Jumping into Cloud, Be Sure You Know How to Get Out

user-pic
Vote 0 Votes

The last issue of Oracle Magazine (vol XXIII, iss. 1) mentions a set of Oracle products running on Amazon's Elastic Compute Cloud (EC2). This is a great news. Now, developers need just a few minutes to become "up and running" on Oracle platform for developing small and large projects, for prototyping and testing instead of having their own expensive testing hardware and software environment. This solution is even suitable "for customers who want to run production applications on the cloud".

While cloud computing (CC) promises excellent technological capabilities, let me ask what does CC mean to Business? I discussed this topic in a few forums and found an interesting thing: having all exciting arguments about how CIO can save on its IT and increase its power (or better outsource it into the cloud) in the background, very few experts have put attention on the feasibility of CC for Business.

The obvious feasibility question is: what risks the Business acquires using CC? Mathematicians say that properly asked question is the half of the answer. So, let us, as minimum, list some of the business risk questions:

1. Business Trust and Security - is about control over authorised access to execution processes, information and data, subjects under development, testing, prototyping and simulations. All of these are getting out of the owner control. Contracts with CC providers add some assurance but you do not control their business and you might not know where they outsourced your tasks to be processed
2. Compliance - since you delegate a part of your organisation into the cloud, what you have to do to assure the cloud is compliant with the same policies and regulations as you have to. If new policy comes, do you want to be dependent on your provider to become compliant?
3. Flexibility - economical crisis is a very dynamic environment; to survive, you need all possible flexibility in the Business and IT, quick and reliable customisation and on-going integration. Are you sure that doing this via a 3rd Party, that is out of your control, increases your capabilities?
4. Reliability - can Business rely on strict adherence to the SLA with CC provider? Tom Graves says: "The vendor may quote and even deliver on a high-uptime, but a wholly-networked, wholly service-driven business-system would mean you're still dangerously dependent on world-wide infrastructure which is outside of the vendor's control - and hence outside the terms of the service-level contract". Recent "serious damage to the fibre-optic cables in the Mediterranean, which is knocking out around 90% of the nominal bandwidth on all Europe-Asia routes" and gas delivery interruption to EU countries from Russia are the examples of such dependency
5. Continuity of a service - the crisis time has demonstrated an effect of 'sudden' bankruptcy on the partners. What measures your organisation has to set to mitigate such risk of the cloud?
6. Robustness - CC environment should also be able to offer self-healing systems; otherwise a Disaster Recovery task just increases in its complexity due to absence of control over the resources
7. Separation between business activities and used technical tools - realisation of immediate business needs will require longer and more complex procedure due to additional re-negotiation of the Service Contracts and SLA with the cloud provider
8. Potential conflict of interests - a cloud provider may be interested in hiding 'issues' from the business client making the entire solution less reliable and flexible to the external changes
9. Barrier for business and technical innovations - when technology sits inside the company it still has a chance to collaborate or even to converge with its business and address real business problems; technology in cloud does not care much about organisation's strategic needs
Greg Suddres has noticed: "It seems to me that organizations are setting themselves up to be stuck with a [CC] vendor over time. The large clients ... would be stuck with the same problems they have today, just with a solution they have no control over".

 

In the end, the acceptance of business risks, probably, comes to the 'cost vs. benefits' consideration. Nonetheless, it would never be wrong having your glasses for distant reading used; immediate advantages may appear as very dangerous in the perspective.

As Tom Graves said,"If you go into a cloud for your computing, remember to take your umbrella!"

 

http://www.ebizq.net/blogs/service_oriented/2009/01/jumping_into_cloud_be_sure_you_know_how_to_get_out.php

posted on 2009-05-20 20:39  smwikipedia  阅读(194)  评论(0编辑  收藏  举报

导航