Cloud providers service: Cloud Industry Forum aims to stop cowboys

As the cloud provider service market grows, so does the need to implement standards for hosting provider services. A FASTIiS exec discusses the Cloud Industry Forum, which aims to develop ethical standards for cloud computing providers.

Industry body The Federation Against Software Theft and Investors in Software (FASTIiS) has set up a Cloud Industry Forum (CIF) in a bid to protect the growing number of U.K. organisations that are turning towards a cloud provider service.

In this Q&A, John Lovelock, chief executive of FASTIiS, explains how the CIF aims to establish a code of conduct to help self-regulate the cloud provider service. industry, stamp out "cowboys" and clear confusion.

What is the Cloud Industry Forum?

John Lovelock: The CIF will bring together IT industry players and experts to draw up a code of conduct for cloud provider services in the UK. Bringing together the knowledge of members and consultants, the code of conduct is planned to be drawn up by mid-2010.

The role of the CIF is to work adjacent to the fast-moving industry and to ensure that the industry follows certain standards to deter potential cowboy operators and protect  customers from being misled.

We are pushing for this code of conduct to eventually have the same importance to cloud provider services as the Corgi mark has for central heating.

There is a desire not only from customers but from cloud service providers for a standard to help benchmark and validate  cloud-based services.

There are several standards already in place, such as for a standard to help benchmark and validate  Open Computing Alliance, for the standard to help benchmark and validate  Cloud Manifesto and the  Open Grid Forum, for the standards of the technology used, but we are pushing for more of an ethical code of conduct -- what you are getting for your bucks.

Why has FASTIiS launched this now?

Lovelock: Cloud computing is a growing market and is on the verge of becoming mainstream, but there is still a lack in clarity around its financial and operational aspects.

Assurances around security, confidentiality and SLAs [service-level agreements] are needed for potential cloud customers.

According to IDC, the cloud market is currently worth £10.7 billion globally, which is due to grow to £27 billion by 2013. Everyone wants a piece of this market – organised crime, in particular, will go for the cloud provider services space.

Customers need to make sure the cloud provider services they are paying for is not just two students that have left a fan running on two servers in their bedroom – this is not the standard of business continuity you are paying for.

Comparison and review websites of cloud provider services are not much help either. Many dodgy businesses write positive reviews themselves or pay other companies to write them for them. Many of the reviews are incorrect. How do you know what they are claiming is true? Some of the claims are ridiculous, like someone trying to sell you a 1948 model of a car and claiming it only has three miles on it – a blatant lie.

Who can join the CIF?

Lovelock: We are on the scout for  hosting providers and data centre operators. If you are a hosted infrastructure provider, you can join. So far there are about five to six organisations that are interested and agree there is a need for this. Andy Burton, chief executive of  Fast Host, is one of them.

Cloud provider services are something companies can benefit from, though not something to be avoided, right?

Lovelock: There are some great benefits to cloud computing, a major one being not needing to invest in hardware and software upfront, but you still need to know that you are secure, have SLAs in place, and what happens if the service goes down. If a company decides to put all its eggs in one basket, it is going to want tough assurances. If a company is using more than one managed provider, things can get even more complicated.

Cloud provider services do present many advantages to a company, but the business needs to be clear on what they are paying for and where their data is going. Transferring data needs to be transparent in relation to where it is going and where it is based. The truth needs to be revealed about where the service is based, and that it's not just going through a U.K. server and out to another country.

John Lovelock is the chief executive of The Federation Against Software Theft and Investors in Software (FASTIiS).

Kayleigh Bateman is the site editor for

Read more on Cloud computing services