Many organizations are considering shutting down their data centers and migrating most IT functions to the cloud. Beware, though: Not all clouds are soft and fluffy .
Before committing to a migration to cloud computing, you'll need to weigh a number of issues. Here are some of the thornier ones you should address:
Internet access. Cloud applications require reliable high-speed Internet access. Although Internet service is increasingly reliable, all carriers experience periodic problems. And when an outage occurs, you'll have to be patient. Your outage is unlikely to be fixed before the problem is solved for everyone. Moreover, most carriers still have difficulty supporting multiple large-bandwidth requests simultaneously. Critical cloud-based services require comprehensive contingency plans that involve multiple Internet access points.
Support. Cloud customers do not control update schedules or problem-resolution priorities. MySAP, Salesforce.com, Flickr and other cloud providers update software based on unknown internal criteria, with little customer input. Don't expect to know where your problems fall on your provider's priority list, or to receive any hand-holding.
Legal issues . Government regulations determine how people with fiduciary responsibilities can communicate with their clients. Want to use Twitter to contact clients? If you're a fiduciary trustee, you should think about federal records retention regulations. Virtually all Web 2.0 services lack sufficient user-level backup capabilities. You can hire programmers with Web 2.0 expertise or subscribe to a service like Backupify . But even then, some data may be inaccessible -- for example, there is currently no way to download videos from Facebook.
What's more, the physical location of cloud data is unknown. European Union privacy laws prohibit certain data from crossing borders. And conducting a SAS 70 audit is extremely difficult in the cloud. Companies must rely on cloud providers for compliance, but who is ultimately responsible for violations? Moreover, liability for a cloud data breach is unclear. Who will pay?
Data retrieval. Cloud providers make it easy to upload data. Unfortunately, each provider uses proprietary data definitions and data structures. In addition, they offer no simple tools for downloading bulk data. So, what goes up may not come down. Most customers are forced to use an Internet connection, often at unacceptably slow data-transfer rates. At 100Mbit/sec., it takes one to two days to export 5TB. Worse, it can be extremely expensive; Amazon charges 10 cents per gigabyte, or $100,000 per petabyte, to download data from its S3 storage service.
SLAs . Cloud providers have different service-level targets. For example, Amazon, Rackspace and 3Tera define an outage differently. Furthermore, each provider uses a different process to document outages and process any resulting user credits.
Governance. The cloud makes it easy for rogue departments to implement new services without IT's knowledge. If the offending departments are not IT-savvy, new systems may be implemented with insufficient documentation, ineffective security or nonexistent workload management. And guess who will have to support those loser apps!
Financial complexity. Established companies have enormous investments in infrastructure. To be financially viable, providers must create financial models that offset total migration costs. Do a comprehensive financial analysis before committing.
Cloud computing is essentially just another type of outsourcing, with similar risks and benefits. Are you ready to trust the cloud with your most precious resource, your revenue-generating systems? Don't leave your organization exposed to thunder clouds; lightning may strike at any moment.
Bart Perkins is managing partner at Louisville, Ky.-based Leverage Partners Inc., which helps organizations invest well in IT. Contact him at BartPerkins@LeveragePartners.com .
Read more about management in Computerworld's Management Knowledge Center.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.