Enterprise Services Blog
Get the latest thought leadership and information about the role of Enterprise Services in an increasingly interconnected world at HP Communities.

All Clouds Are Not Created Equal



By Mateen Greenway, Fellow, CT UK & IPS


There is a famous logical fallacy, called the association fallacy, often perpetrated in the IT world. A classic example is: All dogs have four legs. My cat has four legs; therefore, my cat is a dog. This could be transposed to “All clouds have shared infrastructure; my system has shared infrastructure. Therefore, my system is a cloud”. Cloud is a much abused word these days and it is vitally important to understand that because, in terms of service levels and security, “all clouds are not created equal.” Given that there are also more cloud services available than you could shake a stick at, it becomes hard to know which are right for you.


This is because, in the world of cloud, it’s very difficult to make an “apples to apples” comparison. In fact, I would go further and say that, much like the cell phone contract market, service providers have deliberately made it hard for consumers to compare services. This approach of differentiation through obfuscation is powerful. Service providers often follow this path. They make the services complex and then emphasize one area of the complexity where their service seems different. The IT Industry is especially prone to this model.


All clouds are not created equal. Cloud service providers will support different service levels, ranging from ‘“best endeavor” commitments to ones comparable with today’s rigorous national security-related efforts. Many public cloud suppliers today support the need to scale globally, but struggle with commitments on security, response times, availability, and continuity.


But there are even basic areas of complexity that must be dealt with when choosing cloud services. It’s about reconciling your demand around cost effectiveness, service level, storage, flexibility, security and functionality to obtain the best fit for your needs. So here is some advice on how to differentiate among the implications of various cloud models.


Ease of use

How easy is it to manage the cloud service? Do you have commitments around minimum storage or subscription periods? And, how much visibility will you have to the performance of the cloud service and the level of support received?


Bundled vs. unbundled clouds

Choosing whether to pay for a fully bundled vs. a pay-by-the-drink unbundled cloud service depends on whether you expect to use all, or most, of the components of the bundled service. If you are only likely to use a few of the elements, then it is often more advantageous to purchase unbundled services. Another consideration is that unbundled service charges will vary over time, whereas a bundled service will typically provide a fixed price.


Varieties of “virtual private”

How secure is the service, how much security does it offer, and is the service really private? Private cloud architectures often provide a higher level of security and service commitments compared to traditional IT models. While the cloud can deliver cost reductions and service improvements, a consuming organization will need to manage private and public cloud services delivered by a range of suppliers. So there will be a consequential increase in the multi-supplier management effort.


In reality, there is no one-size-fits-all solution for an organization’s needs. Each one must analyze its core requirements and ensure that cloud service providers can meet them cost effectively. It is important to bear in mind that different cloud deployment models greatly influence the potential security vulnerabilities or “attack surface.” The risks arise from an increased level of multi-tenancy among more unknown participants. Listed here from highest “attack surface” to lowest:


  • Hybrid Cloud — Composition of two or more clouds
  • Public Cloud — Shared public service, mega-scale infrastructure
  • Community Cloud — Shared infrastructure for a defined and controlled community
  • Private Cloud — Single-tenant, enterprise-owned or leased


Hidden data transfer fees

Often cloud pricing models emphasize the cost per virtual machine (VM), or the cost per gigabyte (GB). However, there are other important charges to consider, including data transfer fees. If you plan on loading large amounts of data to your cloud, or will require large data flow volumes, then hidden data transfer fees can become a significant cost item.


More gotchas with per-hour costs for VM or per-GB costs for storage comparison

Cloud service prices change frequently and can either positively or negatively affect your financial commitment. The contractual aspects of service-level considerations are defined and controlled by the governing enterprise. Cloud services provided from outside the enterprise to a large consumer base, such as from a public cloud, are based on standard, non-customizable service levels. Consumers are responsible to assure that the service levels meet their enterprise requirements. As enterprise consumers gain access to more technology sources, on demand, the complexity increases for assuring that workloads are serviced in a cost-effective, secure manner.


Cloud computing also offers the potential to change the way services are managed across multiple providers. Harnessing the promise of increased flexibility and cost-effectiveness relies on orchestrating a multi-source environment focused on mission results. Public sector CIOs can take on an enterprise-supporting “service broker” role to provide a mix of partnerships and Service Level Agreements (SLAs). CIOs will need to develop a portfolio of services and providers, with a range of contractual agreements that best meet the range of needs.


As enterprises move components of their IT environment to cloud-based architectures, new cloud-based components will need to link with current legacy-based components. SLAs must accommodate this shift so that each component’s capabilities and limitations are accounted for in this mixed environment, ensuring that they support overall enterprise performance goals.


Moving to a mixed-source, hybrid delivery model means IT components will rarely be under the control of a single organization. Managing the inherent complexity can be further exacerbated by pricing models that are similarly just as complex.


In conclusion

While there’s plenty of debate over which service to choose, no single choice stands head-and-shoulders above the rest. Each has certain advantages and it is the responsibility of the mission and business delivery organizations to clearly express their needs so that the IT department can facilitate appropriate service choices. In practice, many organizations will have to experiment with different services to find one that works for them. Cloud does not allow IT departments to ignore their responsibility for ensuring that the service feature, cost, SLAs and security are appropriate to meet the organization’s requirements.


Organizations must realize that the cloud is not a “one size fits all” solution. There are inherent security and quality risks associated with adopting a new IT delivery model. There are also tremendous rewards resulting from the competition among providers and a mix of partnerships and SLAs that support the mission, maximize benefits and minimize long-term, locked-in agreements.


Note: This blog topic will be explored further in an upcoming white paper on Trends Affected by Cloud Computing. The paper, developed by our team of Public Sector subject matter experts: James Bond, Chief Technologist; Michael Donovan, HP Distinguished Technologist; Judy Douglas, Government Client Industry Executive; Dan Gilbert, HP Strategist and Mateen Greenway, Fellow, CT UK&I PS. will address relevant challenges facing public sector customers.

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
About the Author
About the Author(s)

Follow Us