Building Clouds That Are Flexible and Secure

By Samuel Greengard  |  Posted 2013-05-30
clouds that are flexible and secure

By Samuel Greengard

Ken Bergmann knows all about the road less traveled. The vice president of IT for transportation firm Greyhound Lines must keep passenger buses rolling to 3,800 destinations in cities, towns and villages across the United States.

"The front office functions—including the Website, scheduling and ticketing—are what keep the business operating," he explains. "We require sophisticated systems to manage these processes, with individuals as well as with affiliate networks."

Increasingly, Bergmann is turning to the cloud to address a variety of challenges and build a more robust IT platform. The 99-year-old Dallas-based company, which boasts 13,000 departures daily across North America, is attempting to build a more dynamic and flexible IT infrastructure that can support its business environment.

"The cloud provides a delivery mechanism that allows us to easily scale software," he explains. "It delivers a cost-effective way to provide alternative environments for things like development and third-party integration as we undergo a business transformation.

Bergmann isn't alone. Over the last few years, cloud adoption has mushroomed like a thundercloud on a summer afternoon. By some estimates, more than 90 percent of medium and large enterprises are using clouds in a significant way. In fact, the question is no longer whether to deploy clouds, but how and when.

"Organizations have moved beyond the perception that clouds represent a security risk," observes Joseph Coyle, North American chief technology officer for consulting firm Capgemini. "Executives understand that clouds offer remarkable capabilities, and they are now approaching the situation from a perspective of how to make it work."

At the heart of the issue is how to design and build clouds that deliver maximum flexibility and agility, while also providing the highest level of security. Not surprisingly, the challenges grow as data travels across an enterprise—and out to partner and third-party sites and servers. In many cases, virtual machines replicate data and, without adequate oversight and controls, put it at risk.

"Business and IT executives must decide which applications and data to place in the cloud, how to oversee this data and how best to extend protections to partner and third-party sites," Coyle says.

Steering Toward the Cloud

A few years ago, major companies typically turned to clouds to dial up server capacity on demand—typically through vendors such as Amazon EC2 or Rackspace—or to manage a handful of applications using software as a service (SaaS). But cloud offerings have exploded in recent months. A variety of corporate departments—including marketing, finance and HR—are turning to a growing collection of cloud services, and are using platform as a service (PaaS) and infrastructure as a service (IaaS) to build a more complete IT environment.

Coyle says that a broad cloud-based approach delivers a consumption-based model that trims costs while simplifying IT. He is seeing ERP, supply chain systems, training tools and testing systems go into the cloud, as well as development platforms that can, in a traditional IT environment, pull significant resources.

"Many organizations are now moving beyond getting their feet wet," Coyle says. "They are putting mission-critical applications and data into the cloud."

At Greyhound Lines, cloud computing serves as the foundation for a more efficient way to operate the business. The company is running on CapGemini's Cloud Orchestration Management Platform powered by Amazon Web Services.

"The cloud is an easily scalable delivery mechanism, and it's a cost-effective way to provide alternative environments for things like development and third-party integration," Bergmann says. "We are able to scale server capacity up and down in a more dynamic and flexible fashion."

What's more, by building an adaptive user interface within the cloud-based development environment, "We are able to build once and then leverage it for multiple projects and tasks," he adds. "We're able to make changes very rapidly."

The company has several live production environments residing in the cloud. These include: collaboration tools, a knowledge management system, an asset management solution and the application development platform. Although none of the company's core systems are in the cloud for now, "all of them are in development in one form or another," Bergmann notes.

"We are moving forward methodically so we can maximize the odds of a successful and secure environment. There is no question that we will be sharing data and information with other organizations in the future, but the process has to take place at the right speed."

Capgemini's Coyle says that as organizations "kick the tires" and become more familiar with cloud environments, they're finding the technology critical to operating efficiently and effectively. In many cases, clouds are tying together operational silos and diverse functions and are enabling more complex and dynamic business networks.

What's more, as enterprises tie in mobility, social media, big data and other technologies, they're able to create an IT environment in which the sum is greater than the collection of individual parts. This is ushering in a new era of innovation and a more holistic approach to business.

Weathering a New Era

In many instances, clouds are helping companies gain collaboration and workflow capabilities that wouldn't have been possible only a few years ago. In addition, many of these organizations benefit from lower CAPEX costs, as well as an ability to plug in new infrastructure, software and platforms with minimal IT staff and resources.

For instance, York Risk Services, a Parsippany, N.J., provider of insurance, risk management, alternative risk, pool administration and claims management solutions, migrated its core human resources functions into the cloud in August 2011.

The company, which has about 2,500 employees in the United States and another 100 abroad, viewed the move to SilkRoad's SaaS solution as an opportunity to significantly trim costs and add flexibility, including the ability for staff to access data via iPhones.

"We are able to introduce more advanced features, put more information in the hands of employees and reduce the overall burden on IT," explains Kevin Valenti, director of Human Resources, Benefits, Comp and HR Systems. "The cloud capabilities are helping us achieve a competitive advantage."

Some companies are now taking things a step further and deploying infrastructure as a service and other cloud components. One of these organizations is National Asset Direct (NAD), a San Diego firm that provides investment fund acquisition and management services for other companies. A couple of years ago, Chief Technology Officer John Madrid recognized that the company needed to dramatically boost performance and slash operating costs for its desktop computing environment.

For several years, the company relied on a hosting services provider to support a thin-client operating environment. Although NAD employees could access their virtual desktops from any thin-client system at any office location, remote access was a challenge. Employees could access email from outside the firm using Microsoft Outlook Web Access, but internal system access to productivity tools, network file shares and specialized business applications was limited. As a result, the company began experiencing business operation disruptions and diminished productivity.

In 2011, NAD evaluated a number of options and vendors with its value-added reseller, En Pointe Technologies, before selecting dinCloud. NAD then transferred its user account information, business data, applications, virtualization servers and storage systems to the cloud.

The move trimmed the company's server requirements from 50 to 30, while also slashing monthly IT operating expenses by 50 percent. It also resulted in enhanced IT control and greater operational flexibility, says Madrid. "Other than a VoIP system, we are now running our entire infrastructure in the cloud. We have centralized IT management capabilities [and have] a more consistent security environment."

Concerns about sensitive data in the cloud are fading as organizations better understand how to build cloud environments. Some businesses are opting to keep databases and sensitive information in-house, even when relying on a SaaS or IaaS approach.

Others, including a number of prominent retailers and health care organizations, are turning to third-party providers that specialize in storing and managing sensitive cloud-based data. In many instances, these firms provide more robust security, better governance and stricter controls than companies typically achieve on their own.

Capgemini's Coyle says that organizations must move away from a conventional bottom-up approach to building IT environments. "For many years, companies constructed data centers, installed servers, added PCs and built out a computing infrastructure," he points out. However, that model is rapidly being eclipsed by what he describes as a top-down approach.

"Organizations must look at the business process or examine a core business unit and work through a decision matrix that identifies business requirements and how best to address everything from performance to SLAs [service-level agreements] and security," he says.

In this new world of IT, infrastructure, applications and other resources are increasingly commoditized. "If an organization addresses its requirements from a business functionality point of view, it is more likely to end up in the right spot," Coyle explains.

In the end, this can translate into as much as 90 percent of cloud applications and services residing in the public cloud. IT's must orchestrate and blend these cloud services into a cohesive whole.

"Today's enterprise requires an IT department that can help the organization understand how to combine internal systems with cloud-based infrastructure, applications and data in a far more strategic way," Coyle advises.