Question All Your Cloud Assumptions

Cloud computing has benefits, but there are downsides. One successful cloud user tells us how to get it right

Cloud computing makes some great promises. There’s no need to buy software or hardware, your capital expenses will shrink, your maintenance and head count costs are lower, there is scalability, and the list goes on. 

However,  there are two sides to every story. There are legitimate concerns within cloud computing about application quality, portability and security; control over how the data is delivered; certifications and standards; and so forth.

Thus, a lot of forethought and due diligence must go into making the move from a conventional data centre to one that’s up in the sky somewhere—and possibly on another continent.

“When a company decides to add cloud services to its IT, the company has to open the kimono a little bit; there’s a lot of trust involved,” Peter Young, vice president and CIO of biopharmaceutical provider MedImmune, told the audience in the opening keynote of SaaSCon 2009 here at the Convention Centre.

MedImmune is a 21-year-old biopharmaceutical company that went public in 1991 and is up to £0.9 billion in annual sales. It was acquired by AstraZeneca in 2007 for £10.8 billion. Headquartered in Maryland, it produces flu vaccines, antibodies and other products.

Young, who directs the global activities of MedImmune’s IT business, recently made the move to add a cloud component to his company’s multinational IT division.

Young laid out a list of key questions that IT managers should ask when considering such a move. A lot of IT decision makers are now considering adding cloud components, pushed by anxious C-level executives and boards of directors concerned with controlling costs in the worldwide recession.

“First of all, we’re talking about exposing services – whether they be internal or from outsides sources – in a way that brings value,” Young said. “Data services, application services, network services, hardware, storage, other services – that’s what’s being offered in the cloud today as a package. In the old ASP [application service provider] days, you got one thing at a time, and it got complicated and siloed.

“If we’re moving beyond Cloud Computing 1.0, this [combined service packages] is where we’re going.”

Because these are all essential to any business in a proprietary way, they all must be kept sacrosanct when trusted to an outside IT supplier, Young said.

“Question everybody, everything,” Young said. “Take nothing for granted.”

Young said IT managers considering a move to the cloud should ask the following questions, for starters:

  • How portable is the technology and data across international borders?
  • Who is backing the service provider?
  • Is the provider certified, and by whom?
  • Where does the data originate?
  • How is the identity management process set up?
  • How is change management handled?
  • What happens to your partnering model?

Question any assumption you hear, Young said.

“What happens as my data crosses international boundaries and different jurisdictions?” Young asked. “Regulations will face you at every turn, and you need to know that your service provider has accounted for that.

“IBM endured a painful transition from the hardware to the software-and-services business,” Young said. “Being a multinational company, it was a rough time. Cloud computing is in its early stages but will face many of the same issues.

“Cloud computing is not an optional disruptor. This will become standard very soon. We can now provision a server in 8 minutes; it’s all moving very fast. Because we have no closed standards at this time, this could be the downfall for some early adopters, but if they’re aware of all these questions and ask them, they’ll be better prepared,” Young said.