(This article is part one of a two-part series on Cloud Computing and its usage by companies located in Richmond, Virginia)
Plying the stormy cloud sea toward reality has been a challenge for business and IT folks alike. Buffeted by gales of white papers, webinars and sales-speak we cling grimly to the wheel of our organization as we attempt to find a gleaming beacon of true direction in the tempest-tossed marketplace. It doesn’t help that the captain had to be tied to the mast after listening to too many slick marketing campaigns.
In an attempt to cut through the hype and educate myself outside the vendor sales pitches, I attended the latest AITP meeting on Cloud Computing. Local companies, with an international presence, were gathered to discuss their usage of the cloud as well as their rationale for choosing that solution. Also, two vendors were on hand to give their perspective on current and future use of cloud computing.
The panel consisted of Chris Burroughs,VP IT Infrastructure Services at Mondial Assistance. Ms. Burroughs has worked with the cloud model since the Application Service Provider (ASP) days. Another panelist was Mark A. Eichenberger, Office 365 Specialist from Microsoft Corporation. Mr. Eichenberger provides a variety of cloud solutions (Private, Hybrid, Public) to his customers. The next panelist was Chet Loveland, Chief Information Security Officer for MeadWestvaco. Mr. Loveland’s organization currently has near 18,000 users using Corporate Gmail. Chuck McBride, Sr. Global Infrastructure Manager of Tredegar Film Products was on hand to discuss his firm’s early cloud adoption strategy. The final panelist was Jason Karnes, Cloud Architect at VMware. Mr. Karnes works within the vCloud Datacenter.
Mr. Karnes and Eichenberger kicked off the discussion with a high-level overview of what the “Cloud” actually encompasses. Cloud services are on-demand and are self-service oriented. They have broad network access (accessible from nearly everywhere). Resources can be pooled, including staff with certain expertise as well as computing and storage capabilities. The Cloud has “rapid elasticity” meaning the services can be quickly scaled to meet a sudden demand then dialed back down after the peak demand has passed. Finally, it is a measured service (you pay for only what you use).
The panelists were queried as to why their respective companies first pursued their cloud strategy. Ms. Burroughs stated that Mondial did not pursue cloud for Return on Investment (ROI) purposes, but to meet growing demand for their services in an environment where the IT staff was overworked or lacked requisite expertise on certain technologies. The Cloud route provided Mondial with the ability to scale to meet high demand and then reduce their footprint after a peak period had passed. Also a cloud strategy allowed Mondial access to IT skills they did not possess in-house. Finally the cloud route gave Mondial the ability to test the feasibility of new service offerings such as Computer Telephone Integration (CTI) without a large upfront capital investment.
Mr. McBride stated that ROI was a driving factor in Tredegar’s decision to pursue a cloud strategy. A part of that ROI analysis was the issue of hiring additional IT staff with the requisite experience. That additional cost to was deemed prohibitive to Tredegar leadership, which lead to the embracing of the moving systems to the cloud.
Mark Eichenberger then stated that in consulting with clients for Microsoft’s cloud solution, ROI plays an important role. However the flexibility and speed of cloud solutions allows an organization to accomplish Merger and Acquisition (M&A) activity far quicker (from months to weeks). Also, organizations do not have to go through a full capital procurement process for a cloud service, which means quicker time to market for new customer solutions.
VMWare’s Jason Karnes validated Mr. McBrides point that hardware, software and staff are key areas of cost savings. However for a True Cost of Ownership (TCO) organizations should factor in risk mitigation and cost avoidance savings. For example, a cloud computing solution solves capacity planning concerns since the service can be scaled up and down to meet demand. Also, data stored in the Cloud is a way to meet disaster recovery, business continuity and redundancy goals.
I’ll break in here and mention that the recent Google Blogger fiasco adds a caveat to Mr. Karnes assertion about Disaster Recovery and Business Continuity. When Blogger died in the Cloud, there was no way for users to access their data so they were out of luck for four days. A strategy to consider is to always keep a local copy of your data. If Google Apps one day decides to die because of “data corruption” you do not want to be stuck without access to important documents. I would say the potential for an incident like this is moderately high since Google has already had a similar situation with Gmail.
The next question was concerned with the difference between Public, Private and Hybrid Clouds. To provide some perspective, a Public Cloud is where organizations/users share computing power and space with others (multi-tenant). However the applications or data are only accessible to authorized users/organizations even though the applications and the data resides on the same storage. A Private Cloud is designed and operated just for a specific organization or user. There is no sharing of resources amongst multiple organizations. Finally, a Hybrid Cloud is a mix of Public and Private cloud infrastructure. These clouds are separate but use the same standards and technology, allowing the data to be portable. The primary reason behind the hybrid cloud model is to reduce the risk of relying on a single cloud (single point of failure).
Chuck McBride stated that a large number of people already have experience with Public Clouds (Gmail, Office 365, Yahoo). Chris Burroughs stated that Mondial pursues a Public and Private cloud strategy for multiple services. Currently the organization uses Cloud platforms for data backup, customer service applications and some managed security services.
I’ll stop here and in Part Two of the series I will cover information security, best practices, risk and vendor management for Cloud Computing. Please leave your thoughts below in the comments and stay tuned!