In the midst of the hype surrounding cloud computing it is sometimes difficult to remember that it is not the panacea, or silver bullet, for all IT service delivery issues. While it will be the right answer in certain, perhaps many, scenarios it will equally be the wrong answer for others.
Cloud computing is essentially just a new delivery model, a 21st century version of the time sharing and bureau functions of the 1980s with a number of commercial, technological and presentational upgrades.
Factors such as speed to market, lack of capital investment, utility/commodity pricing, elastic capacity and financial surety around charging methodologies are prompting many of today's leaders to see cloud as the perfect solution, but there is another group of executives for whom security, resilience, service levels and lock-in are very real concerns, and they are challenging this approach.
IT departments have expended considerable time, effort and cost in evolving from being a back-office function staffed by technologists to an established, business-focused change and delivery partner.
Central to this was the articulation and delivery of technology as a reliable, responsive and enduring service. It is the impact of cloud on these aspects rather than any technology issues that is giving rise to these challenges.
Security concerns in a multi-tenant public cloud environment have been raised by a number of experts, but in this case this is not the most significant of the issues raised. Of much more concern are the following:
- Even the largest private sector clients will be relatively small players in a public cloud environment, in particular in comparison to the providers. Organisations used to being the number-one customer, or at the very least in the top tier, of their chosen providers will have to adjust to the very different realities of the multi-tenant world.
- There is a requirement for a new supplier selection and governance process; it is not just the same old faces as before and the move from in-house or favoured-customer status to the world of commodity will require a major rethink on contracting and governance models
- There is a significant mismatch in service-level agreements (SLAs) between existing systems (tomorrow's legacy) and what is being offered for cloud-based services. Despite supplier promises around availability,y standard SLA targets still fall well short of current performance in more traditional delivery models.
- Integration with existing applications, such as ERP, has the potential to threaten stability and/or integrity of the existing applications or the performance/functionality/flexibility of the cloud applications.
- One of the most common concerns with existing delivery models and suppliers is the longer term implications of lock-in; mortgaging the future against short-term benefits. Exit plans in the cloud environment are very much in their infancy and the effectiveness of these embryonic plans has yet to be determined.
It is clear that moving forward, CIOs in large corporations are going to have to manage the expectations of two very different user communities:
- Those using, or about to use, the cloud who will "enjoy" the benefits but possibly unwittingly suffer the concerns;
- and those using legacy applications who will not realise the benefits of cloud, particularly around speed to market and utility pricing, but will continue to receive the reliable, robust services provided today.
These concerns are only on the radar of certain companies and individuals and there is a risk that they will be perceived as dinosaurs, unable to evolve to support the new world. However, it may be that this challenge highlights the last major hurdle for cloud providers to overcome in ensuring an evolutionary rather than revolutionary approach.
Andy Gallagher is head of the IT advisory service line at Serco Consulting.
This was first published in June 2011