In Part 1 of this series we discussed the ideal rhythm for exploring cloud computing responsibly and the critical role a cloud computing assessment plays. An assessment allows you to get specific about what the cloud can mean to your company. Here in Part 2 we will consider assessment activities for envisioning, in which you take a look at where the cloud could take you.
Envisioning: Finding the Cloud’s Synergies with your Business
Cloud computing has so many value propositions that it’s almost problematic! When you hear general cloud messaging you’re exposed to many potential benefits that include cost reduction, faster time to market, and simplified IT among others. Different organizations care about different parts of the value proposition. In an assessment, we want to find out which benefits have strong synergy with your company—and focus on them.
A good exercise to evaluate where the value proposition resonates is to gather business and technical decision makers, provide some education on benefits, and have a discussion to see where there is interest. Your people may be enthusiastic about some of these benefits but neutral or even negative about others. Here are some of the benefits to consider:
| Elasticity | |
 | In the cloud you can change your footprint anytime, quickly and easily. Think of the cloud as a big rubber band. |
| No Commitment | |
 | In the cloud you have easy entry and easy exit. You can stay in the cloud as long as you wish, but you can walk away any time, with no financial or legal commitments beyond your current month’s bill. |
| Reduced Cost | |
 | In the cloud you are likely to see reduced costs, in some cases extremely reduced costs. These reduced costs derive from the use of shared resources, the economy of scale in the cloud, and your ability to only use and pay for resources as long as you need them. |
| Consumption-based Pricing | |
 | In the cloud you only pay for what you use, and you only use what you need. |
| Extra Capacity | |
 | In the cloud you can expand capacity whenever you need to, even if a surge in demand is sudden and unexpected. You have the comfort of knowing extra capacity is there for you, but you only pay for it when you actually need it. |
| Faster Time to Market | |
 | In the cloud you can deploy new and updated applications very quickly. On Windows Azure for example you can deploy an application in 20 minutes or less. |
| Self-Service IT | |
 | In the cloud some IT tasks become so simple anyone can do them. Company IT cultures differ on this, but for some companies the ability to let more individuals and departments directly control their own deployments and level of scale is attractive. |
|
| |
| SLA | |
 | In the cloud you have a Service Level Agreement that boils down to 3 9’s (99.9%), or up to 8 hours of unavailability in a year. For some companies and applications that’s an improvement over their current SLA; for others it may be a downgrade. |
| Simplify IT | |
 | In the cloud certain IT tasks become very simple, just a click or two in a web portal. This includes provisioning, software deployment, and upgrades. |
| Management | |
 | In the cloud you have automated management working on your behalf. In the case of Windows Azure, patches are applied to your servers automatically; server health is monitored; and your availability and data integrity are protected through managed redundancy. |
| Convert CapEx to OpEx | |
 | In the cloud you do away with a lot of capital expenditures such as buying server hardware. This is replaced with operating expenditures, your pay-as-you-go monthly bill. For many companies this means a healthier balance sheet, but not all companies and managers see this as positive. Some people have easier access to capital budget than operating budget. |
| New Capabilities | |
 | In the cloud you have new capabilities. For example, Windows Azure provides new capabilities for business-to-business communication and federated security. These new capabilities can allow you to innovate and realize a competitive edge. The cloud also enables some new business models such as Software-as-a-Service that you may have interest in. |
It can be useful to have separate envisioning meetings with business and technical people; you’ll likely find different audiences have different interests and concerns. For example, a CIO could be gung-ho about the cloud while the IT department below them is apprehensive about the cloud.
Risks & Concerns
A benefits discussion must be complemented with a risk discussion. Anything new like cloud computing will naturally lead to concerns, real or imaged. Each concern needs to be mitigated to the stakeholders’ satisfaction. Examples of concerns frequently raised are security, performance, availability, disaster recovery, vendor lock-in, in-house capability, and runaway billing concerns.
Security
Security comes up in nearly all cloud discussions. Sometimes there will be a specific risk in mind but often the concern is just a general expression of “I’m concerned about security in the cloud”. The best way to feel good about security in the cloud is first to understand how good security in the cloud is: cloud providers invest a massive amount in security. Next, start getting specific about areas of concern: only then can remedies be designed.
For specific security concerns, the consulting firm performing your assessment should have a knowledge base of commonly-raised concerns—such as data falling into the wrong hands—and standard mitigations for them. In addition, there should be a defined approach for threat modeling risks and planning defenses.
Security in the cloud is best viewed as a partnership between you and the cloud provider. There are certain things the cloud environment will do to protect you, and there are complementary things you can do yourself. An example of something you can do is encrypting all of the data you transmit and store. An assessment should capture your concerns and record the plan for dealing with them.
Performance & Availability
Since the cloud is a different environment from your enterprise, you can’t assume the dynamics are the same. You may find performance to be stellar, about the same, or disappointing depending on what you’re used to. An assessment should consider the performance requirements of applications and plan to validate them in a proof-of-concept.
Availability is more straightforward to predict because there is a published SLA, but the Internet path between the cloud computing data center and your users is outside the cloud provider’s control. If your users are in an area with poor or unreliable Internet service, availability expectations should be revised accordingly.
Vendor Lock-in
Some organizations have a fear of vendor lock-in: if you move something to the cloud, are you stuck there? There’s an interesting discussion to be had here. On the one hand, it’s perfectly possible to write applications that can run on-premise or in the cloud, preserving your ability to move back and forth. On the other hand, if you take advantage of new, only-in-the-cloud features such as Windows Azure AppFabric, you’ll lose some portability (but it may be worth doing so for the benefits). An assessment is an occasion to weigh these tensions and pick a lane.
Disaster Recovery
Cloud providers have many mechanisms to protect your data, such as redundancy, but much of this is automatic and neither visible nor controllable by you. You may require a level above this where you can for example make time-stamped snapshots of your data and be able to restore them on demand. An assessment should map out your DR requirements, including RTO & RPO, and determine how you and the cloud platform will collaborate to meet them.
In-house Capability & Process
If you are going to adopt cloud computing your developers and IT department will need the appropriate skills. An assessment should include an analysis of where people skills are today and where they need to be for cloud computing adoption. It’s not only skills that need updating but process as well: the cloud will surely impact your development and deployment processes. Your cloud computing plans should budget for this training and process refinement.
Billing Concerns
Some find the “just like electricity” metering aspect of the cloud unnerving: what if your billing runs out of control? An assessment should identify procedures for measuring billing and monitoring applications proactively, identifying disturbing trends early so they can be investigated before large charges accrue. In the case of Windows Azure, for example, billing can be inspected daily and it’s not necessary to wait till the end of the month to learn how charges are trending.
Trust
By and large, trust is at the root of most cloud computing concerns. Trust is something that needs to be earned, and in cloud computing it can and should be earned in degrees. If you’ve had a good experience with a proof-of-concept in the cloud, that will bolster your confidence to put something in production in the cloud. Your assessment should produce a roadmap that promotes measured, increasing use of the cloud with validation that expectations were met at every step.
Alignment
Since the purpose of a cloud computing assessment is to find the fit for your organization, it’s very important to understand what is already going on in the company. Any cloud computing plans should align with this backdrop.
Business Alignment
Your company’s business plan likely has significant events on the calendar, for example launch of a new product line or service. Annual planning and budgeting are another example. The flow of business initiatives may suggest that certain cloud opportunities make sense sooner or later on the timeline.
IT Alignment
Your IT department is also likely to have events on the calendar that should be taken into consideration. Is a server refresh cycle scheduled? Consider that using the cloud might allow you to avoid or reduce buying that hardware. Are there plans to overhaul the data center? A cloud strategy might allow you to drastically alter the size and cost of your data center, using the cloud for overflow at peak times.
Envisioning Provides Business Context
Much of a cloud computing assessment will involve identifying and analyzing specific opportunities (applications), but this initial envisioning activity is important. It gives you the business context for your technical decisions. In envisioning you capture both the areas of traction and disconnect between cloud computing and your organization. This information will help you in forming your cloud computing strategy and it will color the suitability scoring of potential cloud opportunities. Timing of cloud initiatives should take business and IT initiatives into account.
In subsequent installments we’ll look at more activities that are performed in a cloud computing assessment. If you’d like to see how we do it at Neudesic, visit http://cloud-assessment.com/.
No comments:
Post a Comment