Archive for the ‘ Cloud Compliance ’ Category

Cloud Computing in 2012 (continued) – On-Demand Elasticity

Cloud computing, at its core, offers a large set of resources that  enable a concept known as elasticity. Elasticity is a part of the core feature set that comprise cloud computing. The concept behind elasticity is so integral to cloud computing that Amazon Web services decided to categorize the major offering in their cloud as Amazon EC2 (Elastic Cloud Compute).

The definition of elasticity can be described, or sometimes known as, dynamic scaling. The ability to dynamically scale and change resource requirements or consumption needs in direct response to runtime requirements makes this paradigm of cloud computing an integral part of the model. Most applications require a standard level of resources operating under normal, ready state environmental conditions, but also require additional computing resources during peak usage situations.

Before the advent of the cloud model, companies were required to pre-build, pre-purchase and configure sufficient capacities to not just operate properly under standard load requirements, but also handle extensive peak load situations while offering sufficient performance. When looking into the past and present of the self-hosted model, this means companies having to over provision and purchase additional hardware and software for their given application requirements and further requires engineers to try to accurately predict customer or end user usage in peak load scenarios.

When looking into managed hosting, it is possible to start with a small subset of computing resources and hardware and continue to grow the resource as the applications requirements grow. But in the model of managed hosting, provisioning for new hardware and software dedicated to the application’s needs can take weeks, or even larger companies, months.

With cloud computing having hundreds and thousands of virtualized computing resources which can be leveraged, provisioned, and released in conjunction to the application and peak load requirements on demand make the elastic cloud model the most powerful and convenient paradigm available to business. When businesses incorporate automation via dynamic scaling, also known as elasticity, the service-level offerings to end-users increase substantially.

Our next blog will focus on virtualization in cloud computing. Please check back often, or subscribe to our blog to stay up-to-date on the latest posts and perspectives and news about cloud computing. For more information about Nubifer Cloud Computing visit www.NUBIFER.com

Advertisements

Cloud Computing in 2012 (continued) – Shared Resources in the Cloud

A primary characteristic of cloud computing is that the platform leverages pooled or shared assets. These computing resources can be bought, controlled externally, and used for public or private usage. As we look further into the validity of these shared computing resources, one can easily see that they are an integral component to any public or private cloud platform.

Take, for example, a business website. We begin to see standard options commonly available in today’s market. Shared hosting, is one of the choices companies have had for quite some time now. The shared approach leads them to be free from managing their own data center, and in turn, leverage a third party. Most of the time, managed hosting services lease out to their customers a dedicated server which is not the shared with other users.

Based solely on this, cloud computing looks a lot like a shared hosting model of managed services. This is due to the fact that the cloud platform provider is the third-party that manages, operates and owns the physical computing hardware and software resources which are distributed and shared. At this juncture in the paradigm is where the similarities between shared or dedicated hosting and cloud computing end.

With cloud computing set aside for a moment, the move away from IT departments utilizing self hosted resources and using outsourced IT services  has been evolving for years. This change has substantial economic impacts. Two of the main areas of change are in CAPEX and OPEX. This furthers the potential opportunity for reducing OPEX in conjunction with operating the hardware and software infrastructure. The change from CAPEX toward OPEX defines a lowering of the barrier for entry when starting a new project.

When examining self hosting, companies are required to allocate funding to be spent up front for licenses and hardware purchases. Operating under fixed costs, it is an out-of-pocket expense in the beginning of that project. Furthermore, when leveraging and outsourced offering (a.k.a. managed hosting), the upfront fees can typically be equal to a one-month start-up operational cost, and possibly a set up fee. When analyzed from a financial perspective, the annual cost is close to the same, or just a little bit lower, than the CAPEX expense for an equal project. Additionally, this can be offset by the reduction of required OPEX to manage and care for the infrastructure.

In stark comparison, when analyzing the cloud model, it is standard to see no up-front fees. With closer examination, a subscriber to cloud services can register, purchase, and be leveraging the services in much less time than it takes to read this blog.

The dramatic differential comparisons in financial expenditures you might see between these hosting models, and the cloud model, exist because the cost structures when utilizing cloud infrastructures are drastically more attractive than earlier models offered to IT.  With further investigation, it’s clear the economies of scale are multi-faceted, and driven by relation to the economics of volume. The largest cloud platform providers are able to offer a better price point to the IT consumers because they are able to bulk purchase, and offer better goods and services; which in this paradigm, are capacity, power, data storage, and compute processing power.

And so continues our 2012 blog series dedicated to understanding the core layers of cloud computing. Our next blog will focus on elasticity in cloud computing. Please check back often, or subscribe to our blog to stay up-to-date on the latest posts and perspectives and news about cloud computing. For more information about Nubifer Cloud Computing visit www.NUBIFER.com

Guidelines for Cloud Consumers and Providers

Business users are drawn to the cloud. That’s not surprising, considering they tend to see mostly benefits: self-service freedom, scalability, availability, flexibility, and the pleasure of avoiding various nasty hardware and software headaches.IT leaders though are a different story—they are not always as ecstatic.  They indicate uneasiness about cloud securityand have legitimate concerns that unauthorized users could get their hands on their applications and data. Moreover, retaining a level of influence and control is a must for them. Can both “sides” meet halfway? Is it attainable to provide the freedom that users want while having the control that IT leaders need?
.
Simply put, Yes…. However, doing so will entail a collaborative effort. Both business users and IT leaders have to assume a few key responsibilities. In addition, you will have to make certain that your cloud provider will be doing its part as well.

.

Your 5 Responsibilities

Here are a few things you need to be held accountable for:
.
1. Define the business need. Identify the root problem you want to solve a cloud technology. Is it a perpetually recurring concern, or one that happens irregularly? Did you need an answer “last week,” or do you have time to construct a solution?

Important note: Not all clouds are created equally. Some can run your applications unchanged, with instant access; while others require little tweaking. Recognizing your needs and differentiating cloud technologies will help you determine the correct strategy for handling the particular business problem that needs attention.

2. Identify your application and process requirements. Once you have accurately defined your business needs, it is time to select the application best-suited to meet those needs. Be clear and precise about the nature of the application, the development process you want to adapt, and the roles and access permissions for each user.

Your teams no longer have to struggle through traditional linear and slow development processes. Instead, the cloud can give them access to the best practices that are fluid and agile. Many self-service solutions can even empower them to run copies of the same environment in parallel.

Simply put, the cloud may lead to breakthrough productivity when used properly. However, if used incorrectly it can also lead to enormous amounts of wasted resources. Having said this, take your time to do your research and choose wisely.

3. Determine your timetable. Cloud projects are not short sprints contrary to popular belief. They are better illustrated as long journeys over time. Please plan accordingly.

Nubifer recommends to define your early experiments in a quarterly basis because cloud technology is transformative. Learn from the first quarter, take note, and execute the necessary adjustments and then move on to the next. The objective is to generate a learning organization that increases control over time and progresses based on data and experience.

4. Establish success factors. Define what success is for you. Do you want to improve the agility of the development process? Maybe you want to increase the availability of your applications? Or perhaps you want to enhance remote collaboration? Define achievement, and have a tool to measure progress as well. Identifying metrics and establishing realistic goals will aid you achieve the solution that meets not only your needs, but also your budget and payback time frame.

5. Define data and application security. Companies overlook this critical responsibility more often than they realize. Make sure to do your due diligence and attentively determine whom you can trust with cloud application. After which, empower them. The following are questions that need unambiguous answers: What specific roles will team members take in the cloud model? Does everyone comprehend fully the nature of the application and data they are planning to bring to the cloud? Does everyone know how to protect your data? Do they understand your password policies? Dealing with these security factors early on enables you to create a solid foundation for cloud success while having your own peace of mind about this issue.

Your Provider’s 5 Responsibilities

Meanwhile, make sure your cloud provider offers the following to attain better cloud control:
1. Self-service solutions. Time equals money. Thus waiting equals wasted time and money. So search for cloud applications that are ready from the get go. Determine if the solution you are considering may implement the applications and business process you have in mind immediately, or if the provider requires you to rewrite the application or change the process entirely.

There is also a need to distinguish if users will require training, or if they already equipped to handle a self-service Web interface. Answers to these questions can determine whether adoption will be rapid and smooth, or slow and bumpy.

2. Scale and speed. A well-constructed cloud solution provides the unique combination of scale and speed. It gives you access to the resources at a scale that you need with on-demand responsiveness. This combination will empower your team to run several instances in parallel, snapshot, suspend/resume, publish, collaborate, and accelerate the business cycle.

3. Reliability and availability. As articulated in the Service Level Agreements (SLAs), it is the responsibility of the cloud provider to make the system reliable and available. The provider should set clear and precise operational expectations, such as 99.9 percent availability, with you, the consumer.

4. Security. Ask for a comprehensive review of your cloud provider’s security technology and processes. In specific, ask about the following:

  • Application and data transportability. Can your provider give you the ability to export existing applications, data and processes into the cloud with ease? And can you import back just as hassle free?
  • Data center physical security.
  • Access and operations security. How does the consumer protect its physical data centers? Are these the SAS 70 Type II data centers? Are there trained and skilled data center operators in those places?
  • Virtual data center security. Your provider must be clear about how to control the method of access to physical machines. How are these machines managed? And who are able to access these machines?
  • In terms of scale and speed, most cloud efficiency derives from how the cloud is architected. Be sure to understand how the individual pieces, the compute nodes, network nodes, storage nodes, etc., are architected and how they are secured and integrated.

Application and data security.

In order to be able to implement your policies, the cloud solution must permit you to define groups, roles with granular role-based access control, proper password policies and data encryption–both iin transit and at rest.

5. Cost efficiencies. Without any commitments upfront, cloud solutions should enable your success to drive success. Unlike a managed service or a hosting solution, a cloud solution uses technology to automate the back-end systems, and therefore can operate large resource pools without the immense human costs. Having this luxury translates all these into real cost savings for you.

Despite business leaders recognizing the benefits of cloud computing technologies, more than a handful still have questions about cloud security and control. Indeed, that is understandable. However, by adopting a collaborative approach and aligning their responsibilities with those of the cloud provider, these leaders can find solutions that offer the best of both worlds. They get the visibility and control they want and need, while giving their teams access to the huge performance gains only the cloud can provide.

Contact Nubifer for a free, no-obligation Cloud Migration consultation.

Has Your Organization Adopted a Cloud Migration Strategy?

There has been an increased amount of research lately that indicates that many organizations will move to the cloud in the short term, there isn’t a lot of information detailing who is using it now and what they are using it for.

A published study by CDW reported that a number of enterprises are actually unaware that they are already using cloud applications and have a limited cloud adoption strategy.

It must be noted though, that this does not mean these enterprises have no intention of moving to the cloud. It just means, that these enterprises have not yet approached cloud computing strategically, and have not implemented an organization wide adoption strategy.

Cloud Computing Strategies

Another interesting note, according to the CDW report, is the percentage of companies claiming to have an enterprise policy on the acclimation to cloud computing — only 38%. This comes as a surprise as the report also concludes that 84% of organizations have already installed, at the minimum, one cloud application.

In March 2011, more than 1,200 IT professionals were asked to answer surveys for the CDW 2011 Cloud Computing Tracking Poll, which drew some interesting conclusions. It was discovered that these enterprises are uneasy with using public clouds and would rather go through the private clouds.

Cloud Application Usage

However, it is necessary to examine these statistics again with more caution. As mentioned above, more than 84% of these organizations claim that they have, at the bare minimum, one cloud application, yet they still do not consider themselves as cloud users.

The reason behind this discrepancy has yet to be determined. In other words, organizations are still unclear as to if and how it can integrate with their current enterprise architecture.

This is emphasized by how only 42% of those surveyed being convinced that their operations and amenities have the ability to operate efficiently in the cloud. Statistics show that applications operated in the cloud most frequently are the following:

  • Commodity applications such as email (50% of cloud users)
  • File storage (39%)
  • Web and video conferencing (36% and 32%)
  • Online learning (34%)

Developing a Cloud Strategy

Eight industries that were surveyed as part of the CDW Cloud Computing Tracking Poll back in March 2011 were—small businesses, medium businesses, large businesses, the Federal government, State and Local governments, healthcare, higher education and K-12 public schools. The poll discovered conclusions specific to each of the eight industries. It also included 150 individuals from each industry who acknowledged themselves as knowledgeable with the current uses and future plans of cloud application usage within their respective organization.

Although there are various hurdles to consider prior to adoption, primarily they can be divided into four segments:

1. Adoption Strategy

Despite having a number as high as 84% of organizations using at least one cloud-based application, only 25% of them have an organization wide adoption strategy and recognize themselves as cloud users. Just over a third has a formal plan for cloud adoption.

2. ROI Considerations

Approximately 75% were noted to have cost reductions upon migrating applications to a cloud platform.

3. Security

One of the, if not the primary obstacle, holding both current and potential users back is security. However, quite a number of users, including those who are currently using cloud applications, have yet to realize the full potential of security applications available.

4. Future spending

It is necessary for organizations to discover what future hardware and software acquisitions can be migrated into a cloud ecosystem.

Cloud Computing Now

A lot can happen in five years—this is especially true for the cloud industry. Currently, this study does not discuss in depth the difference between cloud computing and SaaS. However, it is likely that SaaS could be included in the study as it did define cloud computing as a “model for enabling convenient, on-demand access to a shared pool of configurable computing resources.”

With this in mind, along with the recent Forrester research on IT spending, it is highly likely that the data CDW has outlined will be significantly different five years from now.

According to Forrester, a record number of organizations will be investing in SaaS technologies, which broadly, is a subset of cloud computing. The data includes a finding that 25% of enterprises examined have a adopted a new cloud technology this year, with 14% using IaaS, 8% using PaaS, and 6% using business-process-as-a-service.

Does Your Organization Have a Cloud Migration Strategy?

In the end, the research was able to provide some thought provoking data. It was able to show that many companies are already leveraging the cloud without even knowing it.

Regardless of the potential ROI and efficiency gains offered by cloud computing, a significant number of companies have yet to seize the opportunity to leverage the scalability and efficiency of modern cloud applications.

Aside from this, according to the research, many companies find themselves without a coherent company wide strategy for dealing with cloud adoption. This is important to note because it is no secret a lack of planning can lead to disastrous results—with results like these needing a lot of financial and organizational efforts to fix.

If your organization is one of those lacking a coherent and comprehensive cloud adoption strategy, contact the Cloud accelerator experts at Nubifer to help guide the way. Nubifer partners with the leading vendors in order to provide unbiased cloud application architecture diagrams, white papers, security and compliance risk analysis and migration consulting services.


Cloud Appliances for Private Clouds

Cloud computing technologies have the ability to deliver a vast array of important benefits, including the option to leverage compute and storage resources on-demand. Public clouds are the most visible form of this. But, some organizations need important applications and workloads to be operated behind their firewall.

The size of  modern data sets makes it difficult to send over the internet to a public cloud data center. Management most likely has security concerns about data being stored in a facility outside of IT’s control. Often times there is specific hardware, software, or storage requirements that cannot be adhered to in public cloud ecosystems. In response, many organizations are leveraging private clouds.

There are two basic approaches to deployment of a private cloud environment: Build your own or purchase an appliance.

Build Your Own Private Cloud

With organizations operating their own compute, storage and network resources, one option to look into is redeploying these existing instances into a private cloud. Due to the trend of server consolidation, many of these machines may already be operating a virtualization layer. Beginning from this point, deploying infrastructure (IBM, VMWare, etc.) is a logical nest step.

Erecting a private cloud takes more than piling software layers on top of existing resources. Unfortunately, many enterprises may not have the internal resources and expertise to take on this integration workload. This is where a consulting firm like Nubifer can play an integral role in solving these vexing problems.

The Open Source Alternative

With proprietary and trade-marked technology comes the issue of being stuck with a specific vendor. In response, open-source options have evolved. Rackspace CEO Lew Moorman said his company opted to leverage OpenStack to open-source the software behind the cloud computing stack “because we believe a widely adopted, open platform will drive standards.” In the past 6 months, more than 50 companies had joined the community.

Opposition to adopting open source does exist. For example, the OpenStack code base is still very immature, and features such as supporting ‘VMware hypervisors’ and live migration of instances are still in development.

Also, IT folks need to download the releases and install themwith the existing compute, storage and networking infrastructure. This brings up another potential deal breaker: do you burden your internal IT staff with these modifications? Nubifer is here to help…

Cloud Appliances

An evolving method to deploying a private cloud is by leveraging a cloud appliance. A cloud appliance is a rack of computing resources delivered tested and ready to go, with the software versioned and configured. When the appliance is plugged in to power and the network, you’re ready to go.

For example, Nubifer partner, IBM, sells a private cloud appliance. This appliance blends standard hardware components and x86-based servers. By deploying an integrated cloud appliance,  IT is spared the time it would take to build its own. This frees up an organization to enterprise to focus on delivering business value rather than building IT componentry.

IBM’s private cloud offering is an integrated solution combining self-service, orchestration, and automation for heterogeneous resource pools.

Cloud appliances have drawbacks, though. For example,  new equipment is bought as part of the appliance, versus redeploying existing components.Because of this, an organization would probably consider an appliance during a hardware refresh cycle. In addition, there are a limited amount of pre-configured models, leading to a one size does not fit all situation.

Organizations are attempting to focus more on primary business functions, which for most does not include constructing IT infrastructure. All while public clouds are leveraging standardization to lower costs and offer greater levels of agility.

However, many workload requirements inhibit moving data sets to public cloud environments, spawning the deployment of private clouds. However, when an enterprise considers building a private cloud, it’s back in the discussion of building out IT infrastructure.

Cloud appliances offer a potential solution. By pre-integrating all components, IT simply plugs in and turns the power on. And after all, when buying a new car, you would prefer to turn the key and go, versus huddling hour upon hour reading the user manual. Why shouldn’t your private cloud deliver a similar experience?

For more information on private cloud implementation contact a Nubifer representative.

Organizations Leveraging the Cloud

In a recent poll by CDW, it found that nearly 28 % of all US based companies are leveraging the cloud, while almost 75% said that their first access to the cloud was through a simple cloud application.

The Cloud Computing Tracking Poll was conducted as a review of the current and future use of the cloud by business organizations and  government offices which was based on a survey of nearly 1,200 IT professionals.

About 84% of the organizations said that they have deployed at least one cloud application, while some others are not aware if they are a part of the users who are in the cloud.

“Many organizations are carefully – and selectively – moving into cloud computing, as well they should, because it represents a significant shift in how computing resources are provided and managed,” said David Cottingham, senior director, CDW. “With thoughtful planning, organizations can realize benefits that align directly with their organizational goals: consolidated IT infrastructure, reduced IT energy and capital costs, and ‘anywhere’ access to documents and applications.”

CDW mentioned that applications most frequently run in the cloud are service applications, such as email or docs, which have about half of the cloud users, file storage has 39 % of users, web and video conferencing has 36 and 32 % respectively, and 34 % of the respondents are the ones conducting online training programs.

Among those currently leveraging the cloud, almost 85 % said they cut application costs by moving to the cloud. On an average, users said, they save 21 % annually on those applications which are migrated to a cloud platform.

“The potential to cut costs while maintaining or even enhancing computing capabilities for end users presents a compelling case for investment in cloud computing,” Cottingham said. “The fact that even current cloud users anticipate spending just a third of their IT budget on cloud computing within five years suggests that before wide-scale implementation, IT managers are taking a hard look at their IT governance, architecture, security and other prerequisites for cloud computing, in order to ensure that their implementations are successful.”

This survey included 150 individuals from various industries who thought of themselves as familiar with their organization’s use of, or plans for cloud computing, a report on the CDW website said.

To learn more about how your organization can leverage cloud applications, visit Nubifer.com.

DoD Business Applications and the Cloud

The current cloud spending is less than 5% of total IT spending, but with an optimistic 25% growth rate, cloud computing is poised to become one of the dominant types for organizing information systems—which is why it is important for the Department of Defense Business Mission to begin organizing the path to cloud operations in order to migrate from its current low performance/high cost environment. 

The DoD Fiscal Year (FY) 2010 IT cost of the Business Mission—excluding payroll costs for uniformed and civilian personnel—is $5.2 billion, in addition to 1/3 of the costs of the communications and computing infrastructure tacking on an additional $5.4 billion to total costs.

The average IT budgets of the largest US corporate organizations are exceeded by the scope of DoD Business Applications by a multiple of three. As a result, DoD Business Operations need to think about its future IT directions as operating a secure and private cloud that is managed organically by the DoD Business Mission in order to squeeze the cost benefits out of the cloud.

There are many forms of cloud computing, ranging from Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) to Software-as-a-Service (SaaS), but when it comes to the Department of Defense, offerings that can offer support of over 2,000 applications need apply. Business Operations cannot be linked to “public” clouds that are proprietary.

The DoD, for example, can’t rely on the largest cloud service like the Amazon Elastic Cloud, which offers computing capacity completely managed by the customer and is thus a “public cloud.” Because compute processing is purchased on demand, Amazon is an IaaS service. Once your applications are placed in the proprietary Amazon cloud, however, it is difficult to transfer the workload into a different environment.

Google, however, offers a PaaS service as a public cloud (read: accessible to all) via the Google App Engine. Google allows developers to build, host and run web applications on Google’s mature infrastructure with its own operating system; Google only provides a few Google-managed applications.

Salesforce.com’s enterprise level computing currently operates at $1.4 billion revenue rate per year, with 2 million subscribers signed up for SaaS application services running in a proprietary PaaS environment. Because Salesforce offers only proprietary solutions and can’t be considered by DoD, although Salesforce’s recent partnership with VMware might change all that.

Other cloud providers offer IaaS services, but they all leave it to customers to manage their own applications; they qualify for DoD applications provided that would meet open source and security criteria.

Open Platform and Open Source
Microsoft’s Windows Azure platform offers a PaaS environment for developers to create cloud applications and offers services running in Microsoft’s data centers on a proprietary .Net environment. These preferentially .Net applications are integrated into a Microsoft controlled software environment but can be defined as a “closed” platform.

Currently, DoD Business Mission applications are running largely in a Microsoft .Net environment. What remains to be seen is if DoD will pursue cloud migration into a multi-vendor “open platform” and “open source” programming environment or continue sticking to a restrictive Microsoft .Net?

The largest share of the DoD IT budget goes towards the Defense Information Systems Agency (DISA), which has advocated the adoption of the open source SourceForge library in April 2009 for unclassified programs. DISA’s Forge.mil program enables collaborative software development and cross-program sharing of software, system components ad services in support of network-centric operations and warfare. Forge.mil is modeled from concepts proven in open-source software development and represents a collection of screened software components and is used by thousands of developers. Forge.mil takes advantage of a large library of tested software projects and its components are continuously evaluated by thousands of contributors (including some from firms like IBM, Oracle and HP although not from Microsoft, which controls its own library of codes).

OSS is defined as software for which the human-readable source code is available for use, study, reuse, modification, enhancement and redistribution by the users of that software by a DoD Memorandum of October 16, 2009 by the Acting DoD Chief Information Officer on “Clarifying Guidance Regarding Open Source Software (OSS).” OSS meets the definition of “commercial computer software” and will thus be given preference in building systems. DoD has began the process of adoption of open course computer code with the announcement of Forge.mil.

Implications
Due to the emigration of business applications, a reorientation of systems development technologies in favor of running on “private clouds”—while taking advantage of “open source” techniques—is necessary in order to save the most. The technologies currently offered for the construction of “private” clouds will help to achieve the complete separation of the platforms on which applications run, from the applications themselves. The simplification that can be achieved through the sharing of “open” source code from the Forge.mil library makes delivering cloud solutions cheaper, quicker and more readily available.

For more information regarding the DoD and open source cloud platforms, please visit nubifer.com today.