Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Cloud debate now about speed and sophistication

Australia’s use of technology such as cloud will go to the heart of our competitiveness
Cloud debate now about speed and sophistication

Not so long ago, cloud computing services were viewed as alternative or fringe options for large enterprises – useful for limited purposes, but not viable as mainstream solutions.

However, given the rapid rate of technology evolution over the past 12 months, there is now an air of inevitability around migration to the cloud.

In the past, the focus was on the risk to enterprises of moving to the cloud. That focus hasn’t gone away but the debate has now moved on.

The cost imperatives and speed-to-market capabilities are so compelling that we will be forced to find solutions to address any impediments arising from security, privacy, data sovereignty, etc. And it’s only a matter of time before just about everything will be delivered as a service.

Cloud as a disruptor – parallels with offshoring

The approach to cloud has some parallels with the migration to offshoring. Not that long ago, the risks and challenges around offshoring created enormous angst and political heat.

But due to various imperatives – a lack of onshore skills, cost, and the need to rebuild controls – a “new normal” has emerged with a significant proportion of IT and business processes migrated offshore.

Ironically, cloud solutions have the potential to create a far greater disruption for the local IT industry than was the case for offshoring. They displace the need for existing IT resources across an entire IT stack – from the data centre through to infrastructure and apps – impacting on supporting IT resources across those layers.

Speculation is now rife as to the long-term impact of cloud on the traditional IT sector.

Cloud as a driver of our competitiveness

What matters now is the speed and sophistication with which Australia takes up cloud given the opportunities that cloud implementations provide for huge leaps in competitiveness. Is Australia lagging behind regional and international markets in the take-up of cloud, and if so, what are the impediments?

In particular, are there legal or regulatory impediments, recognising that Australia’s privacy laws set a high-water mark for protection of personal data across the Asia Pacific region?

Are Australian enterprises more conservative in the take-up of cloud, as compared with their competitors across our region? And are Australian in-house IT teams adopting an approach of self-protection in relation to cloud? That is, are they behaving like ‘box-huggers’, wanting to retain control over their own IT shop regardless of the cost consequences?

Opinions vary greatly: this was a hot topic of debate at a recent industry forum held at Gilbert + Tobin. Why does it matter? Because Australia’s use of technology such as cloud will go to the heart of our competitiveness across all areas of the economy – from the corporate world all the way through to the local restaurant or retail store.

Of course the cloud is a global model. Just as with free trade and the removal of trade barriers, we will also need to address the challenges of the global cloud.

Managing cloud risks

It is generally recognised that technology tools and processes already exist to protect sensitive data in the cloud (including via the obfuscation of data). However, there are still legal and regulatory hurdles in moving to a global cloud.

We are currently seeing the use of workarounds through a mix of local and global clouds; and hybrid clouds, a mix of public and private clouds.

This enables sensitive data to be restricted to local and/or private clouds. The biggest challenge lies in ensuring the seamless integration of those multiple cloud solutions, across multiple jurisdictions and different (often conflicting) regulatory requirements.

Ultimately, legal and regulatory solutions will emerge to support the migration to global clouds, and enable large enterprises to realise the efficiencies of the global cloud.

For example, contract obligations can be imposed on global cloud operators to handle information in accordance with the standards and policies required under Australian law. Consequently, cloud operators will have little option but to accept these obligations if they are to facilitate cloud take-up across large enterprises.

Contracts can also be combined with mutual recognition regimes across nations. The twenty-one APEC economies have initiated steps for a model for global interoperability among privacy regimes.

If successfully implemented, this will provide mechanisms for organisations to have their privacy policies and practices certified as being consistent with data privacy standards that are recognised throughout the Asia-Pacific region.

Commercial challenges

From a commercial perspective, there are opportunities for cloud providers to differentiate themselves by offering commercial terms for cloud solutions that align with the business needs of large enterprise customers. The commodity “one-size-fits-all” approach to cloud is a myth, and will simply not work in the large enterprise environment.

Enterprise customers will need to be discerning about ensuring that the cloud offerings meet their commercial requirements.

For example, while cloud solutions can offer greater flexibility and portability under “rental models” (without up-front investment), these benefits will not be realised if the commercial terms require a long-term “lock-in”.

It is important to ensure that the commercial terms don’t create limitations around the potential opportunities of cloud solutions.

Enterprise customers will also need to manage the risks around business processes “falling between the clouds”, due to the challenges of integrating multiple cloud products. The end goal is seamless, end-to-end service delivery (with performance commitments) across multiple clouds.

The adoption of cloud will require significant development of new in-house skills –less focused on the provision of IT services, and more on a business or “broker” role.

For instance, new in-house procurement skills will be required to ensure that large enterprises still achieve their required performance standards, business outcomes, seamless service delivery and appropriate risk allocation in the multi-cloud environment.

People will also need to know how to manage multiple cloud solutions, particularly given the emergence of new service management methodologies to meet the demands of the multi-cloud environment.

These challenges will also require far greater collaboration between the cloud providers themselves, through commercial alliances and partnering.

They will need to work together to allocate responsibilities between themselves and deliver seamless end-to-end services with performance standards that meet the demands of large enterprise environments.

Bernadette Jew is a senior technology partner at Gilbert + Tobin.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: APEC

Comments

Ronald Duncan

1

There are some sectors ecommerce and eprocurement that have lead the way in cloud adoption.

You can learn from these sectors and how they have coped with global privacy and legal compliance, since they have been actively globally for the last 14 years.

Ronald Duncan
CloudBuy.com

Shawn Douglass

2

Yes, the cost benefits and speed-to-market are very compelling – too compelling to ignore, really. Cloud management platforms exist that help IT balance the need for agility and innovation with the requirement to maintain security standards and regulatory compliance. Cloud Management Platforms offer a central policy engine that can enforce governance, compliance and security across the stack – from access controls to where workloads should be deployed based on the level of data protection required. For one large global bank that got it right: http://www.servicemesh.com/cloud-it-resources/take-aways/
- Shawn Douglass, CTO, ServiceMesh

Kit Lloyd

3

Bernadette,

Thank you for the thought provoking article. A few points:

Vendor Impact: It is often quoted that for every $1 spent in the cloud, $2 is lost from hw and sw vendors budgets. In my experience the figure is tenfold this number, particularly in small to medium enterprise. Firstly cloud SaaS/PaaS offerings, such as CRM, are orders of magnitude cheaper than their in-house solutions. Secondly, the flow on effect of simplified cloud based offerings directly affects and reduces process costs.

Standardization: You mentioned that one-size-fits-all does not work. I would argue the opposite, standardization is fundamental to the cloud. The most successful and fastest growing companies in recent times have relied on massively standardized compute architectures (Google, Amazon, Dropbox et al). If you are requiring customized cloud offerings it would seem be a similar paradigm to the old outsourcing adage of ‘your mess for less’.

Jurisdiction: For sure our legal system and jurisprudence is lagging behind our internet based reality. Today, the requirement to locate data in geographic jurisdictions seems an out dated and unsatisfactory concept. Most enterprise cloud offerings allow choice of jurisdiction; however this is simply a stop gap measure until our regional legal systems (and constitutions) catch up.

API’s: The cloud is enabled by two simple paradigms: Virtualization and Application Program Interfaces (API) accessibility. Virtualization and automation have been available since the late 1990’s. However, API accessibility is the real driver. APIs have permitted the transformation of the entire data center into something that resembles one giant computer.
Indeed, Google coined the term ‘Warehouse Sized Computer’ in Urs Hölzle’s seminal 2009 paper to describe its data center concept.. All aspects of the data center are controlled by intelligent, policy driven software. It is the advent of standardized, readily accessible API’s that have enabled this automation orchestration.

Kit Lloyd - GM Gulf Business Machines (Oman)

Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: public cloud, Bernadette Jew, risk, Gilbert + Tobin, cloud computing, private cloud
Latest Blog Posts
Whitepapers
  • Software Defined Protection - The Enterprise Security Blueprint
    In a world with high-demanding IT infrastructures and networks, where perimeters are no longer well defined and where threats grow more intelligent every day, we need to define the right way to protect enterprises in the ever-changing threat landscape. Download today to define your security blueprint.
    Learn more »
  • How to Successfully Select an ERP System
    An Enterprise Resource Planning (ERP) system is a series of software applications that collect and compiles data from different departments to enhance collaboration and co-ordination within the business. If you’re looking to implement your first ERP system, or to upgrade from an existing system, this whitepaper offers eight simple steps for selection that will lead to long-term strategic success.
    Learn more »
  • The Three Essential Steps to Successful Cloud Migration
    Businesses and enterprises have quickly realised the power and efficiency of cloud computing, but migrating to the cloud can be a challenging process. This guide leads you through the three key steps you should take to assess your workload, select the most appropriate cloud model and ensure your cloud provider’s migration methodology stacks up.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Latest Jobs
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index

Recent comments