-
Russell Mickler, Principal Consultant, has over 17 years of professional experience leading and managing IT organizations.
Question on Cloud Computing Management
Written on July 24, 2008
Leave a Comment
|
From: Mark
Sent: Wed 7/23/2008 9:10 PM
To: Russell Mickler
Subject: Cloud Computing
Hello Professor
I was listening to your Tuesday Chat about SAAS and Cloud Computing, and had a question as to what you have seen in how this was managed. You mentioned that as a strategy, companies would keep an IT Staff in order to support complex IT Solutions that a company may have. Who would support the Network Piece / Security for Employees to use Cloud Computing? Would this be managed In – House or tru a Vendor? Also, if companies were using Cloud Computing would a benefit to this be that an employee can be anywhere in the world to use this service?
***
Hi Mark -
I have a question for you: when you use a network service like your online banking, Google Gmail, Yahoo! calendars, or even an online dating service, who handles your security?
I would probably hazzard a guess that you don’t think about it too much. The technology is fairly ubiquitous after setup. Data is transmitted encrypted by browser RSS encryption; your WiFi security at home was just setup once; you may not even think about firewalls because they’re built in to the operating system and into networking solutions provided by ISP’s. In other words, security is _transparent_ and autonomous. It’s in the fabric of what we do, and only more so as we move to more sophisticated networking protocols like IPv6.
This is the same strategy that future small businesses, in particular, will take. Why worry about security when adequate security is already built into infrastructure? They don’t need specialized skills or training to setup connectivity to the Internet, or if they do it is for a limited duration for setup. Security is centralized and managed by the network engineers of the service provider.
Thus, the typical small business wouldn’t need a network engineer or a security analyst. The network is an _appliance_, like a microwave. You don’t need specialized training to use a microwave, and the security in making sure our family isn’t radiated each time we use it is built in. Thus the demand for these skills is greatly diminished; they’re needed at the providers’ shop, and not in the end customer’s or user’s shop.
It’s a huge benefit if you think that you can access a service anywhere at any time. Imagine if you travelled, if you had access to your actual desktop (your files, your music, your settings, your email) on any platform: an Internet kiosk, on your cell phone, on a laptop, at a standard PC. Everything you need is everywhere. Yes, the same benefit is extraordinary to companies. Instead of spending time and resources to make this happen with their own information system, it’s all a part of the service they “rent”. It diminishes the need for geographic proximity – and if you look at the trends, we see an earnest need for reducing travel time and expenses, getting people off the road, closing down needless facilities, and telecommuting.
We also see a generation of users who’re not concerned about privacy but are more utilitarian. They don’t know what the hard drive on their PC contains or not, and frankly they don’t care where their personal information is stored or how it’s used (just look at FaceBook and MySpace, grin). They simply want _services_. Even data backups are being brought online and centralized – away from the PC asset.
Naturally, some companies will feel that IT security is a core competency and they need to hire/maintain an IT security function. Also, some companies will feel that networks are critical to the execution of their business strategy, and will retain network engineers. Large companies have more risk with their infrastructure, and aren’t interested in just “network appliances” – they need more constructive, detailed approaches to complex problems. And some companies won’t feel as if cloud computing protects their information or confidentiality strong enough, and will want to maintain their own stuff. The strategic question will be: will the costs and time necessary to support these expectations diminish their competitive advantage as compared to those more nimble companies who don’t? My guess is that we can expect a blend of approaches from the enterprise – larger companies will use whatever is available to them in some areas to lower TCO (Total Cost of Ownership), yet retain ownership of critical “core competency” functions.
Imagine the role of IT being greatly reduced in the small to midrange business market (roughly eighty percent of all domestic US businesses); imagine the CIO being replaced by the COO; imagine business technology just becoming a normal, transparent factor of doing business that requires no specialized knowledge; imagine security costs being shifted to service providers instead of owned by customers; imagine the role of IT as a department changing from asset management to service provider, and then trying to do that at an economy of scale _higher_ than large companies who can do things for more people at a much lower cost. How does an internal IT dept compete with that? Functionally, it can’t, and what we’d look for IT to do is transform itself to provide different kinds of value – business intelligence, creativity in design and development, R&D, data warehousing and mining – instead of asset management.