legal is starting to realize the need to form a team when establishing rules for managing information stored electronically.
The CIO is typically responsible for the IT function and services, but not for the information as an asset to the organization. This is why I prefer to see organizational structures more appropriately have a CTO, which is a more accurate title when it comes to describing the role this individual serves.
Certainly next year will be decisive in terms of cloud adoption. But that depends on whether the year will also be a watershed for solving the security concerns many execs have had surrounding this technique.
Once enterprises start demonstrating en masse that the security profile is as solid for clouds, particularly hybrid clouds, as it is for internal networks, wider adoption will accelerate, IMHO.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Where can you go to get up to speed on green tech, security, and cloud computing? Do you need to know how to optimize your enterprise, whether your focus is financial services, retail, healthcare, or smart grid?
Despite a lot of tire-kicking in the cloud computing marketplace earlier this year, many enterprises are still jittery about jumping headfirst into the technology.
Your data center is virtualized, but is your storage network? CIOs who have installed storage virtualization products are gaining great operational advantages, according to a new report.
Getting to Work on Smart Work: How IT Is Transforming the Implementation of the 'Internet of Things' Organizations in all industry sectors are becoming more instrumented, interconnected, and intelligent -- and that's changing the way they approach virtually every facet of their operations. It's up to IT to help organizations adopt a "Three I's" approach that leverages the emerging Internet of Things and enables them to work smarter. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Cloud computing is a challenge because it demands executives assess it at the right level of detail. Fusty old Verizon may be doing a better job of that than the Internet community.
How do you recognize an Internet bubble when you see one? Saunders explains how all bubbles have four symptoms in common – and takes a swipe at Google and Twitter into the bargain.
The sky is falling! And in other news, Saunders explains why he’s predicting a second Internet bubble – this one based around the current craze for social media.
We all know wireline networks will need more bandwidth in the future. But deciding how much more is an exceptionally difficult question for planners to answer.
Comcast and other broadband providers just might exempt content they own from counting against consumer Internet usage caps. Would that make their broadband services more desirable?
Google is feverishly trying to expand beyond its traditional search niche in order to please Wall Street. However, the company's recent moves could backfire.
A recent scandal involving a school's use of remotely activated Webcams to locate lost or stolen laptops may portend, not only legal action against the school, but also a loss of trust in video that is critical to developing video collaboration over the Internet.
Telcos are launching their app stores and development programs, but they need to do a lot more if they are to play a meaningful role in the Web applications development chain.
There's a public-policy war on copyright that nobody is winning, and inconsistencies in viewpoint and interpretation seem to be multiplying. We need to step back and think our policies over again, or we risk having a strategy that fails everyone.
Ultraviolet is an industry-wide attempt to standardize video content delivery across multiple platforms. Apart from the fact that it’s based in the cloud, relies on the DRM system, and isn’t backed by Apple… it sounds great!
The FCC's Sixth Broadband Report has a hidden secret. But here’s a hint: The regulatory body plans to regulate broadband as a telecommunications service.
Once defined by epic journeys, planning, and maps, the phrase "on the road" takes on new meaning in a digital age, where we can make all our decisions using our connected devices en route.
Digg
Del.icio.us
Reddit
Email This
TWEET THIS
