To mix or not to mix

As the public and private sectors adopt cloud computing for more and more services, they will inevitably be faced with the question of whether they should get all of their services from one vendor or mix-and-match. Enterprise Networking Planet has taken a look at the pros and cons of both approaches.

When it comes to cloud, most buyers are in the market for at least one of the following services: infrastructure as a service, software as a service, or platform as a service.

The first thing the buyer has to consider is whether one company can satisfy all of their cloud needs. If not, the choice becomes a lot easier.

“Like most things IT, it really comes down to how many in-house resources you want to devote to managing the final solution,” writes Brian Proffitt. One vendor means less hands in the pot, which could mean less stress on the customer. However, he says, “Mixed cloud solutions may be a better way to go for you if you have a good batch of in-house expertise that understands clouds and provisioning and don’t mind getting their hands dirty once in a while.”

With a relatively small cloud community at this point in time, he adds, cloud vendors know each other and incompatibilities are rare.

The Fed Cloud Blog wants to know what strategy YOU are taking…are you mixing it up or playing it straight with one vendor? What strategy do you think works better? Comment below or email us.

Cloud market to grow to $241B by 2020

Here’s a fun, “little” cloud computing nugget to digest this lovely Monday afternoon.

In its latest report, Forrester Research estimates the global cloud computing market will grow to $241 billion by the year 2020. That’s up from $40.7 billion in 2011.

According to the executive summary, the report “forecast[s] shifts in the usage patterns of infrastructure, platform software, and business applications.”

ZDNet provided a quick glimpse at some of the main points of the report.

• Infrastructure as a service will reach a high of $5.89 billion in global revenue in 2014. Forrester projects it will fall back to $4.78 billion by 2020.
• Software as a service will continue to grow over the next nine years, reaching $132.57 billion in revenue in 2020.
• BusinessProcess as a service will also continue to grow, hitting $10.02 billion by 2020.
• Platform as a service will top out at $12.15 billion in 2018 and drop to $11.91 billion in 2020.

  (Check out the full graph here.)

According to infoTECH, the report also says, “Infrastructure-as-a-service (IaaS) will shift from public clouds to virtual private clouds…While adoption remains high, the size of the market will shrink, caused by Moore’s law of commoditizing prices; this also applies to some degree to virtual hardware. Dynamic infrastructure services, which are the virtual private cloud counterpart of IaaS in the public cloud, are combining pure infrastructure with high-level services and close integration into existing on-premises landscapes. This segment is just about to see real growth and will outperform IaaS in the public cloud in the long run…”

For learning and development teams, cloud is nothing new

What does the emergence of cloud computing really mean for your organization?

One expert says, despite the buzz word, cloud computing should be looked at as nothing new when it comes to learning and development (L&D).

Billy Biggs is director of learning strategies at General Physics Corporation and recently wrote a white paper about how L&D should handle cloud. He tells FCB more about why this really can be business as usual, but starts out by explaining that many are still wary because, well, the definition of cloud has been undefined for a relatively long period of time.

BB: I think the difficulty around trying to define what cloud computing [is because] it’s still evolving. The technology is still evolving and, up until late last year, you really had no authoritative body providing one specific definition.

Until NIST released its definition late last year, it became a little easier for folks to get their hands around it, but to complicate matters, I think that the different cloud offerings that are available to consumers — whether it’s software-as-a-service, infrastructure-as-a-service or platform-as-a-service — with all the complicated ecosystems of vendors and partners and approaches, really complicates things on what cloud computing means to a lot of different people.

FCB: In your paper, you talk about [being] behind the firewall and third party, externally hosted services. How is cloud different and is cloud even necessarily better?

BB: I’m not sure it’s necessarily better at this point, but it’s certainly different. I would kind of describe it as that shiny and new technology or toy that’s out there and available.

Behind the firewall and third party hosting models are now considered more traditional models, where there are usually constraints on user populations, data or content.

Cloud is a little bit different in that it’s more of a pay-as-you-go model. It’s sold on demand. There are really no restrictions on data or content consumption by users.

I like to use the example of buying a car, versus, perhaps, having a taxi available at your discretion. So, in a traditional hosting model, you would have a situation where you would make a purchase, just like going out to buy a car, and you could do anything you wanted to to that car — or that application, whether it’s customized or integrated with other systems.

Cloud’s completely different. You pay as you go. For example, if you use the application a great deal one month, your costs are going to be a lot higher, like a taxi would if you used it a couple of days a week, versus a couple of times a day. It’s kind of the same concept.

FCB: Let’s talk a little bit about whether deciding cloud is appropriate. Using email in the cloud — I think a lot of people have been doing that for years, but what about infrastructure-as-a-service, or some of these bigger moves? What questions should IT professionals be asking themselves before making the move to cloud?

BB: So, software-as-a-service, or email in the cloud, [has] been out for a couple of years now [and is] pretty easy to understand. Infrastructure-as-a-service is especially compelling when vendors who are at capacity in their private clouds are able to tap into additional public clouds for additional resources, whether it’s processing, storage, network or security resources. It’s those type of components that really fall under the infrastructure-as-a-service offering. As far as whether it’s appropriate or not, I think holistically you have to understand, just like any other technology, what business problems the cloud will ultimately solve.

If it’s SaaS or platform or infrastructure — what is the business problem, and is the cloud offering to solve that? I would suggest walking through any successful evaluation criteria or process that an organization has used in the past to evaluate whether an enterprise migration to a cloud offering is going to work, whether that starts with a business case or evaluating case studies, best practices and lessons learned.

The main questions I would ask as a potential vendor going to a cloud offering is, what does the support model look like from the cloud service provider? You’re changing the dynamics a little bit in that you’re not going to have the same administrative access to the application or infrastructure that you once did, thus you could be exposed to outages or other service interruptions.

At the end of it, I think that the best approach is to create a delta checklist, to walk through every aspect of the application or infrastructure, and understand exactly how different the cloud model is going to be from the traditional hosting model. The areas I would focus on are access, identity management, integration with other applications, and, obviously, security is always a big consideration.

FCB: I do a lot of interviews and people talk about why you should move to the cloud, but in your experience, is there ever an argument for not making the move?

BB: Yes, I definitely think, just as there are reasons to consider going to the cloud, there are reasons to consider not going or, at this point, holding off. There’s been concerns around the lack of customization in cloud solutions specifically related to SaaS, the lack of configurability of these applications — they’re more locked down, in some instances. A lot of folks don’t like to go with the forced upgrade or quarterly releases. So, that’s a consideration.

If you have a complex governance model, or change management process, quarterly releases may be just too much to keep up with. And then [there is] all the data integration. If you have a lot of other systems talking to each other, that presents specific challenges in a SaaS environment. Number one has got to be security, though.

There are still security concerns out there related to PII and sensitive data and where that data actually resides. Contingency planning and batch recovery options always come into play.

I think you’re going to have security concerns until NIST finishes its roadmap and standards on cloud computing, giving the cloud vendors some kind of chance to walk through some kind of certification or an accreditation process or program that will help ease security concerns with the community as a whole.

FCB: Final question about virtualization — what role has [it] played when it comes to cloud?

BB: Well, I think . . . without it, you’re not going to see the most mature models of cloud that exist now. The tools out there allow applications to become self-contained units. So, you’re kind of rolling the database or the operating system — all of that together to be self-contained. Therefore, applications and infrastructure are now considered independent of one another, which is a huge leap from traditional hosting models, now that you can have multiple applications run on VMs on the same physical server. Now IT departments and hosting providers can essentially provision new VMs as demand for system resources increase without significant hardware purchases, thus creating more IT agility, if you will.

FCB: Anything I missed that you might want to add?

BB: I think if you’ve been paying attention to what’s been going on at the Microsoft Worldwide Partner Conference, Microsoft’s message is essentially, they’re all in related to their cloud offering and pushing that out via their partner networks. So, I don’t think cloud is going anywhere. I think it’s here to stay. With that said, I think that organizations don’t need to be afraid to play a kind of wait-and-see attitude. If they’re pressured to go to cloud to reduce costs, a wait-and-see right now for the next six to 12 months is not necessarily a bad approach. I think there’s going to be a new variety of cloud offerings and hybrids available in the next few years.

If you are pushing to go to cloud, I would just suggest the organization . . . follow the same successful process that you’ve used to evaluate any major technology investments in the past.

Checking out the cloud at the Centers for Medicare and Medicaid

The Centers for Medicare and Medicaid is being required to modernize its technology infrastructure.

Julie Boughn is chief information officer at CMS and tells Fed Cloud Blog about how her office is using some cutting edge technologies, including cloud computing.

“I love cloud. When you talk about software-as-a-service or even platform-as-a-service, the potential is actually astronomical, especially around things that maybe are lower risk and aren’t our core business, but have never been able to get funded. To be able to do projects like those. . . . We don’t have to develop a whole system, or host [some programs] in one of our data centers because we can get the whole service that we need, build a business process around it, and it can be up in a week, as opposed to what typically would take months to get through a regular IT investment life cycle.

What remains to be seen for me is where . . . We start to draw the line. [For example] Medicare fee-for-service claims processing. It’s hard for me to imagine that happening in the cloud, but that could be just because I’m being old and stogy. I hope that’s not the only reason, but it’s just hard for me to imagine that being there. Our backup — backup is the thing that happens in the cloud for a lot of . . . personal users. I’ve heard of some big companies that use cloud for backup and recovery. That one is even hard for me, too, and that’s mostly because of our scale and size. But, I’m very open minded . . . and where it makes sense I’m going to be gung-ho supportive of it.”

Hear Boughn talk more about modernization and virtualization at CMS on Ask the CIO.

TSA looks up at the cloud

Emma Garrison-Alexander is chief information officer at the Transportation Security Administration.

Today, she talks with Fed Cloud Blog about how her agency is looking at technologies like cloud computing and virtualization.

EGA: The Department — DHS — is looking at cloud computing, so as an individual CIO, I’m looking at cloud computing, but also, I’m collectively looking at cloud computing with the overall DHS CIO council.

When you start looking at some of the things that cloud computing can provide, like software-as-a-service or platform-as-a-service or infrastructure-as-a-service, those things are very important to me.

I believe we want to make very good use of all of our IT resources and we want to take advantage of technologies really to advance the mission.

These are the underpinnings — these are the types of technologies that really are not there for technology’s sake. We have technologies so we can enable missions.

I see virtualization — I see cloud computing — as key ingredients going forward in terms of advancing our network capabilities for the TSA mission.

FCB: We hear a lot about cloud computing around email and storage. Are you looking at specific areas . . . are you looking at cloud for the desktop or cloud for email or anywhere else?

EGA: We’re in the early stages, so what I’ll say is there are some specific efforts that I would say are in the very early stages. In my position right now, I am doing a lot of learning about cloud computing.

I’m looking at where we’ll fit in the near term, as well as looking at how we can better incorporate it in the long term.

I think cloud computing has come of age, as far as I’m concerned. I think that it’s a reality. It may not be implemented everywhere, but the possibilities are there and I think with some of the efforts that have been successful already across the federal government, I believe that we’re going to be able to take advantage of that.

We’re going to be able to learn from the work that’s being done by the Department of Energy. I think that’s extremely important. I think looking across the various efforts, I think that’s most applicable to the environment that I am in — the work that they’re actually doing.

I think the three big areas — IaaS, PaaS and SaaS — I have an interest in all of those. I think some of the efforts we see are the beginning stages. Email as a service, I think, is kind of a natural place to look. That is an area of interest to me here at TSA.

There are numerous definitions of cloud computing. So, just trying to get everybody on the same page and to mean the same thing when they talk about cloud is another issue that we’ll continue to address. I particularly like the NIST definition . . . because I believe [it] tells us what’s different about cloud computing and how we provide network services today.

FCB: The NIST definition [is] something that we hear a lot about. I think a lot of people are starting to [say] it’s pretty good, whether it’s a starting point or evolves over time. . . . Cybersecurity — there was a recent event where Treasury had some websites in the cloud and they got hacked. Does this cause you, as a CIO, any additional concern?

EGA: The cybersecurity aspect of cloud computing is very important, because when you start talking about cloud computing, you’re talking about private clouds, public clouds, community clouds and hybrids of all of those.

I believe in any scenario, cybersecurity and network security is a key ingredient. Those are areas that have to be addressed. Just like today, we have to address them with whatever architecture we’re using — we’ll have to do the same thing for cloud computing. [The Treasury incident] doesn’t cause me any more concern, because you can have breaches in any environment and with any technology that’s deployed.

I come from an environment where I have a very broad knowledge when it comes to cybersecurity and any time that there’s a breach in a government organization, it gets my attention . . . but with any architecture, you can have vulnerabilities and you can have security issues.

So, it’s not unique to cloud, it’s just one area that has to be addressed with cloud, just like we’ve had to address security issues as the Internet rolled out years ago and things became much more interconnected across the country and across the world.

I believe this goes along with any technology that you’re rolling out.

Hear more of Garrison-Alexander on Ask the CIO on Federal News Radio.