Transforming IT Blog
Join us in the Transforming IT HP Blog where we will discuss reinventing IT to overcome obstacles and take advantage of Instant on Enterprise opportunities.

Can the Public Cloud be Trusted for Business?

After reading the insightful HP article “Lack of Transparency in Public Cloud”, I cannot help but weigh in and expand on the implications of the Public Cloud. The strategy offers immediate or almost immediate access to a solution, at a relatively low cost and a “pay for what you use” approach.  Yet, I share the concerns of the feasibility of an IT solution that is offering little obvious guarantee or transparency for security, location, quality of service, or continuity of service.  The business user of IT has historically used corporate IT like a utility, expecting IT services as we would expect to use water or electricity.  As with public utilities, one can go off the grid and get what we need, but there are risks and implications besides benefits. Let the public cloud buyer beware.

 

Let me expand on these key concerns.

 

  • Security – It is no secret that the internet is a dangerous place. Leaving important data on a public internet site is akin to moving an important file cabinet from your organization’s secure location to a street corner. Even locked, it is exposed to anyone that walks by. Most passersby would ignore it; a few will look at it as a challenge or opportunity. Moving it to a location where a relative stranger promises to watch it is almost as bad, even if you hold the keys to the locks. Is it worth the risk?  Who can you trust?  The point is that you need to know and depend on your keeper of the corporate jewels, or even your collection of trivia.  If it is important enough to pay for public cloud, it is important enough to safeguard. The same point for the “keys”. Even if you have a security key, is your provider of certificates for the service you are leasing reputable? How about the cloud staffing?  Are backups and operations maintenance of critical data performed by reputable staff and process?

 Is this your data in the Public Cloud?

 

  • Location – Where is your service and data located for the public cloud? Is it mandated by corporate policy or by law that the service be located in the country of your organization? If you have verified the country of service, is there a guarantee that the service will stay there? Do you care if your public cloud sales data or CRM analysis is being done in North America, South America, Asia, Europe, or any particular country therein?  Even if you have assurances that the cloud service is offered at a desirable location, will it stay there over the duration of the service? It is the cloud!

 

  • Quality of Service – I leased a service many years ago to quickly set up and host an application for common use by a project team. The usage quickly expanded beyond our expectations, but the system hosting the work could not scale without extensive moves and investment on our part.  Public cloud providers today make this concern typically trivial, but the point remains: how do you know what you can expect? Is the quality of the service reliable enough to meet your business need, and transparent enough to prove it?

 

  • Continuity of Service - This concern extends beyond the public cloud, actually. When you buy a service, there is an implicit expectation from most consumers that the service will be available any time they need it.  In fact, it generally takes a bit of cost and work to set up the redundancy that most consumers expect. Here is where the transparency is generally published by reputable cloud providers, but the consumer must also read and understand the implications.  Did the consumer buy single server availability when redundancy, clustering and/or remote backup of data is needed? The latter surely costs more.  How do we know that our data is being successfully backed up? And to where? Related to continuity, is the public cloud vendor viable as a business to support the cloud service? Bankruptcies and business strategy changes (like disbanding unprofitable cloud services) can be unexpectedly disruptive as well.

We have been reminded in this last year of some notable failures of public cloud services. If you haven’t read about the Amazon EC2 and Amazon RDS Service Disruption in the US East Region, it may be a good read to understand the complexity of automation that provides the benefits of public cloud services. 

  

Typically, a business user of a cloud service is not looking under these covers, but only searching for a way to provision their needs quickly and cheaply. The word “Shadow IT” as it applies to the public cloud is an appropriate phrase. Shadow IT is a bit shady in the corporate sense and is being purchased to get around the approved IT practices and governance.  Let the buyer beware.  

 

Here is a note to those IT groups that are being challenged with the “competition” of your consumers who are moving to shadow IT:  Build a reliable and viable private cloud service to compete. The private cloud of an IT shop can transparently govern the security, location, QOS and business continuity to the corporate policy…but you must earn the business these days with effective cost controls and service agility.  You already have potential to provide a superior product to compete.

 

Before I get 1000 responses that I am vilifying all public cloud, let me be clear that the public cloud has many good business cases and has scores of reputable and qualified providers.  But even that statement begs the question, how do you really know unless you do your homework on a fully transparent provider?

 

Leveraging the benefits of public and private cloud is one of the significant opportunities available to the savvy enterprise. HP Strategic IT Advisory Services (SITAS) is prepared to assist you with enterprise architecture planning and design to improve your leverage of IT to support the business. Cloud services are a key part of this strategy.

 

 

Ref:  “Lack of Transparency in Public Cloud” 

Comments
KenL ‎09-06-2012 05:27 PM - edited ‎09-06-2012 05:30 PM

I just read about blogger Mike Homan's story of losing his digital life to hackers, including his mobile and cloud related data; exploited through Apple and Amazon security flaws.  To the point of the first bullet of this original blog above, are you secure enough in accessing the services you have chosen? In the story, Mike notes:  "If you have an AppleID, every time you call Pizza Hut, you've giving the 16-year-old on the other end of the line all he needs to take over your entire digital life." Read the story for details.

 

For those storing their corporate jewels on their public cloud and mobile cloud services; ask yourself if you are doing your enterprise a favor by doing so.  Even if your enterprise is a home office, this lesson should be provocative.

 

The reference URL is:

http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the community guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
About the Author
Ken Larson has over 30 years of experience in Information Technology aligning business to technology. As an Enterprise Architect, he has del...
About the Author(s)
  • I’m a Global Strategist, a certified (PMI) Project Manager, specializing in business to IT alignment, agility consulting, Infrastructure Transformation and Strategic Architecture for Big Data, Mobility, Private Cloud, Unified Communications and Collaboration. I drive the strategy, vision and content of strategic consulting services in the Big Data IT Infrastructure services area at HP. As part of this, I meet with senior level customers to understand their challenges, conduct workshops to determine future vision and roadmaps as well as presenting at industry and analyst events.
  • Craig Partridge is the WW strategy lead for HP Technology Services Networking group. His role now covers strategy for consulting, professional and support services. The major areas of focus are Mobility, UC, Cloud Networking and IPv6. All aligned to core HP networking solutions - simplified, secure, optimized and available.
  • Don has held roles with the business and marketing of consulting for HP. Currently he supports HP's Client and Microsoft Solutions and the emerging Mobility Consulting services. He holds a MBA from UCLA's Anderson School.
  • Over 12 years of consulting, new technology services development and marketing experience covering data center, IT infrastructure, cloud technology domains. Hande holds a M.B.A degree from Bentley College, MA.
  • Having joined HP in 2003 Ian Jagger is the world-wide marketing and program manager for HP Technology Consulting's Strategic Consulting Services, Critical Facilities Services and Energy and Sustainability Management Services, as well as emerging IT services Prior to his current role, he served as the HP Services Marketing Manager for Central and Eastern Europe, Middle East and Africa, having joined HP in a similar role in the Middle East. Prior to HP Jagger had a 15 year international sales career, culminating in being Sales and Marketing Director for Steelcase Inc addressing Northern Europe before focusing more specifically on marketing. His initial focus was consultancy and interim marketing management, primarily for small to mid-sized customers based or looking to expand in the Middle Eastern region. Immediately prior to joining HP he was a strategic marketing consultant addressing investment targets for a technology fund. Born in Rochdale, United Kingdom, Jagger holds an honors bachelor of science degree in economics and a degree in social psychology from Loughborough University, England. He also holds a Masters Diploma in Marketing from the Chartered Institute of Marketing, is a Member of the Chartered Institute of Marketing and a Chartered Marketer. He has one daughter and lives in Cary, North Carolina.
  • Jeff Enters works in the HP Technology Services Networking organization and consults with customers on their IT strategies. He has over 20 years of consulting, design and integration experience in multi-vendor Voice and Data environments.
  • Editor and writer with 12+ years experience in the corporate software and technology sectors.
  • Jordan Lee has over twenty years of consulting and industry experience, helping some of the world’s largest firms craft and implement their business and IT strategies. His priority is to advise Hewlett-Packard clients how to best prepare for and take full advantage of the dramatic shifts in the IT economy taking place today. Over his career, Mr. Lee has held executive positions both in industry and consulting organizations, where he has provided consulting to some of the largest firms in the US. Over the years, he has helped his clients redesign business processes and organizations, and implement strategic IT programs around ERP, System Integration, Business Intelligence, and IT Infrastructure.
  • Jordan owns the worldwide mobility portfolio for TS Network Consulting and is a OneHP Mobility ambassador. His expertise centers on mobility strategy, client and applications virtualization and enterprise mobility management technologies.
  • Eduardo Zepeda, WW TS Social Media Program Manager & Internal Communications for WW Technology Services Blogging on behalf of HP Technology Services (TS_Guest)
  • Ken Larson has over 30 years of experience in Information Technology aligning business to technology. As an Enterprise Architect, he has delivered many successful architecture related services across business and government sectors in manufacturing, insurance, banking, oil, utilities, US state and federal governments. He is certified in TOGAF and IT Service Management.
  • Laura Cunningham is a CPA and business consultant with HP Technology Services Consulting. She helps CIOs and their teams bridge the gap between what the CIO wants and what the CFO requires by building a comprehensive business case that can withstand financial scrutiny.
  • I am on the WW Cloud and Big Data Solutions Team. I help our customers adopt HP advanced solutions that are made up of products and services from across HP. I have over 30 years experience in the technology business including 17 years of business ownership.
  • Broad mix of experiences developed in more than 20 years of technology-driven innovation. Fascinated by changes triggered by mix of behavior, needs and technology. Bachelor in Theoretical Physics.
  • Working for EMEA TS Consulting, I am a Specialist in end to end management of customer data, from creation through consumption, to protection and preservation and ultimately (controlled) destruction. This includes, host, connectivity, storage, data protection and backup and archive, from a technical and more importantly, operational perspective. I have worked in the storage and data management industry for over 15 years, on both sides of the desk, as a customer and now as a consultant.
  • Patrick Lownds is a Senior Technology Consultant and is involved in designing and delivering both Client Virtualization and Cloud Computing solutions in the datacenter. Patrick co-authored “Mastering Hyper-V Deployment
  • I’m a Global Chief Engineer certified Exchange Architect and Master (MCA and MCM), specializing in Messaging, Mobility, Private Cloud, Unified Communications and Collaboration. This relates to all work to coordinate sales, pursuit and delivery readiness in all services that relate to HP's portfolio around Microsoft Exchange. Includes internal readiness as well as external events, analyst briefings. With 25+ year’s experience in the industry. Thomas has been involved with Microsoft products since 1993. Specialties: - Architecting complex public and private Cloud solutions for Exchange, SharePoint and Lync in standard, dedicated or hybrid scenarios. - Lead the HP specialists team unit to win and acheive our business targets and budget - Drive HP's Exchange Services for Private Cloud - Working with partners, vendors and internal teams to align, expand and grow HP's strategy.
  • Tim Swiader has twenty plus years in the Information Technology industry. He has worked primarily with the fortune 100 and legacy carriers transforming their applications, networks and data center facilities.
  • Tom Clement has over 30 years experience in the areas of adult learning, secondary education, and leadership development. During this time Tom has been a consistent champion of “non-traditional” training delivery methods, including blended learning, virtual delivery (self paced and instructor led), the use of training games and simulations, and experiential learning. Tom has spent the past 25 years of his career at Hewlett Packard, focused most recently on HP’s global Virtualization, Cloud, and Converged Infrastructure customer training programs. Tom manages the strategic direction and overall performance of these training programs, ensuring these worldwide programs help HP’s customers capitalize on the business opportunities made available by IT advancements in each of these subject areas. Tom and his global teammates utilize best in class instructors, course content and supporting equipment infrastructure to deliver these training programs to HP’s customers. The team prides itself on providing the Virtualization, Cloud, and Converged Infrastructure content customers need when and where they need it, anywhere in the world. Tom is based in the Washington, DC suburbs and can be reached at tom.clement@hp.com.
  • Tari is a Distinguished Technologist with 30 years of IT and cyber security experience. He is dual board certified in information security/business continuity and is responsible for a wide range of management and technology consulting services encompassing information security, disaster recovery, privacy, and risk management. His problem-solving skills, knowledge of various technology platforms, compliance statutes, industries, as well as his experience in deploying defense-in-depth and InfoSec Program solution architectures is commonly applied when advising CIOs/CISOs as well as leveraged in numerous HP client engagements throughout the world. Tari has designed, built, and managed some of the world’s largest InfoSec programs allowing them to defend against even the most aggressive attackers.
  • I provide technical consulting services at all phases including analysis, planning, design and implementation. I have a wide range of experience in WAN and LAN technologies, as well as providing security solutions and deploying operating system infrastructure. Besides working directly with clients to deploy technology in their data centers, I also find myself architecting or discussing solutions with a business’s chief information officer, helping to lay out a roadmap for the coming years.
  • Bill is the Principal Data Center Energy Technologist for HP Technology Services. Kosik is a licensed professional engineer, LEED Accredited Professional, a Certified Energy Manager, and a Building Energy Modeling Professional. He is responsible for research and implementation of sustainable, energy-efficient, and environmentally responsible design strategies for data centers. He is currently a subject matter expert for the USGBC on the new LEED Data Centers, the EPA/DOE on unification of energy metrics, and the Green Grid on responding to the EPA’s Energy Star for Data Centers program. He has an engineering degree from the University of Illinois at Urbana-Champaign.


Follow Us