When it comes to cloud computing, users are excited about the self-service freedom, scalability, availability, flexibility and the pleasure of not having to deal with hardware and software issues. Due to these benefits, adoption is quickly accelerating. This is an irreversible trend.
However, business leaders are worried about cloud security – having the need to control the applications and data from falling in the hands of unauthorized users. Being in such control is no easy task. Is it possible to exercise restraint or direct influence over cloud computing technologies? If so, how? It all starts with having a clear view of customer responsibilities and the cloud provider’s responsibilities – regardless of using a public, private or hybrid cloud model.
Let’s explore how these responsibilities fit together and help deliver the freedom and control that both IT and business leaders need.
Your Responsibilities in the Cloud
Define your business problem. This is your first responsibility. What business problem are you trying to solve using cloud computing technologies? What business unit is serving this need? Will this application run in the cloud without extra work? Not all clouds are created equal. Some clouds are ready to run your applications unchanged from day one. Some require you to tweak them. Knowing the difference will help you be clear about how quickly you can attack the business problem.
Identify your application and process requirements. This is equally a crucial responsibility. Be clear about the nature of the application, the development process you want to use, and the roles and access permissions for each user. The cloud model is ideal for transforming monolithic, linear and slow development processes into a fluid, parallel and agile development process. You can empower your teams with a self-service solution that enables them to run copies of the same environment in parallel. This can lead to breakthrough productivity when used correctly. However, it can also lead to an abundance of wasted resources. Being clear about the nature of the application is essential for success.
Establish success factors. Much like a good tailor or a carpenter, be ready to measure twice and cut once. Before jumping into implementation, consider: What does success look like? Can you improve the agility of the development process? Do you want to increase the availability of your applications? Do you need remote collaboration? How quickly do you need to be up and running? What are your availability and reliability needs? Often, customers want their cloud solution to be available where and when they need it, something their applications may not require. Having realistic parameters will help you find the solution that meets your budget and payback time frame. To accelerate your move to the cloud and to be successful, you should define these success factors up front.
Define data and application security. This is one of the most overlooked customer responsibilities of cloud computing. Be clear about who in your company you can trust to use the cloud, and empower these people. What role will they take in the cloud model? Are they clear about the nature of the application and data they are planning to bring to the cloud? Do they understand how to protect your data? Do they understand your password policies? By being clear about these security factors early on, you can specify the requirements that will define your cloud success and ensure your piece of mind.
Once you are clear about these responsibilities, the cloud provider’s responsibilities begin.
Cloud Provider Responsibilities
Cloud computing is all about delivering self-service, scalability, speed, security and cost efficiencies without requiring huge implementation hurdles. Your solution provider must demonstrate these capabilities from the start and deliver success every step of the way.
Self-service. The cloud offer must be ready to go from day one. Can the solution you are considering implement the applications and business process you have in mind? Or will the provider require you to rewrite the app or change the process? Will your users require training? Or, are they empowered with a self-service Web interface? These parameters can be the difference between rapid user adoption and a slow adoption.
Scale and speed. A well-architected cloud solution will deliver the unique combination of scale and speed required. It will give you the resources at a scale you need, and on-demand. This will enable your team to run multiple instances in parallel, snapshot, suspend/resume, publish, collaborate and accelerate the business cycle.
Reliability and availability. The provider has the responsibility to make the system reliable and available. Often characterized as service level agreements, the provider should clearly set operational expectations (such as 99.9 percent availability) with the customer.
Security. Your cloud provider must provide you with a good overview of their security technology and processes. This should include:
- Application and data transportability – Does your provider allow you to bring in existing applications, data and processes into the cloud? And just as easily, do they allow you to move it back?
- Data center physical security – How does the vendor protect the physical data centers? Do they have trained and skilled data center operators?
- Access and operations security - Your provider must be clear about how access to physical machines is controlled. Who is able to access these machines? How are they managed?
- Virtual data center security – Most cloud efficiencies, in terms of scale and speed, comes from how the cloud is architected. Your cloud provider must describe to you how the individual pieces – the compute nodes, network nodes and storage nodes are architected, how they are integrated and secured.
- Application and data security – To implement your policies, the cloud solution must enable you to define groups, roles with granular role based access control, proper password policies and data encryption (in transit and at rest).
Cost efficiencies. Cloud does not require upfront commitments. Unlike a managed service or a hosting solution, cloud technology automates the back-end systems, and therefore can operate large resource pools without big human costs. That should translate into real cost savings for you.
By carefully aligning your responsibilities with those of a cloud provider, you can get the visibility and control needed to empower people and govern the process and technology you choose. This can result in huge productivity gains for your users with the cloud control you seek to run your business.
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access