In this Wall Street Journal CIO Report, Charles Weaver, CEO of the International Association of Cloud and Managed Service Providers (MSPAlliance), details various criteria to be considered when evaluating cloud service providers. Weaver suggests that we must have a globally accepted, universal standard and code of behavior in place for cloud service providers. Hello there, cloud regulation! While I am all for having a standard for cloud service providers, the criteria applied must be more specific to the cloud computing environment. Even though the general criteria used to evaluate service providers do apply to cloud service providers, the standard Weaver proposes must proactively address areas of concern specific to cloud computing.
Here are the top 5 criteria that I believe come closer to crystallizing the cloud service provider standard:
Strategy. Cloud service providers must have a comprehensive SOA strategy in place. I recently explain the reasons behind the unexpected growth of SOA based upon a post by Joe McKendrick in his ZDNet Service Oriented blog. Paul Calento added a comment in this ECIO Forum post - cloud computing is a catalyst for the increased adoption of SOA. This is because cloud is based upon the foundational SOA principles. Thus, it is extremely important for enterprises to ensure that the cloud service provider has an effective SOA strategy in place and understand what this strategy is.
Automation. Cloud computing is all about maximizing the effective usage of available resources, which in turn ensures an elastic environment that can effectively address fluctuating demands. Automation is key to timely allocation of the appropriate compute, network and storage resources, which in turn can impact the provider's overall service levels.
Security. Guess who is responsible when it comes to ensuring cloud security -- YOU! An integral part of this responsibility is to ensure that your cloud service providers have a secure environment as well. It is important to ascertain and understand the strategic and operational security measures they have in place. A simple question, for example, would be to check their level of automation in the DevOps space. As Lori McVittie outlines in her post, security attacks today are persistent and scalable thanks to automation. However, the operational response to these attacks is painstakingly manual today. You can be as vulnerable as your cloud service provider when it comes to security. Therefore, accountability must be clearly defined as Weaver outlines.
Tiers. As I outline in Computing to be 100% cloud, Joe McKendrick, who also blogs for Forbes, states “Some businesses emerging on the scene today are 100% cloud" – an interesting concept – 100% cloud. Some providers may just avail a cohesive set of cloud services to provide value-added services to their customers. How many tiers of service providers do they have to deal with? Or, in other words, how many potential points of failure? Multi-tiered service providers are likely to manifest themselves more so in cloud computing than traditional environments. This is similar to the Third Party Access criterion identified by Weaver.
Management. Cloud computing environments have an optimal mix of physical and virtual resources across a set of converged solutions deployed across multiple environments. Service Providers who use same tools for monitoring these resources are likely to be more agile in maintaining their service levels.
Weaver’s criteria provide a great foundation for evaluating cloud service providers. We must build upon this set with the ones I listed to reinforce this foundation and pave the way for a well-defined standard.
Waiting for such a standard to evolve is like waiting for Godot! The evolution of this standard can go much faster if it is driven by a standards body that certifies and audits cloud and managed services organizations. Does Weaver have such an organization in mind? Do you? Please let me know.
- HP Converged Cloud Solutions
- Three Industry Leaders Find their place in the Cloud
- Make it matter with HP Converged Cloud (Video)