Welcome to a special discussion on predicting how cloud computing will actually unfold for enterprises and their core applications and services in the next few years. Part of The Open Group 2011 Conference in San Diego, a live, on-stage panel examined the expectations of new types of cloud models — and perhaps cloud specialization requirements — emerging quite soon.
By now, we’re all familiar with the taxonomy around public cloud, private cloud, Software as a Service (SaaS), Platform as a Service (PaaS), and my favorite, Infrastructure as a Service (IaaS). But we thought we would do you all an additional service and examine, firstly, where these general types of cloud models are actually gaining use and allegiance, and look at vertical industries and types of companies that are leaping ahead with cloud.
Then, second, we’re going to look at why one-size-fits-all cloud services may not fit so well in a highly fragmented, customized, heterogeneous, and specialized IT world — which is, of course, the world most of us live in.
How much of cloud services that come with a true price benefit — and that’s usually at scale and cheap — will be able to replace what is actually on the ground in many complex and unique enterprise IT organizations? Can a few types of cloud work for all of them?
Here to help us better understand the quest for “fit for purpose” cloud balance and to predict, at least for some time, the considerable mismatch between enterprise cloud wants and cloud provider offerings, is our panel: Penelope Gordon, cofounder of 1Plug Corp., based in San Francisco; Mark Skilton, director of portfolio and solutions in the global infrastructure services with Capgemini in London; Ed Harrington, principal consultant in Virginia for the UK-based Architecting the Enterprise organization; Tom Plunkett, senior solution consultant with Oracle in Huntsville, Ala.; and TJ Virdi, computing architect in the CAS IT system architecture group at Boeing, based in Seattle. The discussion was moderated by BriefingsDirect’s Dana Gardner, principal analyst at Interarbor Solutions.
Listen to the podcast (40:32 minutes).
Here are some excerpts:
Penelope Gordon: A lot of companies don’t even necessarily realize that they’re using cloud services, particularly when you talk about SaaS. There are a number of SaaS solutions that are becoming more and more ubiquitous.
I see a lot more of the buying of cloud moving out to the non-IT line of business executives. If that accelerates, there is going to be less and less focus. Companies are really separating now what is differentiating and what is core to my business from the rest of it.
There’s going to be less emphasis on, “Let’s do our scale development on a platform level” and more, “Let’s really seek out those vendors that are going to enable us to effectively integrate, so we don’t have to do double entry of data between different solutions. Let’s look out for the solutions that allow us to apply the governance and that effectively let us tailor our experience with these solutions in a way that doesn’t impinge upon the provider’s ability to deliver in a cost effective fashion.”
That’s going to become much more important. So, a lot of the development onus is going to be on the providers, rather than on the actual buyers.
Enterprise architects need to break out of the idea of focusing on how to address the boundary between IT and the business and talk to the business in business terms.
One way of doing that that I have seen as effective is to look at it from the standpoint of portfolio management. Where you were familiar with financial portfolio management, now you are looking at a service portfolio, as well as looking at your overall business and all of your business processes as a portfolio. How can you optimize at a macro level for your portfolio of all the investment decisions you’re making, and how the various processes and services are enabled? Then, it comes down to a money issue.
Ed Harrington: We’re seeing a lot of cloud uptake in the small businesses. I work for a 50-person company. We have one “sort of” IT person and we do virtually everything in the cloud. We have people in Australia and Canada, here in the States, headquartered in the UK, and we use cloud services for virtually everything across that. I’m associated with a number of other small companies and we are seeing big uptake of cloud services.
We talked about line management IT getting involved in acquiring cloud services. If you think we’ve got this thing called “shadow IT” today, wait a few years. We’re going to have a huge problem with shadow IT.
From the architect’s perspective, there’s lot to be involved with and a lot to play with. There’s an awful lot of analysis to be done — what is the value that the cloud solution being proposed is going to be supplying to the organization in business terms, versus the risk associated with it? Enterprise architects deal with change, and that’s what we’re talking about. We’re talking about change, and change will inherently involve risk.
The federal government has done some analysis. In particular, the General Services Administration (GSA), has done some considerable analysis on what they think they can save by going to, in their case, a public cloud model for email and collaboration services. They’ve issued a $6.7 million contract to Unisys as the systems integrator, with Google being the cloud services supplier.
So, the debate over the benefits of cloud, versus the risks associated with cloud, is still going on quite heatedly.
Mark Skilton: From personal experience, there are probably three areas of adaptation of cloud into businesses. For sure, there are horizontal common services to which, what you call, the homogeneous cloud solution could be applied common to a number of business units or operations across a market.
But we’re starting to increasingly see the need for customization to meet vertical competitive needs of a company or the decisions within that large company. So, differentiation and business models are still there, they are still in platform cloud as they were in the pre-cloud era.
But the key thing is that we’re seeing a different kind of potential that a business can do now with cloud — a more elastic, explosive expansion and contraction of a business model. We’re seeing fundamentally the operating model of the business growing, and the industry can change using cloud technology.
So, there are two things going on in the business and the technologies are changing because of the cloud. …
There are two more key points. There’s a missing architecture practice that needs to be there, which is a workload analysis, so that you design applications to fit specific infrastructure containers, and you’ve got a bridge between the the application service and the infrastructure service. There needs to be a piece of work by enterprise architects (EAs) that starts to bring that together as a deliberate design for applications to be able to operate in the cloud. And the PaaS platform is a perfect environment.
The second thing is that there’s a lack of policy management in terms of technical governance, and because of the lack of understanding. There needs to be more of a matching exercise going on. The key thing is that that needs to evolve.
Part of the work we’re doing in The Open Group with the Cloud Computing Work Group is to develop new standards and methodologies that bridge those gaps between infrastructure, PaaS, platform development, and SaaS.
Tom Plunkett: Another place we’re seeing a lot of growth with regard to private clouds is actually on the defense side. The U.S. Defense Department is looking at private clouds, but they also have to deal with this core and context issue. The requirements for a [Navy] shipboard system are very different from the land-based systems.
Ships have to deal with narrow bandwidth and going disconnected. They also have to deal with coalition partners or perhaps they are providing humanitarian assistance and they are dealing even with organizations we wouldn’t normally consider military. So they have to deal with lots of information, assurance issues, and have completely different governance concerns that we normally think about for public clouds.
We talked about the importance of governance increasing as the IT industry went into SOA. Well, cloud is going to make it even more important. Governance throughout the lifecycle, not just at the end, not just at deployment, but from the very beginning.
You mentioned variable workloads. Another place where we are seeing a lot of customers approach cloud is when they are starting a new project. Because then, they don’t have to migrate from the existing infrastructure. Instead everything is brand new. That’s the other place where we see a lot of customers looking at cloud, your greenfields.
TJ Virdi: I think what we are really looking [to cloud] for speed to put new products into the market or evolve the products that we already have and how to optimize business operations, as well as reduce the cost. These may be parallel to any vertical industries, where all these things are probably going to be working as a cloud solution.
How to measure and create a new product or solutions is the really cool things you would be looking for in the cloud. And it has proven pretty easy to put a new solution into the market. So, speed is also the big thing in there.
All these business decisions are going to be coming upstream, and business executives need to be more aware about how cloud could be utilized as a delivery model. The enterprise architects and someone with a technical background needs to educate or drive them to make the right decisions and choose the proper solutions.
It has an impact how you want to use the cloud, as well as how you get out of it too, in case you want to move to different cloud vendors or providers. All those things come into play upstream, rather than downstream.
You probably also have to figure out how you want to plan to adapt to the cloud. You don’t want to start as a Big Bang theory. You want to start in incremental steps, small steps, test out what you really want to do. If that works, then go do the other things after that.
Gordon: One example in talking about core and context is when you look in retail. You can have two retailers like a Walmart or a Costco, where they’re competing in the same general space, but are differentiating in different areas.
Walmart is really differentiating on the supply chain, and so it’s not a good candidate for public cloud computing solutions. That might possibly be a candidate for private cloud computing.
But that’s really where they’re going to invest in the differentiating, as opposed to a Costco, where it makes more sense for them to invest in their relationship with their customers and their relationship with their employees. They’re going to put more emphasis on those business processes, and they might be more inclined to outsource some of the aspects of their supply chain.
Skilton: The lessons that we’re learning in running private clouds for our clients is the need to have a much more of a running-IT-as-a-business ethos and approach. We find that if customers try to do it themselves, either they may find that difficult, because they are used to buying that as a service, or they have to change their enterprise architecture and support service disciplines to operate the cloud.
Also, fundamentally the data center and network strategies need to be in place to adopt cloud. From my experience, the data center transformation or refurbishment strategies or next generation networks tend to be done as a separate exercise from the applications area. So a strong, strong recommendation from me would be to drive a clear cloud route map to your data center.
Harrington: Again, we’re back to the governance, and certification of some sort. I’m not in favor of regulation, but I am in favor of some sort of third-party certification of services that consumers can rely upon safely. But, I will go back to what I said earlier. It’s a combination of governance, treating the cloud services as services per se, and enterprise architecture.
Plunkett: What we’re seeing with private cloud is that it’s actually impacting governance, because one of the things that you look at with private cloud is charge-back between different internal customers. This is forcing these organizations to deal with complexity, money, and business issues that they don’t really like to do.
Nowadays, it’s mostly vertical applications, where you’ve got one owner who is paying for everything. Now, we’re actually going back to, as we were talking about earlier, dealing with some of the tricky issues of SOA.
Virdi: Private clouds actually allow you to make more business modular. Your capability is going to be a little bit more modular and interoperability testing could happen in the private cloud. Then you can actually use those same kind of modular functions, utilize the public cloud, and work with other commercial off-the-shelf (COTS) vendors that really package this as new holistic solutions.
Configuration and change management — how in the private cloud we are adapting to it and supporting different customer segments is really the key. This could be utilized in the public cloud too, as well as how you are really securing your information and data or your business knowledge. How you want to secure that is key, and that’s why the private cloud is there. If we can adapt to or mimic the same kind of controls in the public cloud, maybe we’ll have more adoptions in the public cloud too.
Gordon: I also look at it in a little different way. For example, in the U.S., you have the National Security Agency (NSA). For a lot of what you would think of as their non-differentiating processes, for example payroll, they can’t use ADP. They can’t use that SaaS for payroll, because they can’t allow the identities of their employees to become publicly known.
Anything that involves their employee data and all the rest of the information within the agency has to be kept within a private cloud. But they’re actively looking at private cloud solutions for some of the other benefits of cloud.
In one sense, I look at it and say that private cloud adoption to me tells a provider that this is an area that’s not a candidate for a public-cloud solution. But private clouds could also be another channel for public cloud providers to be able to better monetize what they’re doing, rather than just focusing on public cloud solutions.
Plunkett: Not to speak on behalf of Oracle, but we’ve gone through a few mergers and acquisitions recently, and I do believe that having a cloud environment internally helps quite a bit. Specifically, TJ made the earlier point about modularity. Well, when we’re looking at modules, they’re easier to integrate. It’s easier to recompose services, and all the benefits of SOA really.
Gordon: If you are going to effectively consume and provide cloud services, if you do become much more rigorous about your change management, your configuration management, and if you then apply that out to a larger process level. Some of this comes back to some of the discussions we were having about the extra discipline that comes into play.
So if you define certain capabilities within the business in a much more modular fashion, then, when you go through that growth and add on people, you have documented procedures and processes. It’s much easier to bring someone in and say, “You’re going to be a product manager, and that job role is fungible across the business.”
That kind of thinking, the cloud constructs applied up at a business architecture level, enables the kind of business expansion that we are looking at.
Harrington: [As for M&As], it depends a lot on how close the organizations are, how close their service portfolios are, to what degree has each of the organizations adapted the cloud, and is that going to cause conflict as well. So I think there is potential.
Skilton: Right now, I’m involved in merging in a cloud company that we bought last year in May … It’s kind of a mixed blessing with cloud. With our own cloud services, we acquire these new companies, but we still have the same IT integration problem to then exploit that capability we’ve acquired.
Each organization in the commercial sector can have different standards, and then you still have that interoperability problem that we have to translate to make it benefit, the post merger integration issue. It’s not plug and play yet, unfortunately.
But the upside is that I can bundle that service that we acquired, because we wanted to get that additional capability, and rewrite design techniques for cloud computing. We can then launch that bundle of new service faster into the market.