Now that Cloud is hitting main stream with both Lines of Businesses (LOB) and IT organizations. Companies are trying to figure out a very simple question: What is their Cloud Strategy? What is challenging in this environment is that only a few people understand how Cloud Computing is going to transform their way of working.

Cloud Computing’s utility based computing model requires a new way of thinking. But the usual suspects that inhibit the adoption of Cloud based solutions and managed services are as follows:

What part of Cloud am I investing in ?
Security
Job Security
Budget

What part of Cloud am I investing in ?

Here is a great diagram from Thomas Maurer’s website that explains what each type of Cloud means.

The cost element that is also factored across all these services, is that it is amortized across multiple instances which is usually referred to as multi-tenancy.

The other facets of Cloud Computing include something called a Virtual Private Cloud (VPC) which is also referred to as an Island configuration. Virtual Private Cloud (VPC) enables you to launch resources into a virtual network that you’ve defined. This virtualnetwork closely resembles a traditional network that you’d operate in your own data center, with the benefits of using the scalable infrastructure of a traditional infrastructure as a service provider. For those that are very security conscious that want to leverage the Cloud, I would recommend the VPC option.

Infrastructure as a Service (IaaS) currently gets all the lime light because of players like Amazon, Google, IBM , Microsoft, and others (along with their aggressive price cuts). This is quickly becoming a commodity business. A challenge with a traditional IaaS is that initially it may look appealing at a price level but the costs can get quickly out of control because of the ease starting up new instances for application workloads. If the environment is left unsupervised there could be a nice little bill of unforeseen expenses waiting for you at the end of month or term.

There are a lots of organizations out there that have built consulting services on teaching people how to use spreadsheet after spreadsheet to manage their infrastructure costs

Platform as a service (PaaS) does everything below the application and data layer. This variant allows companies to build scalable applications on multi-tenant architecture that is elastic. There are also managed service providers that provide single tenant secure PaaS environment for those that are security conscious. The charge metric for PaaS is based on the number of transactions undertaken by the application or how many computing units are being consumed to scale your application. The most popular PaaS environments are Heroku, Google App Engine, IBM’s BlueMix, Engine Yard, and many more.

You may hear other kinds of acronyms like Database as a services (DBaaS), Desktop as a Service (DaaS), these are all part of the PaaS section in the Cloud. You need to keep track what you are using here as well to make sure you controlling costs and staying within your budgets

Software as a Service (SaaS) in this case the entire solution is managed for you and all you do is pay a subscription. Salesforce is a dominant player in this space and there are several others that provide such Software as a Service capability. As a matter there several SaaS environments we use in our daily lives email applications, blogging platforms, Analytics platforms etc. Understand that although you get a feeling of isolation in a SaaS environment, you are still sharing some of the core services with other folks.

I talk about issues with multi-tenancy for Enterprises in my prior post http://goo.gl/s9d8Xn

Managed Service providers abstract Enterprise Clients from the underlying complexity in moving to Cloud or leveraging Cloud services

Security

This is usually the biggest concern for all organizations moving to the Cloud or planning to move to the Cloud. The great thing is that there are several organizations including Governments that are providing security guidelines for various Cloud Service providers. Organizations like the Cloud Security Alliance or NIST have been laying down the rules on what are some of the “table stakes” rules when it comes to Cloud Security.

The US Government has rules like FeDRAMP and FISMA for Cloud Service providers to comply before they even bid for any government contracts. US government in this case is also seems to be further ahead in terms Cloud Adoption for Citizen services and in also establishing guidelines for consumption of such services via the private sector.

Terms you should be aware are terms like

Secure Operations Center (SOC) or a Network Operations Center (NOC)

Federal information processing Standard (FIPS) encryption

Data under rest Encryption

In certain industries where health information is being captured; Rules like HIPPAA will also apply.

In a nutshell though security with Cloud Providers has improved significantly but it depends whether you are hosting your workloads on Public cloud or in a Virtual Private Cloud

If you bundle managed services with this environment the additional benefit is that you get a disaster recovery plan baked into your solution.In which case you may have to acquire another “as a Service”.

Job Security

okes apart this is a genuine worry with folks that manage their organization’s data center. I would like to assure these folks that their Jobs are safe and that they are now going to look doing things that higher up the value chain and making sure they are keeping their organization safe from intrusion threat, application vulnerability etc.

If you are an IT person you don’t need to learn how optimize certain types of Application servers for different LOB applications, but you will have to make sure that the environment meets your organizations security guidelines and that the organization’s client facing applications are running 24×7/ 365 .

Remember, just because power distribution became utilitarian over a hundred years ago (thanks to Thomas Edison and George Westinghouse), it did not imply that all the power plant workers in the factories went away, those resources were realigned to work in the factory to produce more goods services that mattered to that particular business.

Budget

Even though Cloud Computing makes computing a utility. It can still get expensive imagine using your air conditioning for 24×7 in an environment where the outside temperature is 100 degrees fahrenheit and with 90% humidity. It will make for an interesting electricity bill at the end of month.

Which is one of the reason you will seek transparency in the billing procedures of your provider. Cloud Computing with Managed service is actually more cost effective than trying to run your own private cloud and running with similar capacity issues just at a larger scale. One could argue that virtualization takes care of that problem and you are right but it only solves one part of the problem, even in a virtualized environment you still need continue buying hardware as part of the capacity planning and that is a capital expenditure which takes long to acquire in most organizations as it is a balance sheet item.

If you are considering Price as a deciding factor then you need to figure out what level of Service Level Agreements (SLAs) you are willing to live with. Multi-tenant environments usually have the most minimalistic SLAs and dedicated Cloud providers with Managed services have a higher fidelity of SLAs for your environment especially in the Application services area.

I agree this is not a very exhaustive list but in most cases, which I see across the industry these are the 4 that bubble up most of the time.

Looking forward for your feedback