Cloud computing is truly one of the major technology shifts of our era. It’s natural for a technology solution as pervasive and beneficial as cloud computing to be oversold to users with inflated expectations. Industry observers have consistently highlighted the rapid adoption of cloud computing and cloud services by end users, which is driving an explosion of interest within the vendor community.1 Given the conservative growth rates for most software and hardware in our current economy, it’s understandable that the huge growth rate forecast for cloud attracts almost every high-tech vendor. That pervasiveness is hype, but it’s a “good” hype in that critical technologies do emerge as legitimate offerings. Unfortunately, that pervasiveness also means that many products and services (and vendors) being touted as “cloud” will not survive. So how does an IT organization manage through the good and bad hype of any emerging technology … including cloud computing?
As an IT analyst, I’ve been struck by how the consistent lack of IT operational management almost always plays a major role in a technology’s descent into the disillusionment created by hype. This has been true for LANs, ERP and CRM applications, databases, and operating systems — and the list goes on. Invariably the surviving products become great solutions, but only after the bugs of IT operational management have been resolved by vendors and users working together. And so I ask, will IT management (once again) be a factor in the descent of an emerging technology — in this case, cloud computing — into the typical slough of disillusionment?
The answer doesn’t have to be “yes.” Cloud computing is becoming too pervasive and too critical to IT’s alignment with business needs for that disillusionment to impede the rapid ascension of cloud services in any lasting way. I would offer that IT operational management can and should become a barometer for measuring which cloud technologies and cloud service providers are going to survive as great long-term solutions.
The recent cloud failures by Epsilon and Amazon are excellent examples of business risks that were probably not adequately assessed, monitored, and managed by enterprise customers. While the costs for Epsilon are estimated at US $225 million for damages incurred by an unfortunate 3% of its customers, what are the business ramifications of this massive data breach for these 75 companies?2 What was the due diligence process followed by Hilton, Marriott, Ritz-Carlton, Red Roof Inn, Disney Destinations, and other hospitality companies that chose Epsilon for cloud services? Did they move beyond the loss of email addresses in their risk analysis? What was the due diligence process followed by Foursquare and Quora in choosing Amazon for their cloud infrastructure?
A meaningful process of due diligence in procuring cloud services, including identifying and managing risks, is basic to enterprise survival. I’m unaware of any industry-accepted certification or accreditation standards in place that can assist IT organizations in ferreting out the strong and capable cloud providers from those who lack competency, experience, and/or resources. It’s a “buyer beware” environment, with each IT shop imposing its own individual standards or lack thereof. However, there are significant benefits to properly evaluating the financial, legal, compatibility, marketing, operational, management, insurance, and liability issues that pertain to each potential cloud provider.
A critical part of that due diligence would be the implementation of a private cloud in some form by enterprise-class IT organizations. How can IT operations managers, pressured by the optimism of the business users, be prepared to evaluate a cloud service provider if they have not been through the firsthand experience of implementing their own private cloud offering? How can they specify or track SLAs when they have no experience with the unique attributes of cloud metrics? It’s elementary that if IT buyers do not know what to look for in a cloud technology or vendor, they will end up with a cloud infrastructure that is poorly supported and maintained.
Evaluative question: What is your due diligence process for evaluating cloud service providers?
1 Beil, Joshua, Bob Egan, Mark Fidelman, Jeffrey Kaplan, Karl Scott, and Joe Tierney. “2011 Trends Report: Cloud Computing.” Focus Research, 30 December 2010.
2 Paraskevas, Alexandros. “The Epsilon Data Breach and the Risk for Hotel Companies.” A Space of Possibilities, 5 April 2011.