– Keao Caindec, SVP and Chief Marketing Officer at OpSource (www.opsource.net), says:
Concerns over security and lack of control have prompted IT departments to turn away from public cloud options in favor of home-grown private cloud services. Organizations that make this decision risk losing the core benefits that cloud computing was intended to provide in the first place – a more cost-effective and less resource-intensive model for managing enterprise-class systems and applications.
What if the problem wasn’t in the public cloud model itself but with the way that most cloud providers are offering cloud services today? A cookie-cutter, one-size-fits all model that lacks enterprise-class capabilities will fall short of enterprise expectations every time. Organizations considering cloud computing investments should consider the five following requirements when selecting a public cloud provider:
Security, Security, Security: Many public cloud implementations treat security as an afterthought – layering it on top of the server virtualization layer. A more secure solution is a “multi-layer approach” that includes firewall, VPN, IDS, authentication and identity management to protect an organization’s assets to the service layer. With this “defense-in depth” security strategy, no single solution provides all the security. So when selecting a public cloud offering, it is not enough to rely on software-based security services on top of a virtual server – these security components should be integrated into both the hardware and software supporting the service.
Control: When considering cloud providers, verify that the service includes both a web-based user interface and an API into the public cloud environment. This interface provides IT organizations a tangible connection into the service, giving them hands-on control of servers, networks and storage resources. With this level of access, IT can remotely handle server control, network configuration, administrative control, cloud file control and reporting. This level of control provides the reassurance IT organizations require before moving assets into the cloud.
Performance: Measurable performance is an important criterion considering that organizations today must adequately provide for the high-availability demands of mission-critical applications. Public cloud providers should be able to offer a service guarantee of 99.999% network and platform uptime along with latency guarantees. Strong performance SLAs indicate the level of confidence a provider has in its underlying redundancy, capacity management and security capabilities.
Integration: To realize maximum efficiencies, organizations need to ensure that the cloud environment integrates seamlessly into the enterprise networks. This must occur at both the system and application level and should integrate billing functions across the entire organization. With this tight integration, organizations can manage security profiles, add or delete cloud files, etc. easily and quickly across the entire environment. Organizations should also examine published API documentation to fully understand any integration limitations.
Flexibility: Cloud providers need to be able to deliver customized solutions and scale up and down based on the demands of the business. Public cloud solutions should support all of the leading hosting platforms, offer a pay-as you go pricing model and allow enterprises to pick and choose the services that are needed at any given time. Providers should be able to strike a balance between offering standardized and customized options.
In short, when selecting a public cloud solution, it is important to remember that not all public cloud offerings are alike. By choosing carefully, enterprises can select a public cloud platform that fits their needs for security, performance and control while meeting their requirement to reduce expense.