a central point for collection of information as it relates to cloud computing in the government
Cloud Computing Economics
December 13, 2009 at 10:33 am #87046
Enterprise Cloud Computing: Risk and Economics
By Sonny Discini
November 12, 2009
Everyone is talking cloud these days, and why not? The offerings are maturing, and the benefits are starting to appeal to those who want to solve enterprise risk and economic issues still on the table. Things like pay-per-use models now have us looking at how we assess hardware and software costs. You can now pay for only what you use instead of buying a full application suite. But can the economic and risk factors drive enterprises over to full cloud deployments?
The new way of doing enterprise business.
As I just mentioned, the enterprise now has a new way of looking at the economics of operational IT. This goes to core apps right down to enterprise security. Cloud computing is better about optimizing capital investments because it enables lower capital investments in hardware, software and real estate; instead of investing in them, enterprises procure cloud services. This significantly lowers total cost of ownership, which traditionally has been a significant cost to the enterprise.
When we think of large enterprise IT, we cannot let go of the old assumption that it is slow to move when it comes time to make a change. Cloud offerings may crush this old adage. Cloud computing typically requires significantly less time and effort to provision additional resources for existing applications or new resources for new applications. The straightforward procurement model and use of shared infrastructure also leads to greater agility of the cloud computing model.
Another area where costs have been traditionally high has been in IT talent. Cloud models will allow the enterprise to tap talent pools for a fraction of the cost of retaining in-house staff. This will give IT pros heartburn, but for those who are able to shift on the fly, IT pros will be able to turn their focus to solving business problems. The enterprise can then fully focus on business objectives and therefore allocate more resources to solve business problems, even the ones that were practically insolvable with in-house staff. From another angle, the cloud model now gives small organizations access to IT services and talent previously out of reach. The small organization now has the ability to tap the same level of talent and services as the large enterprises.
You cannot shift risk, rather, make someone else manage it for you.
Cloud computing offers computing architectures and innovation potential never before seen to large and small enterprises. With it, it is important to understand that risk does not evaporate in the cloud; nor does it shift to the cloud provider. Enterprise security professionals have been waving the red flag to C-level executives interested in migrating to the cloud. Questions must be asked such as:
* Which risks related to service reliability, availability and security arise?
* How much control the user can exert over the IT services provider?
* What control must be given to the provider and what trust assurances exist?
Given that cloud models are new, even with the SLAs provided today, an enterprise can quickly find that what it thought it was getting may not be the case at all. Legal departments are also seeing cloud issues for the first time, so it is extremely important to involve all enterprise teams when looking at cloud contracts, potential litigation exposures and of course security risks.
To sum it all up, cloud computing offers significant benefits to the organization in the form of economics, agility, innovation, simplicity and even social impact. By this I mean the benefits of green computing, such as not introducing more computer hardware to the landfills.
However, the devil is in the details, and while there are many benefits to the cloud model, the trust and risk aspect of the cloud is still widely unknown, and hence, very dangerous. When enterprise architects and security pros design controls around business processes, they will have to take traditional tools and refine them to provide sufficient protection to the enterprise in this new dawn of computing.
Copyright 2009 QuinStreet Inc.
You must be logged in to reply to this topic.