Tag Archives: private cloud

Flying in the Cloud by the Seat of Our Pants

By Chris Harding, The Open Group

In the early days of aviation, when instruments were unreliable or non-existent, pilots often had to make judgments by instinct. This was known as “flying by the seat of your pants.” It was exciting, but error prone, and accidents were frequent. Today, enterprises are in that position with Cloud Computing.

Staying On Course

Flight navigation does not end with programming the flight plan. The navigator must check throughout the flight that the plane is on course.  Successful use of Cloud requires, not only an understanding of what it can do for the business, but also continuous monitoring that it is delivering value as expected. A change of service-level, for example, can have as much effect on a user enterprise as a change of wind speed on an aircraft.

The Open Group conducted a Cloud Return on Investment (ROI) survey in 2011. Then, 55 percent of those surveyed felt that Cloud ROI would be easy to evaluate and justify, although only 35 percent had mechanisms in place to do it. When we repeated the survey in 2012, we found that the proportion that thought it would be easy had gone down to 44 percent, and only 20 percent had mechanisms in place. This shows, arguably, more realism, but it certainly doesn’t show any increased tendency to monitor the value delivered by Cloud. In fact, it shows the reverse. The enterprise pilots are flying by the seats of their pants. (The full survey results are available at http://www.opengroup.org/sites/default/files/contentimages/Documents/cloud_roi_formal_report_12_19_12-1.pdf)

They Have No Instruments

It is hard to blame the pilots for this, because they really do not have the instruments. The Open Group published a book in 2011, Cloud Computing for Business, that explains how to evaluate and monitor Cloud risk and ROI, with spreadsheet examples. The spreadsheet is pretty much the state-of-the-art in Cloud ROI instrumentation.  Like a compass, it is robust and functional at a basic level, but it does not have the sophistication and accuracy of a satellite navigation system. If we want better navigation, we must have better systems.

There is scope for Enterprise Architecture tool vendors to fill this need. As the inclusion of Cloud in Enterprise Architectures becomes commonplace, and Cloud Computing metrics and their relation to ROI become better understood, it should be possible to develop the financial components of Enterprise Architecture modeling tools so that the business impact of the Cloud systems can be seen more clearly.

The Enterprise Flight Crew

But this is not just down to the architects. The architecture is translated into systems by developers, and the systems are operated by operations staff. All of these people must be involved in the procurement and configuration of Cloud services and their monitoring through the Cloud buyers’ life cycle.

Cloud is already bringing development and operations closer together. The concept of DevOps, a paradigm that stresses communication, collaboration and integration between software developers and IT operations professionals, is increasingly being adopted by enterprises that use Cloud Computing. This communication, collaboration and integration must involve – indeed must start with – enterprise architects, and it must include the establishment and monitoring of Cloud ROI models. All of these professionals must co-operate to ensure that the Cloud-enabled enterprise keeps to its financial course.

The Architect as Pilot

The TOGAF® architecture development method includes a phase (Phase G) in which the architects participate in implementation governance. The following Phase H is currently devoted to architecture change management, with the objectives of ensuring that the architecture lifecycle is maintained, the architecture governance framework is executed, and the Enterprise Architecture capability meets current requirements. Perhaps Cloud architects should also think about ensuring that the system meets its business requirements, and continues to do so throughout its operation. They can then revisit earlier phases of the architecture development cycle (always a possibility in TOGAF) if it does not.

Flying the Cloud

Cloud Computing compresses the development lifecycle, cutting the time to market of new products and the time to operation of new enterprise systems. This is a huge benefit. It implies closer integration of architecture, development and operations. But this must be supported by proper instrumentation of the financial parameters of Cloud services, so that the architecture, development and operations professionals can keep the enterprise on course.

Flying by the seat of the pants must have been a great experience for the magnificent men in the flying machines of days gone by, but no one would think of taking that risk with the lives of 500 passengers on a modern aircraft. The business managers of a modern enterprise should not have to take that risk either. We must develop standard Cloud metrics and ROI models, so that they can have instruments to measure success.

Dr. Chris Harding is Director for Interoperability and SOA at The Open Group. He has been with The Open Group for more than ten years, and is currently responsible for managing and supporting its work on interoperability, including SOA and interoperability aspects of Cloud Computing. He is a member of the BCS, the IEEE and the AEA, and is a certified TOGAF practitioner.

10 Comments

Filed under Cloud/SOA

The Cloud “Through a Glass, Darkly”

Results of The Open Group “State of the Industry” Cloud Survey

By Dr. Chris Harding, The Open Group

Cloud Computing has been a major topic of interest and excitement in the world of Information Technology for a couple of years now. This is time enough for enterprises to understand its impact, or so you would think. So how exactly are they planning to make use of this phenomenon?

Obtaining a clear view of a current cloud such as Cloud Computing is notoriously difficult. It is like trying to see the world outside clearly through the dirty, distorted windows that were commonplace in England in the 17th century, when the simile “as through a glass, darkly” became established. But the “State of the Industry” Cloud survey, released today by The Open Group, sheds light on the topic, and provides some interesting insights.

The Open Group is a vendor- and technology-neutral consortium of IT customers and vendors, with a strong focus on Enterprise Architecture. The State of the Industry survey captures the views of its customer side, which is well representative of the global IT user community. It gives us a good understanding of how user enterprises currently perceive the Cloud.

Cloud certainly has the users’ attention. Only 8% of survey respondents said that Cloud was not currently on their IT roadmap. But substantial take-up is only just starting. Nearly half of those for whom Cloud is on the roadmap have not yet begun to use it, and half of the rest have only started recently.

The respondents have a clear idea of how they will use the Cloud. The majority expect to have some element of private Cloud, with 29% saying that private Cloud would best meet their organisations’ business requirements, and 45% saying that hybrid Cloud would do so, as opposed to 17% for public Cloud. Only 9% were unsure.

They also have a clear view of the advantages and drawbacks. Cost, agility, and resource optimisation came out as the three main reasons for using Cloud Computing, with business continuity also a significant factor. Security, integration issues, and governance were the three biggest concerns, with ability to cope with change, vendor lock-in, cost to deploy, and regulatory compliance also being significant worries.

Return on Investment (ROI) is probably the most commonly used measure of success of a technical change, and The Open Group has produced a landmark White Paper “Building Return on Investment from Cloud Computing”. The survey respondents felt on balance (by 55% to 45%) that Cloud ROI should be easy to evaluate and justify. Cost, quality of delivered result, utilisation, speed of operation, and scale of operation were felt to be the most useful Cloud ROI metrics. But only 35% had mechanisms in place to measure Cloud ROI as opposed to 45% that did not, with the other 20% being unsure.

The question on the impact of Cloud produced the most striking of the survey’s results. While 82% said that they expected their Cloud initiatives to have significant impact on one or more business processes, only 28% said that they were prepared for these changes.

Cloud Computing is primarily a technical phenomenon, but it has the ability to transform business. Its lower cost and increased agility and speed of operation can dramatically improve profitability of existing business processes. More than this, and perhaps more importantly, it enables new ways of collaborative working and can support new processes. It is therefore not surprising that people do not yet feel fully prepared — but it is interesting that the survey should bring this point out quite so clearly.

The ability to transform business is the most exciting feature of the Cloud phenomenon. But users currently see it “through a glass darkly,” and perhaps with a measure of faith and hope. There is a lesson in this for industry consortia such as The Open Group. More needs to be done to develop understanding of the business impact of Cloud Computing, and we should focus on this, as well as on the technical possibilities.

To obtain a copy of the survey, download it here, or media may email us a request at opengrouppr@opengroup.org.

Cloud Computing is a major topic of discussion at The Open Group Conference, London, which is currently underway.

Dr. Chris Harding is Director for Interoperability and SOA at The Open Group. He has been with The Open Group for more than ten years, and is currently responsible for managing and supporting its work on interoperability, including SOA and interoperability aspects of Cloud Computing. Before joining The Open Group, he was a consultant, and a designer and development manager of communications software. With a PhD in mathematical logic, he welcomes the current upsurge of interest in semantic technology, and the opportunity to apply logical theory to practical use. He has presented at The Open Group and other conferences on a range of topics, and contributes articles to online journals. He is a member of the BCS, the IEEE, and AOGEA, and is a certified TOGAF® practitioner. Chris is based in the U.K.

6 Comments

Filed under Cloud/SOA

Creation of a strategy for the consumption and management of Cloud Services in the TOGAF® Preliminary Phase

By Serge Thorn, Architecting the Enterprise

In an article on my blog, Cloud Computing requires Enterprise Architecture and TOGAF 9 can show the way I described the need to define a strategy as an additional step in the TOGAF 9 Preliminary Phase. This article describes in more detail what could be the content of such a document, specifically, what are the governance activities related to the Consumption and Management of Cloud Services.

Before deciding to switch over to Cloud Computing, companies should first fully understand the concepts and implications of an internal IT investment or buying this as a service. There are different approaches, which may have to be considered from an enterprise level when Cloud Computing is considered: Public Cloud vs. Private Clouds vs. Hybrid Clouds. Despite the fact that many people already know what the differences are, below are some summaries of the various models:

  • A public Cloud is one in which the consumer of Cloud services and the provider of Cloud services exist in separate enterprises. The ownership of the assets used to deliver Cloud services remains with the provider
  • A private Cloud is one in which both the consumer of Cloud services and the provider of those services exist within the same enterprise. The ownership of the Cloud assets resides within the same enterprise providing and consuming Cloud services. It is really a description of a highly virtualized, on-premise data center that is behaving as if it were that of a public Cloud provider
  • A hybrid Cloud combines multiple elements of public and private Cloud, including any combination of providers and consumers

Once the major Business stakeholders understand the concepts, some initial decisions may have to be made and included in that document. The same may also apply to the various Cloud Computing categorisations such as diagrammed below:

The categories the enterprise may be interested in related to existing problems can already be included as a section in the document.

Quality Management

There is need of a system for evaluating performance, whether in the delivery of Cloud services or the quality of products provided to consumers, or customers. This may include:

  • A test planning and a test asset management from business requirements to defects
  • A Project governance and release decisions based on some standards such as Prince 2/PMI and ITIL
  • A Data quality control (all data uploaded to a Cloud Computing service provider must ensure it fits the requirements of the provider). This should be detailed and provided by the provider
  • Detailed and documented Business Processes as defined in ISO 9001:
    • Systematically defining the activities necessary to obtain a desired result
    • Establishing clear responsibility and accountability for managing key activities
    • Analyzing and measuring of the capability of key activities
    • Identifying the interfaces of key activities within and between the functions of the organization
    • Focusing on the factors such as resources, methods, and materials that will improve key activities of the organization
    • Evaluating risks, consequences and impacts of activities on customers, suppliers and other interested parties

Security Management

This would address and document specific topics such as:

  • Eliminating the need to constantly reconfigure static security infrastructure for a dynamic computing environment
  • Define how services are able to securely connect and reliably communicate with internal IT services and other public services
  • Penetration security checks
  • How a Security Management/System Management/Network Management teams monitor that security and the availability

Semantic Management

The amount of unstructured electronic information in an enterprise environment is growing rapidly. Business people have to collaboratively realise the reconciliation of their heterogeneous metadata and consequently the application of the derived business semantic patterns to establish alignment between the underlying data structures. The way this will be handled may also be included.

IT Service Management (ITIL)

IT Service Management or IT Operations teams will have to address many new challenges due to the Cloud. This will need to be addressed for some specific processes such as:

  • Incident Management
    • The Cloud provider must ensure that all outages or exceptions to normal operations are resolved as quickly as possible while capturing all of the details for the actions that were taken and are communicated to the customer.
  • Change Management
    • Strict change management practices must be adhered to and all changes implemented during approved maintenance windows must be tracked, monitored, and validated.
  • Configuration Management (Service Asset and…)
    • Companies who have a CMDB must provide this to the Cloud providers with detailed descriptions of the relationships between configuration items (CI)
    • CI relationships empowers change and incident managers need to determine that a modification to one service may impact several other related services and the components of those services
    • This provides more visibility into the Cloud environment, allowing consumers and providers to make more informed decisions not only when preparing for a change but also when diagnosing incidents and problems
  • Problem Management
    • The Cloud provider needs to identify the root cause analysis in case of problems

  • Service Level Management
    • Service Level Agreements (or Underpinning contracts) must be transparent and accessible to the end users.  The business representatives should be negotiating these agreements. They will need to effectively negotiate commercial, technical, and legal terms. It will be important to establish these concrete, measurable Service Level Agreements (SLAs). Without these, and  an effective means for verifying compliance, the damage from poor service levels will only be exacerbated
  • Vendor Management
    • Relationship between a vendor and their customers changes
    • Contractual arrangements
  • Capacity Management  and Availability Management
    • Reporting on performance

Other activities must be documented such as:

Monitoring

  • Monitoring will be a very important activity and should be described in the Strategy document. The assets and infrastructure that make up the Cloud service is not within the enterprise. They are owned by the Cloud providers, which will most likely have a focus on maximizing their revenue, not necessarily optimizing the performance and availability of the enterprise’s services. Establishing sound monitoring practices for the Cloud services from the outset will bring significant benefits in the long term. Outsourcing delivery of service does not necessarily imply that we can outsource the monitoring of that service. Besides, today very few Cloud providers are offering any form of service level monitoring to their customers. Quite often, they are providing the Cloud service but not proving that they are providing that service.
  • The resource usage and consumption must be monitored and managed in order to support strategic decision making
  • Whenever possible, the Cloud providers should furnish the relevant tools for management and reporting and take away the onerous tasks of patch management, version upgrades, high availability, disaster recovery and the like. This obviously will impact IT Service Continuity for the enterprise.
  • Service Measurement, Service Reporting and Service Improvement processes must be considered

Consumption and costs

  • Service usage (when and how) to determine the intrinsic value that the service is providing to the Business, and IT can also use this information to compute the Return On Investment for their Cloud Computing initiatives and related services. This would be related to the process IT Financial Management.

Risk Management

The TOGAF 9 risk management method should be considered to address the various risks associated such as:

  • Ownership, Cost, Scope, Provider relationship, Complexity, Contractual, Client acceptance, etc
  • Other risks should also be considered such as : Usability, Security (obviously…) and Interoperability

Asset Management and License Management

When various Cloud approaches are considered (services on-premise via the Cloud), hardware and software license management should be defined to ensure companies can meet their governance and contractual requirements

Transactions

Ensuring the safety of confidential data is a mission critical aspect of the business. Cloud Computing gives them concerns over the lack of control that they will have over company data, and does not enable them to monitor the processes used to organize the information.

Being able to manage the transactions in the Cloud is vital and Business transaction safety should be considered (recording, tracking, alerts, electronic signatures, etc…).

There may be other aspects, which should be integrated in this Strategy document that may vary according to the level of maturity of the enterprise or existing best practices in use.

When considering Cloud Computing, the Preliminary phase will include in the definition of the Architecture Governance Framework most of the touch points with other processes as described above. At completion, touch-points and impacts should be clearly understood and agreed by all relevant stakeholders.

This article has previously appeared in Serge Thorn’s personal blog.

Cloud will be a topic of discussion at The Open Group Conference, London, May 9-13. Join us for best practices, case studies and the future of information security, presented by preeminent thought leaders in the industry.

Serge Thorn is CIO of Architecting the Enterprise.  He has worked in the IT Industry for over 25 years, in a variety of roles, which include; Development and Systems Design, Project Management, Business Analysis, IT Operations, IT Management, IT Strategy, Research and Innovation, IT Governance, Architecture and Service Management (ITIL). He has more than 20 years of experience in Banking and Finance and 5 years of experience in the Pharmaceuticals industry. Among various roles, he has been responsible for the Architecture team in an international bank, where he gained wide experience in the deployment and management of information systems in Private Banking, Wealth Management, and also in IT architecture domains such as the Internet, dealing rooms, inter-banking networks, and Middle and Back-office. He then took charge of IT Research and Innovation (a function which consisted of motivating, encouraging creativity, and innovation in the IT Units), with a mission to help to deploy a TOGAF based Enterprise Architecture, taking into account the company IT Governance Framework. He also chaired the Enterprise Architecture Governance worldwide program, integrating the IT Innovation initiative in order to identify new business capabilities that were creating and sustaining competitive advantage for his organization. Serge has been a regular speaker at various conferences, including those by The Open Group. His topics have included, “IT Service Management and Enterprise Architecture”, “IT Governance”, “SOA and Service Management”, and “Innovation”. Serge has also written several articles and whitepapers for different magazines (Pharma Asia, Open Source Magazine). He is the Chairman of the itSMF (IT Service Management forum) Swiss chapter and is based in Geneva, Switzerland.

8 Comments

Filed under Cloud/SOA, TOGAF®

PODCAST: Cloud Computing panel forecasts transition phase for Enterprise Architecture

By Dana Gardner, Interabor Solutions

Listen to this recorded podcast here: BriefingsDirect-Open Group Cloud Panel Forecasts Transition Phase for Enterprise IT

The following is the transcript of a sponsored podcast panel discussion on newly emerging Cloud models and their impact on business and government, from The Open Group Conference, San Diego 2011.

Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions, and you’re listening to BriefingsDirect.

We now present a sponsored podcast discussion coming to you live from The Open Group 2011 Conference in San Diego. We’re here the week of February 7, and we have assembled a distinguished panel to examine the expectation of new types of cloud models and perhaps cloud specialization requirements emerging quite soon.

By now, we’re all familiar with the taxonomy around public cloud, private cloud, software as a service (SaaS), platform as a service (PaaS), and my favorite, infrastructure as a service (IaaS), but we thought we would do you all an additional service and examine, firstly, where these general types of cloud models are actually gaining use and allegiance, and we’ll look at vertical industries and types of companies that are leaping ahead with cloud, as we now define it. [Disclosure: The Open Group is a sponsor of BriefingsDirect podcasts.]

Then, second, we’re going to look at why one-size-fits-all cloud services may not fit so well in a highly fragmented, customized, heterogeneous, and specialized IT world.

How much of cloud services that come with a true price benefit, and that’s usually at scale and cheap, will be able to replace what is actually on the ground in many complex and unique enterprise IT organizations?

What’s more, we’ll look at the need for cloud specialization, based on geographic and regional requirements, as well as based on the size of these user organizations, which of course can vary from 5 to 50,000 seats. Can a few types of cloud work for all of them?

Please join me now in welcoming our panel. Here to help us better understand the quest for “fit for purpose” cloud balance and to predict, at least for some time, the considerable mismatch between enterprise cloud wants and cloud provider offerings we’re here with Penelope Gordon, the cofounder of 1Plug Corporation, based in San Francisco. Welcome, Penelope.

Penelope Gordon: Thank you.

Gardner: We’re also here with Mark Skilton. He is the Director of Portfolio and Solutions in the Global Infrastructure Services with Capgemini in London. Thank you for coming, Mark.

Mark Skilton: Thank you.

Gardner: Ed Harrington joins us. He is the Principal Consultant in Virginia for the UK-based Architecting the Enterprise organization. Thank you, Ed.

Ed Harrington: Thank you.

Gardner: Tom Plunkett is joining us. He is a Senior Solution Consultant with Oracle in Huntsville, Alabama.

Tom Plunkett: Thank you, Dana.

Gardner: And lastly, we’re here with TJ Virdi. He is Computing Architect in the CAS IT System Architecture Group at Boeing based in Seattle. Welcome.

TJ Virdi: Thank you.

Gardner: Let me go first to you, Mark Skilton. One size fits all has rarely worked in IT. If it has, it has been limited in its scope and, most often, leads to an additional level of engagement to make it work with what’s already there. Why should cloud be any different?

Three areas

Skilton: Well, Dana, from personal experience, there are probably three areas of adaptation of cloud into businesses. For sure, there are horizontal common services to which, what you call, the homogeneous cloud solution could be applied common to a number of business units or operations across a market.

But, we’re starting to increasingly see the need for customization to meet vertical competitive needs of a company or the decisions within that large company. So, differentiation and business models are still there, they are still in platform cloud as they were in the pre-cloud era.

But, the key thing is that we’re seeing a different kind of potential that a business can do now with cloud — a more elastic, explosive expansion and contraction of a business model. We’re seeing fundamentally the operating model of the business growing, and the industry can change using cloud technology.

So, there are two things going on in the business and the technologies are changing because of the cloud.

Gardner: Well, for us to understand where it fits best, and perhaps not so good, is to look at where it’s already working. Ed, you talked about the federal government. They seem to be going like gangbusters in the cloud. Why so?

Harrington: Perceived cost savings, primarily. The (US) federal government has done some analysis. In particular, the General Services Administration (GSA), has done some considerable analysis on what they think they can save by going to, in their case, a public cloud model for email and collaboration services. They’ve issued a $6.7 million contract to Unisys as the systems integrator, with Google being the cloud services supplier.

So, the debate over the benefits of cloud, versus the risks associated with cloud, is still going on quite heatedly.

Gardner: How about some other verticals? Where is this working? We’ve seen in some pharma, health-care, and research environments, which have a lot of elasticity, it makes sense, given that they have very variable loads. Any other suggestions on where this works, Tom?

Plunkett: You mentioned variable workloads. Another place where we are seeing a lot of customers approach cloud is when they are starting a new project. Because then, they don’t have to migrate from the existing infrastructure. Instead everything is brand new. That’s the other place where we see a lot of customers looking at cloud, your greenfields.

Gardner: TJ, any verticals that you are aware of? What are you seeing that’s working now?

Virdi: It’s not probably related with any vertical market, but I think what we are really looking for speed to put new products into the market or evolve the products that we already have and how to optimize business operations, as well as reduce the cost. These may be parallel to any vertical industries, where all these things are probably going to be working as a cloud solution.

Gardner: We’ve heard the application of “core and context” to applications, but maybe there is an application of core and context to cloud computing, whereby there’s not so much core and lot more context. Is that what you’re saying so far?

Unstructured data

Virdi: In a sense, you would have to measure not only the structured documents or structured data, but unstructured data as well. How to measure and create a new product or solutions is the really cool things you would be looking for in the cloud. And, it has proved pretty easy to put a new solution into the market. So, speed is also the big thing in there.

Gardner: Penelope, use cases or verticals where this is working so far?

Gordon: One example in talking about core and context is when you look in retail. You can have two retailers like a Walmart or a Costco, where they’re competing in the same general space, but are differentiating in different areas.

Walmart is really differentiating on the supply chain, and so it’s not a good candidate for public cloud computing solutions. We did discuss it that might possibly be a candidate for private cloud computing.

But that’s really where they’re going to invest in the differentiating, as opposed to a Costco, where it makes more sense for them to invest in their relationship with their customers and their relationship with their employees. They’re going to put more emphasis on those business processes, and they might be more inclined to outsource some of the aspects of their supply chain.

A specific example within retail is pricing optimization. A lot of grocery stores need to do pricing optimization checks once a quarter, or perhaps once a year in some of their areas. It doesn’t makes sense for smaller grocery store chains to have that kind of IT capability in house. So, that’s a really great candidate, when you are looking at a particular vertical business process to outsource to a cloud provider who has specific industry domain expertise.

Gardner: So for small and medium businesses (SMBs) that would be more core for them than others.

Gordon: Right. That’s an example, though, where you’re talking about what I would say is a particular vertical business process. Then, you’re talking about a monetization strategy and then part of the provider, where they are looking more at a niche strategy, rather than a commodity, where they are doing a horizontal infrastructure platform.

Gardner: Ed, you had a thought?

Harrington: Yeah, and it’s along the SMB dimension. We’re seeing a lot of cloud uptake in the small businesses. I work for a 50-person company. We have one “sort of” IT person and we do virtually everything in the cloud. We’ve got people in Australia and Canada, here in the States, headquartered in the UK, and we use cloud services for virtually everything across that. I’m associated with a number of other small companies and we are seeing big uptake of cloud services.

Gardner: Allow me to be a little bit of a skeptic, because I’m seeing these reports from analyst firms on the tens of billions of dollars in potential cloud market share and double-digit growth rates for the next several years. Is this going to come from just peripheral application context activities, mostly SMBs? What about the core in the enterprises? Does anybody have an example of where cloud is being used in either of those?

Skilton: In the telecom sector, which is very IT intensive, I’m seeing the emergence of their core business of delivering service to a large end user or multiple end user channels, using what I call cloud brokering.

Front-end cloud

So, if where you’re going with your question is that, certainly in the telecom sector we’re seeing the emergence of front end cloud, customer relationship management (CRM) type systems and also sort of back-end content delivery engines using cloud.

The fundamental shift away from the service orientated architecture (SOA) era is that we’re seeing more business driven self-service, more deployment of services as a business model, which is a big difference of the shift of the cloud. Particularly in telco, we’re seeing almost an explosion in that particular sector.

Gordon: A lot of companies don’t even necessarily realize that they’re using cloud services, particularly when you talk about SaaS. There are a number of SaaS solutions that are becoming more and more ubiquitous. If you look at large enterprise company recruiting sites, often you will see Taleo down at the bottom. Taleo is a SaaS. So, that’s a cloud solution, but it’s just not thought necessarily of in that context.

Gardner: Right. Tom?

Plunkett: Another place we’re seeing a lot of growth with regards to private clouds is actually on the defense side. The Defense Department is looking at private clouds, but they also have to deal with this core and context issue. We’re in San Diego today. The requirements for a shipboard system are very different from the land-based systems.

Ships have to deal with narrow bandwidth and going disconnected. They also have to deal with coalition partners or perhaps they are providing humanitarian assistance and they are dealing even with organizations we wouldn’t normally consider military. So, they have to deal with lots of information, assurance issues, and have completely different governance concerns that we normally think about for public clouds.

Gardner: However, in the last year or two, the assumption has been that this is something that’s going to impact every enterprise, and everybody should get ready. Yet, I’m hearing mostly this creeping in through packaged applications on a on-demand basis, SMBs, greenfield organizations, perhaps where high elasticity is a requirement.

What would be necessary for these cloud providers to be able to bring more of the core applications the large enterprises are looking for? What’s the new set of requirements? As I pointed out, we have had a general category of SaaS and development, elasticity, a handful of infrastructure services. What’s the next set of requirements that’s going to make it palatable for these core activities and these large enterprises to start doing this? Let me start with you, Penelope.

Gordon: It’s an interesting question and it was something that we were discussing in a session yesterday afternoon. Here is a gentleman from a large telecommunications company, and from his perspective, trust was a big issue. To him, part of it was just an immaturity of the market, specifically talking about what the new style of cloud is and that branding. Some of the aspects of cloud have been around for quite some time.

Look at Linux adoption as an analogy. A lot of companies started adopting Linux, but it was for peripheral applications and peripheral services, some web services that weren’t business critical. It didn’t really get into the core enterprise until much later.

We’re seeing some of that with cloud. It’s just a much bigger issue with cloud, especially as you start looking at providers wanting to moving up the food chain and providing greater value. This means that they have to have more industry knowledge and that they have to have more specialization. It becomes more difficult for large enterprises to trust a vendor to have that kind of knowledge.

No governance

Another aspect of what came up in the afternoon is that, at this point, while we talk about public cloud specifically, it’s not the same as saying it’s a public utility. We talk about “public utility,” but there is no governance, at this point, to say, “Here is certification that these companies have been tested to meet certain delivery standards.” Until that exists, it’s going to be difficult for some enterprises to get over that trust issue.

Gardner: Assuming that the trust and security issues are worked out over time, that experience leads to action, it leads to trust, it leads to adoption, and we have already seen that with SaaS applications. We’ve certainly seen it with the federal government, as Ed pointed out earlier.

Let’s just put that aside as one of the requirements that’s already on the drawing board and that we probably can put a checkmark next to at some point. What’s next? What about customization? What about heterogeneity? What about some of these other issues that are typical in IT, Mark Skilton?

Skilton: One of the under-played areas is PaaS. We hear about lock-in of technology caused by the use of the cloud, either putting too much data in or doing customization of parameters and you lose the elastic features of that cloud.

As to your question about what do vendors or providers need to do more to help the customer use the cloud, the two things we’re seeing are: one, more of an appliance strategy, where they can buy modular capabilities, so the licensing issue, solutioning issue, is more contained. The client can look at it more in a modular appliance sort of way. Think of it as cloud in a box.

The second thing is that we need to be seeing is much more offering transition services, transformation services, to accelerate the use of the cloud in a safe way, and I think that’s something that we need to really push hard to do. There’s a great quote from a client, “It’s not the destination, it’s the journey to the cloud that I need to see.”

Gardner: You mentioned PaaS. We haven’t seen too much yet with a full mature offering of the full continuum of PaaS to IaaS. That’s one where new application development activities and new integration activities would be built of, for, and by the cloud and coordinated between the dev and the ops, with the ops being any number of cloud models — on-premises, off-premises, co-lo, multi-tenancy, and so forth.

So what about that? Is that another requirement that there is continuity between the past and the infrastructure and deployment, Tom?

Plunkett: We’re getting there. PaaS is going to be a real requirement going forward, simply because that’s going to provide us the flexibility to reach some of those core applications that we were talking about before. The further you get away from the context, the more you’re focusing on what the business is really focused in on, and that’s going to be the core, which is going to require effective PaaS.

Gardner: TJ.

More regulatory

Virdi: I want to second that, but at the same time, we’re looking for more regulatory and other kind of licensing and configuration issues as well. Those also make it a little better to use the cloud. You don’t really have to buy, or you can go for the demand. You need to make your licenses a little bit better in such a way that you can just put the product or business solutions into the market, test the water, and then you can go further on that.

Gardner: Penelope, where do you see any benefit of having a coordinated or integrated platform and development test and deploy functions? Is that going to bring this to a more core usage in large enterprises?

Gordon: It depends. I see a lot more of the buying of cloud moving out to the non-IT line of business executives. If that accelerates, there is going to be less and less focus. Companies are really separating now what is differentiating and what is core to my business from the rest of it.

There’s going to be less emphasis on, “Let’s do our scale development on a platform level” and more, “Let’s really seek out those vendors that are going to enable us to effectively integrate, so we don’t have to do double entry of data between different solutions. Let’s look out for the solutions that allow us to apply the governance and that effectively let us tailor our experience with these solutions in a way that doesn’t impinge upon the provider’s ability to deliver in a cost effective fashion.”

That’s going to become much more important. So, a lot of the development onus is going to be on the providers, rather than on the actual buyers.

Gardner: Now, this is interesting. On one hand, we have non-IT people, business people, specifying, acquiring, and using cloud services. On the other hand we’re perhaps going to see more PaaS, the new application development, be it custom or more of a SaaS type of offering that’s brought in with a certain level of adjustment and integration. But, these are going off without necessarily any coordination. At some point, they are going to even come together. It’s inevitable, another “integrationness” perhaps.

Mark Skilton, is that what you see, that we have not just one cloud approach but multiple approaches and then some need to rationalize?

Skilton: There are two key points. There’s a missing architecture practice that needs to be there, which is a workers analysis, so that you design applications to fit specific infrastructure containers, and you’ve got a bridge between the the application service and the infrastructure service. There needs to be a piece of work by enterprise architects that starts to bring that together as a deliberate design for applications to be able to operate in the cloud, and the PaaS platform is a perfect environment.

The second thing is that there’s a lack of policy management in terms of technical governance, and because of the lack of understanding, there needs to be more of a matching exercise going on. The key thing is that that needs to evolve.

Part of the work we’re doing in The Open Group with the Cloud Computing Work Group is to develop new standards and methodologies that bridge those gaps between infrastructure, PaaS, platform development, and SaaS.

Gardner: We already have the Trusted Technology Forum. Maybe soon we’ll see an open trusted cloud technology forum.

Skilton: I hope so.

Gardner: Ed Harrington, you mentioned earlier that the role of the enterprise architect is going to benefit from cloud. Do you see what we just described in terms of dual tracks, multiple inception points, heterogeneity, perhaps overlap and redundancy? Is that where the enterprise architect flourishes?

Shadow IT

Harrington: I think we talked about line management IT getting involved in acquiring cloud services. If you think we’ve got this thing called “shadow IT” today, wait a few years. We’re going to have a huge problem with shadow IT.

From the architect’s perspective, there’s lot to be involved with and a lot to play with, as I said in my talk. There’s an awful lot of analysis to be done — what is the value that the cloud solution being proposed is going to be supplying to the organization in business terms, versus the risk associated with it? Enterprise architects deal with change, and that’s what we’re talking about. We’re talking about change, and change will inherently involve risk.

Gardner: TJ.

Virdi: All these business decisions are going to be coming upstream, and business executives need to be more aware about how cloud could be utilized as a delivery model. The enterprise architects and someone with a technical background needs to educate or drive them to make the right decisions and choose the proper solutions.

It has an impact how you want to use the cloud, as well as how you get out of it too, in case you want to move to different cloud vendors or providers. All those things come into play upstream rather than downstream.

Gardner: We all seem to be resigned to this world of, “Well, here we go again. We’re going to sit back and wait for all these different cloud things to happen. Then, we’ll come in, like the sheriff on the white horse, and try to rationalize.” Why not try to rationalize now before we get to that point? What could be done from an architecture standpoint to head off mass confusion around cloud? Let me start at one end and go down the other. Tom?

Plunkett: One word: governance. We talked about the importance of governance increasing as the IT industry went into SOA. Well, cloud is going to make it even more important. Governance throughout the lifecycle, not just at the end, not just at deployment, but from the very beginning.

Gardner: TJ.

Virdi: In addition to governance, you probably have to figure out how you want to plan to adapt to the cloud also. You don’t want to start as a Big Bang theory. You want to start in incremental steps, small steps, test out what you really want to do. If that works, then go do the other things after that.

Gardner: Penelope, how about following the money? Doesn’t where the money flows in and out of organizations tend to have a powerful impact on motivating people or getting them moving towards governance or not?

Gordon: I agree, and towards that end, it’s enterprise architects. Enterprise architects need to break out of the idea of focusing on how to address the boundary between IT and the business and talk to the business in business terms.

One way of doing that that I have seen as effective is to look at it from the standpoint of portfolio management. Where you were familiar with financial portfolio management, now you are looking at a service portfolio, as well as looking at your overall business and all of your business processes as a portfolio. How can you optimize at a macro level for your portfolio of all the investment decisions you’re making, and how the various processes and services are enabled? Then, it comes down to, as you said, a money issue.

Gardner: Perhaps one way to head off what we seem to think is an inevitable cloud chaos situation is to invoke more shared services, get people to consume services and think about how to pay for them along the way, regardless of where they come from and regardless of who specified them. So back to SOA, back to ITIL, back to the blocking and tackling that’s just good enterprise architecture. Anything to add to that, Mark?

Not more of the same

Skilton: I think it’s a mistake to just describe this as more of the same. ITIL, in my view, needs to change to take into account self-service dynamics. ITIL is kind of a provider service management process. It’s thing that you do to people. Cloud changes that direction to the other way, and I think that’s something that needs to be done.

Also, fundamentally the data center and network strategies need to be in place to adopt cloud. From my experience, the data center transformation or refurbishment strategies or next generation networks tend to be done as a separate exercise from the applications area. So a strong, strong recommendation from me would be to drive a clear cloud route map to your data center.

Gardner: So, perhaps a regulating effect on the self-selection of cloud services would be that the network isn’t designed for it and it’s not going to help.

Skilton: Exactly.

Gardner: That’s one way to govern your cloud. Ed Harrington, any other further thoughts on working towards a cloud future without the pitfalls?

Harrington: Again, the governance, certification of some sort. I’m not in favor of regulation, but I am in favor of some sort of third party certification of services that consumers can rely upon safely. But, I will go back to what I said earlier. It’s a combination of governance, treating the cloud services as services per se, and enterprise architecture.

Gardner: What about the notion that was brought up earlier about private clouds being an important on-ramp to this? If I were a public cloud provider, I would do my market research on what’s going on in the private clouds, because I think they are going to be incubators to what might then become hybrid and ultimately a full-fledged third-party public cloud providing assets and services.

What can we learn from looking at what’s going on with private cloud now, seemingly a lot of trying to reduce cost and energy consumption, but what does that tell us about what we should expect in the next few years? Again, let’s start with you, Tom.

Plunkett: What we’re seeing with private cloud is that it’s actually impacting governance, because one of the things that you look at with private cloud is chargeback between different internal customers. This is forcing these organizations to deal with complex money, business issues that they don’t really like to do.

Nowadays, it’s mostly vertical applications, where you’ve got one owner who is paying for everything. Now, we’re actually going back to, as we were talking about earlier, dealing with some of the tricky issues of SOA.

Gardner: TJ, private cloud as an incubator. What we should expect?

Securing your data

Virdi: Configuration and change management — how in the private cloud we are adapting to it and supporting different customer segments is really the key. This could be utilized in the public cloud too, as well as how you are really securing your information and data or your business knowledge. How you want to secure that is key, and that’s why the private cloud is there. If we can adapt to or mimic the same kind of controls in the public cloud, maybe we’ll have more adoptions in the public cloud too.

Gardner: Penelope, any thoughts on that, the private to public transition?

Gordon: I also look at it in a little different way. For example, in the U.S., you have the National Security Agency (NSA). For a lot of what you would think of as their non-differentiating processes, for example payroll, they can’t use ADP. They can’t use that SaaS for payroll, because they can’t allow the identities of their employees to become publicly known.

Anything that involves their employee data and all the rest of the information within the agency has to be kept within a private cloud. But, they’re actively looking at private cloud solutions for some of the other benefits of cloud.

In one sense, I look at it and say that private cloud adoption to me tells a provider that this is an area that’s not a candidate for a public-cloud solution. But, private clouds could also be another channel for public cloud providers to be able to better monetize what they’re doing, rather than just focusing on public cloud solutions.

Gardner: So, then, you’re saying this is a two-way street. Just as we could foresee someone architecting a good private cloud and then looking to take that out to someone else’s infrastructure, you’re saying there is a lot of public services that for regulatory or other reasons might then need to come back in and be privatized or kept within the walls. Interesting.

Mark Skilton, any thoughts on this public-private tension and/or benefit?

Skilton: I asked an IT service director the question about what was it like running a cloud service for the account. This is a guy who had previously been running hosting and management and with many years experience.

The surprising thing was that he was quite shocked that the disciplines that he previously had for escalating errors and doing planned maintenance, monitoring, billing and charging back to the customer fundamentally were changing, because it had to be done more in real time. You have to fix before it fails. You can’t just wait for it to fail. You have to have a much more disciplined approach to running a private cloud.

The lessons that we’re learning in running private clouds for our clients is the need to have a much more of a running-IT-as-a-business ethos and approach. We find that if customers try to do it themselves, either they may find that difficult, because they are used to buying that as a service, or they have to change their enterprise architecture and support service disciplines to operate the cloud.

Gardner: Perhaps yet another way to offset potential for cloud chaos in the future is to develop the core competencies within the private-cloud environment and do it sooner rather than later? This is where you can cut your teeth or get your chops, some number of metaphors come to mind, but this is something that sounds like a priority. Would you agree with that Ed, coming up with a private-cloud capability is important?

Harrington: It’s important, and it’s probably going to dominate for the foreseeable future, especially in areas that organizations view as core. They view them as core, because they believe they provide some sort of competitive advantage or, as Penelope was saying, security reasons. ADP’s a good idea. ADP could go into NSA and set up a private cloud using ADP and NSA. I think is a really good thing.

Trust a big issue

But, I also think that trust is still a big issue and it’s going to come down to trust. It’s going to take a lot of work to have anything that is perceived by a major organization as core and providing differentiation to move to other than a private cloud.

Gardner: TJ.

Virdi: Private clouds actually allow you to make more business modular. Your capability is going to be a little bit more modular and interoperability testing could happen in the private cloud. Then you can actually use those same kind of modular functions, utilize the public cloud, and work with other commercial off-the-shelf (COTS) vendors that really package this as new holistic solutions.

Gardner: Does anyone consider the impact of mergers and acquisitions on this? We’re seeing the economy pick up, at least in some markets, and we’re certainly seeing globalization, a very powerful trend with us still. We can probably assume, if you’re a big company, that you’re going to get bigger through some sort of merger and acquisition activity. Does a cloud strategy ameliorate the pain and suffering of integration in these business mergers, Tom?

Plunkett: Well, not to speak on behalf of Oracle, but we’ve gone through a few mergers and acquisitions recently, and I do believe that having a cloud environment internally helps quite a bit. Specifically, TJ made the earlier point about modularity. Well, when we’re looking at modules, they’re easier to integrate. It’s easier to recompose services, and all the benefits of SOA really.

Gardner: TJ, mergers and acquisitions in cloud.

Virdi: It really helps. At the same time, we were talking about legal and regulatory compliance stuff. EU and Japan require you to put the personally identifiable information (PII) in their geographical areas. Cloud could provide a way to manage those things without having the hosting where you have your own business.

Gardner: Penelope, any thoughts, or maybe even on a slightly different subject, of being able to grow rapidly vis-à-vis cloud experience and expertise and having architects that understand it?

Gordon: Some of this comes back to some of the discussions we were having about the extra discipline that comes into play, if you are going to effectively consume and provide cloud services, if you do become much more rigorous about your change management, your configuration management, and if you then apply that out to a larger process level.

So, if you define certain capabilities within the business in a much more modular fashion, then, when you go through that growth and add on people, you have documented procedures and processes. It’s much easier to bring someone in and say, “You’re going to be a product manager, and that job role is fungible across the business.”

That kind of thinking, the cloud constructs applied up at a business architecture level, enables a kind of business expansion that we are looking at.

Gardner: Mark Skilton, thoughts about being able to manage growth, mergers and acquisitions, even general business agility vis-à-vis more cloud capabilities.

Skilton: Right now, I’m involved in merging in a cloud company that we bought last year in May, and I would say yes and no. The no point is that I’m trying to bundle this service that we acquired in each product and with which we could add competitive advantage to the services that we are offering. I’ve had a problem with trying to bundle that into our existing portfolio. I’ve got to work out how they will fit and deploy in our own cloud. So, that’s still a complexity problem.

Faster launch

But, the upside is that I can bundle that service that we acquired, because we wanted to get that additional capability, and rewrite design techniques for cloud computing. We can then launch that bundle of new service faster into the market.

It’s kind of a mixed blessing with cloud. With our own cloud services, we acquire these new companies, but we still have the same IT integration problem to then exploit that capability we’ve acquired.

Gardner: That might be a perfect example of where cloud is or isn’t. When you run into the issue of complexity and integration, it doesn’t compute, so to speak.

Skilton: It’s not plug and play yet, unfortunately.

Gardner: Ed, what do you think about this growth opportunity, mergers and acquisitions, a good thing or bad thing?

Harrington: It’s a challenge. I think, as Mark presented it, it’s got two sides. It depends a lot on how close the organizations are, how close their service portfolios are, to what degree has each of the organizations adapted the cloud, and is that going to cause conflict as well. So I think there is potential.

Skilton: Each organization in the commercial sector can have different standards, and then you still have that interoperability problem that we have to translate to make it benefit, the post merger integration issue.

Gardner: We’ve been discussing the practical requirements of various cloud computing models, looking at core and context issues where cloud models would work, where they wouldn’t. And, we have been thinking about how we might want to head off the potential mixed bag of cloud models in our organizations and what we can do now to make the path better, but perhaps also make our organizations more agile, service oriented, and able to absorb things like rapid growth and mergers.

I’d like to thank you all for joining and certainly want to thank our guests. This is a sponsored podcast discussion coming to you from The Open Group’s 2011 Conference in San Diego. We’re here the week of February 7, 2011. A big thank you now to Penelope Gordon, cofounder of 1Plug Corporation. Thanks.

Gordon: Thank you.

Gardner: Mark Skilton, Director of Portfolio and Solutions in the Global Infrastructure Services with Capgemini. Thank you, Mark.

Skilton: Thank you very much.

Gardner: Ed Harrington, Principal Consultant in Virginia for the UK-based Architecting the Enterprise.

Harrington: Thank you, Dana.

Gardner: Tom Plunkett, Senior Solution Consultant with Oracle. Thank you.

Plunkett: Thank you, Dana.

Gardner: TJ Virdi, the Computing Architect in the CAS IT System Architecture group at Boeing.

Virdi: Thank you.

Gardner: I’m Dana Gardner, Principal Analyst at Interarbor Solutions. You’ve been listening to a sponsored BriefingsDirect podcast. Thanks for joining, and come back next time.

Copyright The Open Group and Interarbor Solutions, LLC, 2005-2011. All rights reserved.

Dana Gardner is the Principal Analyst at Interarbor Solutions, which identifies and interprets the trends in Services-Oriented Architecture (SOA) and enterprise software infrastructure markets. Interarbor Solutions creates in-depth Web content and distributes it via BriefingsDirectblogs, podcasts and video-podcasts to support conversational education about SOA, software infrastructure, Enterprise 2.0, and application development and deployment strategies.

Comments Off

Filed under Cloud/SOA, Enterprise Architecture