Learning to Control the Cloud
Cloud computing has quickly become one of the hottest catchphrases among IT and business executives alike. The users are attracted to the cloud based on its flexibility, availability and scalability, among other benefits. However, these advantages do not outweigh what many consider a potential pitfall in the adoption of cloud technologies: control. IT and business leaders remain concerned about how they’re able to keep business critical applications and data from being accessed by unauthorized users. This is not easily accomplished, as controlling the cloud requires businesses to exercise restraint and exert influence over cloud technologies – many of which are provided by external parties.
To properly control the cloud, one must understand the responsibilities for both the cloud provider and the customer.
Customer Responsibilities
What problem is your business trying to solve? - As simple as it sounds, this is the most important responsibility of a cloud customer. Businesses need to clearly identify what they are trying to solve by implementing cloud computing, as well as which business unit(s) the technology is primarily serving and if the applications will run in the cloud as-is or require additional work. Some clouds allow your applications to run unchanged, while others require additional configuration. Knowing what your application needs will help eliminate confusion about how quickly you can attack the problem. Don’t be fooled into thinking all clouds offer similar features and instant access.
What does your application and process require? – It is important to understand your application and the development process you wish to use, as well as any access restrictions for users. The cloud can be an ideal environment for changing a large and lumbering development process into a quick, fluid, and agile development cycle. When used correctly, this can result in a massive increase in productivity. However, if you aren’t clear about the nature of your application, it can potentially lead to a massive waste of resources.
How do you define data and application security? – Many customers overlook this critical question. It is as much the responsibility of the customer to establish security parameters as it is the vendor. Establish who in your company you can trust, and empower those chosen few. Define their roles, and make sure they’re aware of the nature of the data and applications you’re taking into the cloud. It’s imperative that you set up clear password policies before turning your team loose in the cloud.
What is your time horizon for cloud projects? – A lot of customers think of cloud projects as a sprint. Given that cloud technology is transformative in nature, customers should think about these projects as a journey over time. Trying to get full control over all cloud projects in one sweep won’t work. Instead, try to define on a quarterly basis your early experiments, the next set of more business-critical projects and so on. Be sure to start the next set only after gaining a good understanding of the first set including lessons learned, mistakes made and correction mechanisms in place. This way you can create a learning organization that gains control over time and improves based on data and experience.
What does success look like to your organization? – Before you jump into a cloud implementation, you should explicitly define what “success” means to your team. Figure out if you can improve the agility of the development process, or increase the availability of your applications. Outline your availability and reliability needs and how quickly you need the cloud up and running. Establishing realistic goals before embarking on a cloud initiative will allow you to identify the solution or provider that matches your particular budget or timing needs.
