If you'd told me in early 2009 that cloud computing services would be one of the hottest topics in communications and IT by the end of the year, I'm not sure I would have believed you entirely. But by the end of 2009, cloud computing is everywhere.
Once a business has committed to a particular provider, it's basically stuck in the services version of vendor lock-in.
Small and midsized businesses are talking seriously to cloud providers like Amazon, Google, IBM, AT&T, BT and many others. Even larger enterprises are looking at this model to cut costs on data center processing, storage and software applications.
While the essential cloud computing services model has been with us for a while, under the moniker of Application Service Provider (ASP), the current iterations of the technology and concept are catching on like wildfire, especially in an uncertain economy in which enterprises of all sizes are doing everything they can to cut costs out of their businesses.
While "cloud computing has huge potential to be a game changer for businesses around the world, the industry needs to work through a number of major issues before cloud computing services can live up to the huge amount of hype they've enjoyed this year. TM Forum is jumping into the fray with our own initiative.
Security standards a must for cloud computing services
Establishing security standards for cloud computing services must be first and foremost if enterprises are essentially going to hand over their corporate data to an outsourced storage provider, or rely on another party's server processing or software. If enterprises are putting their data on a server they don't physically control, it turns the whole security paradigm on its head. If that doesn't raise red flags, I don't know what will.
Today, most companies keep their hardware and software resources under their own control -- where employees have direct access to the data center. Even if a company outsources some or all data center functions, its resources are sitting in a data center where someone is paid to keep watch over everything.
When an enterprise gets into the cloud, its data could literally be sitting on the same server as that of a competitor's. Rather than having direct or even indirect control over the data, enterprises are pretty much at the mercy of their providers. Security concerns are probably among the major reasons why the latest surveys show that more than half of all enterprises have cloud-based services in their plans, but only 2% are actually implementing them. Their trepidation is real and won't abate until we have real cloud computing services security standards in place that all providers must comply with.
We can safely assume that the larger cloud providers have more than adequate security measures in place. Amazon and Google wouldn't be where they are today if hackers were breaking into their systems every week. We have to be concerned about the smaller cloud providers that jump into the space without adequate capabilities, resources, knowledge or even staff training.
Reliability runs close behind cloud computing services security issues
The need for reliability in cloud computing for the enterprise gets into quality of service (QoS), service level agreements, response time and latency -- all critical areas when you're dealing with corporate information. If companies have their data centers down the hall or are using a virtual private network (VPN), reliability doesn't really come up very often. But now, when we're essentially talking about having corporate information traverse the public Internet -- which we all know is just a best-effort network -- all bets are off.
Imagine if airlines or hotels had their reservation systems residing completely in the cloud, and customers couldn't easily and quickly conduct transactions because of reliability issues. They'd lose customers and money fast. With cloud-based services, business don't have to know -- and, in many cases, don't care -- where the servers are. But trust me, they'll start caring quickly when their customers' interactions degrade and they can't do what they set out to do.
Portability: The final piece of the cloud computing services puzzle
Portability issues round out the list as the third major area that needs to be adequately addressed by providers of cloud computing services. Right now, every cloud provider operates differently, making it just about impossible to move corporate data from one provider to another or even back into a private or internal cloud. We're seeing very proprietary silos, which tie users' hands. Once a business has committed to a particular provider, it's basically stuck in the services version of vendor lock-in.
TM Forum's involvement in cloud-based services issues
Security, reliability and portability -- along with industry-wide standards -- are the key challenges we're seeing in the world of cloud computing services today. To get past the hype, TM Forum is jumping into the cloud fray by launching an ecosystem that brings buyers and sellers together in this world of new business models.
The buyers are enterprise customers, while the sellers are both cloud computing services providers and technology suppliers. Enterprise customers are leading the way by establishing criteria and requirements that must be addressed before they will jump in with both feet.
Our role at TM Forum is as a facilitator to ensure that the barriers to widespread adoption of cloud computing are removed and that services become a successful commercial reality. At Management World Americas in Orlando, we'll be featuring a Cloud Stream that will discuss the possibilities and benefits within different cloud service models (including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS), security, open standards and the role communications service providers can play in ensuring that the ecosystem meets customers' needs and expectations.
About the author: Jim Warner is vice president and head of digital media, advertising and cloud computing program for the TM Forum. Warner is founder and president of the Westport Group, a strategic consulting and marketing communications agency.
This was first published in December 2009