Recently Forrester stated that 70% of "private clouds" aren't really clouds at all
Therein lies a tale of deceit, misinformation and false gratification of many organizations believing they have a cloud in place.
To get the facts right we need to revisit the definition of cloud computing as defined by NIST which in may opinion is the final authority on cloud computing standards and is followed by the industry and professionals.
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared
pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that
can be rapidly provisioned and released with minimal management effort or service provider interaction.
This cloud model is composed of five essential characteristics, three service models, and four deployment
models.
Essential Characteristics: (Five)
On-demand self-service.
Broad network access.
Resource pooling.
Rapid elasticity.
Measured service.
Service Models: (Three)
Software as a Service (SaaS).
Platform as a Service (PaaS).
Infrastructure as a Service (IaaS).
Deployment Models: (Four)
Private cloud.
Community cloud.
Public cloud.
Hybrid cloud.
 |
| Cloud Computing affects traditional hardware and software vendors adversely. |
Though virtualization may provide resource pooling and rapid elasticity, there will be a need for on-demand self service, broad network access and measured service to meet the essential characteristics of cloud computing.
But in a thrust by manufacturers for servers and hardware and connected virtualization solutions and software there has been pressure on NIST to change the parameters of cloud computing, thankfully NIST has held its ground, though there is a regular clamor to change the definitions to meet the needs of IS Vendors who have millions of dollars a stake.
I know of a bank in India who claims to have implemented cloud computing, though nowhere do they publish their architecture or their adherence to the NIST cloud definition. The vendors who have sold them the hardware and software for virtualization are delighted to tout this as a cloud implementation and even the CIO has won a few award for taking the bank to the cloud. This is not the only instance of false reporting of cloud computing implementation. To add to this the said bank also runs a SAAS banking solution on it purported cloud and has signed up a number of banks for its services. The Indian regulators are clear that data cannot be kept in a public cloud or outside India, but they have no guidelines for cloud computing in India.
Since there is no enforcement or regulation for Cloud Computing other then guidance from NIST, CSA and ENISA the vendors and their customers continue to brag about their cloud computing prowess without adhering to the standards.
Virtualization comes with its own risk though it seems attractive given its significant return of investment, I remember an IT team wanted to virtualize their infrastructure. When queried about their expertise they told me they had installed the virtualization environment on their desktop and were ready to do the same to their data center. Though I recommended that they not go ahead, I am sure they would implemented virutalization without understanding their lack of skills and the risks for their organization. I am sure they will soon brag about having built a private cloud for their organization.
It it time for more compliance in cloud computing implementation and there is a need for a certification process to quality that the organization is truly cloud ready from a reputed assurance consultancy or a knowledgeable cloud evangelist.
Do share your stories of organizations who have reached the cloud without NIST guidelines, love to hear about them.
