Exit StrategiesBy Chris Harding | Posted 2010-10-12 Email Print
Cloud computing will not reach its full potential until management and contextual standards are fully developed and stable -- so buyers of cloud services need to choose carefully.
The next area of concern is the possibility of changing cloud suppliers. You should have an exit strategy before signing a cloud contract. There’s no point in insisting that you own the data and can remove it from the provider’s systems at any time if you have nowhere else to store the data, and no other systems to support your business.
This is an area where industry bodies can help, by developing migration frameworks based on the existing accepted protocol and data-format standards.
The problem is relatively straightforward for IaaS and PaaS, because the processing logic is supplied by the user, and the data is likely to be stored in a standard format. It is wise to check, though, that the particular formats you use can be supported by other cloud providers, or that there is a transformation mechanism.
For example, if you use the Persistent Data Objects supported by GoogleApps, can you easily migrate to a cloud provider that supports SQL?
The problem is typically harder for SaaS, because the processing logic is supplied by the provider, and the data formats might be proprietary. It is unlikely that another provider will have the same processing logic, and a change of provider could mean changes to the business processes. Custom code might be needed for data transformation.
Changing your SaaS provider is likely to be a difficult and risky operation. Standard frameworks, perhaps industry-specific, could mitigate this. Industry bodies such as the Association for Retail Technology Standards (www.nrf-arts.org), which is active in the cloud space, could play a role here.
Another area in which lack of contextual standards causes concern is that of enterprise architecture. When an enterprise uses cloud computing, its architecture team should ensure that:
• the cloud services form a stable, reliable component of the architecture for the long term;
• they are integrated with each other and with the IT systems operated by the enterprise; and
• they support the business operations effectively and efficiently.
This underscores why it is so important for each cloud contract to be backed by an exit strategy. More generally, there can be multiple cloud suppliers providing various capabilities, perhaps with some load-sharing between them. The enterprise architecture should provide for this to be done in a risk-free and cost-effective way. You should also provide for a smooth transition as suppliers are added or dropped.
The enterprise architecture should define the relationships between the cloud services and other architecture components—and prescribe their interface data format and protocol standards—so these interoperate effectively, and information flows between them as needed.
Identity management is a particular problem for the integration of cloud services. There is no lack of standards, but it can be difficult to understand which ones to use and how to use them. The Cloud Security Alliance has produced “Guidance for Identity & Access Management” (tinyurl.com/2crjtep), which maps the identity management standards terrain—even if it does not yet show a highway through it.
Enterprise architecture is an established discipline. The experience of professional enterprise architects is encapsulated in standard reference models, methods and frameworks. Because cloud computing is a new phenomenon, the reference models, methods and frameworks are still being developed. These are the key contextual standards that cloud computing lacks.
This is an area in which industry bodies are actively working to help both consumers and providers of cloud services. For example, The Open Group is focused on Enterprise Architecture, and its Cloud Work Group (www.opengroup.org/cloudcomputing) is developing models and best practices to help enterprise architects decide where and how to use cloud services to benefit enterprises.
Other active groups include the U.S. National Institute of Standards and Technology (http://csrc.nist.gov), the Object Management Group (www.omg.org) and the Organization for Advancement of Structured Information Systems (www.oasis-open.org).
Use of cloud computing will expand massively, as the growing speed and power of the Internet make it easier for enterprises to outsource their technology. Established Internet, Web and software-platform standards form a ready-made initial basis of standards for this expansion. But configuration and management standards, and contextual standards for models and practices, which are currently lacking, are essential if cloud computing is to reach its full potential.
While these standards are being developed, enterprises will find it harder to adopt the cloud than it should be; mistakes will be made. It is tempting to call for instant solutions, but history shows that effective standards can only be created based on experience.
You can stay up to date with this market by participating in one of the cloud standards developments under way. Join the cloud community, gain a deeper knowledge and understanding that will benefit your business, and help the industry move forward.
Chris Harding, Ph.D., is forum director for SOA and Semantic Interoperability at The Open Group. Prior to that, he was a consultant, as well as a designer and development manager of communications software.