Cloud Computing

White Paper

Cloud Computing –Still a Long Way to Go

Inside the Issue: Abstract/Executive summary ..1 Introduction ..2 What is cloud computing? ..4 Cloud computing models ..5 Cloudrepresentation as per need of organization ..6 Virtualization and cloud computing ..8 Compliance and Regulationson cloud computing ..9 Deploying cloud ..10 The IT players in Cloud computing ..12 Adoption of cloud ..13 Howto get prepared for cloud computing services ..14 The cost of cloud computing services ..17 Some deploymentstories ..18 What the IT world is gaining ..19 What are the existing and future challenges? ..21 Steps towardsmeeting the challenges ..22 In summary ..24 References ..25

Abstract/Executive summary The global recession has taught the IT world to strike the economical balance byoptimizing their hardware, software, tools, hosting environment and services torender highly acceptable, dynamic, speedy and flexible support to the business tohelp them sustain, survive in one of the most difficult economic situations and stillcontinue to create competitive advantages in market place.

Although in global recession the IT organization’s primary objective is to keep thelights on, it is not stopping them to look at other innovative approaches of usingprocess automation, virtualization and cloud-computing to leverage from bestavailable technology to address the highly dynamic, and volatile business needs.Such innovative approaches are meant for reducing the Total Cost of Ownership(TCO) as well as cost of operation and maintenance (OPEX) of IT functions drasticallyin a break through manner. As a result business dynamism, cost and technology isdriving the next generation of IT services to be delivered.

The world is becoming service centric and each of the IT component such asapplication, tool, storage, server purchased by the enterprise will need todemonstrate its value against the business dollar spent on each of them. Just intime service with lightening speed accompanied with enormous amount of elasticityis what business is expecting from IT to deliver from now onwards.

Cloud computing is a logical evolution and innovated version of InformationTechnology delivered from a popular web enabled (Internet based) world to theentire business world and social community. In its nascent stage, cloud computingaddresses the emerging need of Hosting, Managing and Delivering (HMD) software,application, platform and infrastructure in ever needed service format that too onthe basis of consumption or usage. Most fascinating part of cloud is that, organizationscan pay to cloud vendor on a pay as you go basis or pay per user or pay pertransaction.

With such a wonderful means of delivery without asking upfront any investment,it would not be surprising if there are big game plans already under way by CloudVendors to make cloud computing environment viable for every piece of technology,application, tool and hosting environment in an integrated and secured manner.The biggest Unique Selling Point (USP) of cloud computing is traded on the basisof its ability to quickly respond to demand spikes and host new business applicationfaster without the need of internal IT department. The mind share of IT world istowards separating applications and services from the underlying infrastructure sothat IT departments can be more flexible in supporting the business

About the Author

Sunil Tadwalkar is electrical engineering graduate,working as practice Head in Mahindra Satyam in

corporate solution group. Sunil has over 11 years ofexperience in different capacities primarily in the

areas of Program and Projects Management, FocusedInitiatives, Global Business Delivery, Quality and IT

Consulting, service offerings, resource management,mentoring and training. He is certified PMP, CQA,

ITIL, CMM, CMMi, PCMM, ISO9001, Tick-IT auditor.

White Paper

2

Cloud computing is changingthe way business is done byoffering scalability, flexibility,

speed of operation along withpositive impact on CAPEX and

OPEX.

Cloud computing offers huge revenue potential as a sky line business at a timewhen traditional wire line business is shrinking. Although for some aggressive ITorganizations (such as BT) use of cloud computing services is at concluding stage oftheir pilot, for rest of the IT firms it is at the stage of starting of pilot or in themiddle of running pilot. It is forecasted that in the next two years more than 16% ofIT professionals in U.S., U.K., Germany, and Japan will plan to invest in cloudcomputing, according to a survey conducted by Harris Interactive and sponsoredby Microsoft. It is also expected that around 10 to 30 % of the IT budget meant forbuilding application and services to support the business will provide considerationsfor cloud computing environment.

Technology and business work hand in hand for each other in many ways and bothprovide advantages and disadvantages to each other. Cloud computing is changingthe way business is done by offering scalability, flexibility, speed of operation alongwith positive impact on CAPEX and OPEX. On the flip side since it encouragesopen standard like internet it makes the cloud customers difficult to exercise controlwith their cloud vendors. Moreover conformance to regulatory compliance andsecurity standard, Data privacy, confidentiality and security are few questionableissues yet to get addressed.

Gartner predicts the market for cloud products and services will move from US$46.4billion last year to US$150.1 billion in 2013. Also according to an October 2008report from IDC, customer spending on IT cloud services (business applications,application development/deployment, system infrastructure software, storage andservers) will grow almost threefold by 2012, to $42 billion. IDC said the growth ofcloud services "is being driven by the ease and speed with which users can opt withbetter economic benefits especially in current economic condition." Gartner expectsa 21.3% revenue increase in 2009 to $56.3 billion, and Merrill Lynch forecasting a$160 billion market by the close of 2011. A new study commissioned by Avanadeshows a 320% increase over the past nine months in respondents reporting thatthey are testing or planning to implement cloud computing. Each firm uses differentdefinitions behind cloud computing, which helps explain the wide variances inmarket sizing estimates.

The white paper elaborates on concept of cloud, types, and forms of deployingservices, early adopted, cloud vendors, and tips on selecting vendors. Finally ittouches on existing and future challenges.

IntroductionIn last few years ,business spectrum and consumer pattern all over the globe hasturnout to be highly demanding in nature with the recent addition of new challengessuch as recession, economic meltdown etc. The survival of business is weighed onits ability to change rapidly along with business climate. CIOs and CEOs have beenasked to get in to the habit of doing more with fewer resources by challenging theirefficiencies, and productivity. They are also compelled to serve every new businessrequirement with innovation and idea which is never been implemented by any oftheir competitors. The IT functions which are amalgamated with business havestarted facing herculean task to manage with decreased trend in capital and operatingcost along with demonstrable value, although there is steep increase in demand fornew business processes to support.

White Paper

The mantra of doing more and more with less resource has transpired technologyexperts to reinvent the wheel to deliver IT applications to the business. There's ashift away from building and owning IT assets to purchasing services as a way toreduce costs. Virtualization and cloud computing have been the new IT landscapewhich offers fundamentally faster, scalable and more cost-effective alternative toon-premises application development , deployment and servicing solutions whichyou can virtually avail from any location all over the globe.

Cloud computing is transformational platform which hosts practically every pieceof hardware, software, tool, applications without looking at its origin, color,community etc. The cloud computing has a store for accommodating every size ofbusiness IT function how so ever it is small, medium or large and yet take anytransient load during spike demand. Due to this cloud computing is moving fromits pilot stage to deployment and further to service the business as and when needed.

There are some outstanding issues and challenges which cloud computingtechnology needs to address in next 5 years and they are relating to security andprivacy of business data in remote 3rd party location, dreaded concerns aboutplatform lock-in, worries about reliability/performance, transfer of data to thirdparty, regulation etc. Cloud vendors are already addressing them on top priorityand as the industry matures the solutions will be available to plug in those loopholes

Cloud computing doesn't just have technology aspects but profound business aspects.It's a new model for delivering and consuming IT more efficiently, in turn reducingCAPEX and OPEX by making use of economies of scale. Many of the technologiesto enable cloud computing are maturing. Virtualization allows the sharing ofinfrastructure to improve utilization rates; service automation and changemanagement tools ensure IT processes are run in a standardized way; and non-differentiating business services like email, payroll, development and test are beingstandardized and outsourced.

Any web-based tools and collaboration tools can be effectively hosted in the cloud.Visualization services over the Internet of complex data correlations can also bedone in the cloud.SOA is a good way of preparing applications for delivery in thecloud. Cloud drives companies to accept standardization. One can look at ITlandscape; what is not managed efficiently and what isn't providing a strategicservice to the business, then develop a transformation plan for these services tomove to the cloud. If you standardize the business processes and every newapplication by moving to cloud then the cost reduction will follow.

Research and analysis firm Gartner has released the Hype Cycle report for 2009,which evaluates the maturity of 1,650 technologies and trends in 79 technologies.The report which covers new areas this year defines that the Cloud computing isthe latest growing trend in the IT industry, stating it as 'super-hyped'

Google Inc., Microsoft, Yahoo Inc. and a handful of other vendors will invest about$5 billion this year to build out the infrastructure to sell IT through the "cloud,"according to Gartner Inc. by 2009.

Virtualization allows thesharing of infrastructure to

improve utilization rates;service automation and

change management toolsensure IT processes are run in

a standardized way; andnon-differentiating business

services like email, payroll,development and test are

being standardized andoutsourced.

White Paper

What is cloud computing?Internet to cloud computingThe invent of internet taught IT world how to use the front end of businessapplication at the ease of browser but the control of data ,application, its storageand deployment was still resting in individual premises of every organization. Itwas a need of time that business house were looking for someone to help them indeveloping, installing, configuring, testing, staging, and running their hundreds ofbusiness application from SAP, Microsoft, and Oracle in failsafe environment withlesser time and headache which can minimize their cost of requiring office space,power, cooling, bandwidth, networks, servers, and storage etc. Business houses areincreasingly focusing on core competencies and business priorities by handing overIT functions to third party vendors as much as possible.

Cloud-Computing: a new mantraCloud computing derives its name from cloud which represents data centers,technologies, infrastructure and services delivered through internet.Cloudcomputing is defined in many ways by many experts. For someone it is a set ofdisciplines, technology and business models used to deliver IT capabilities (software,platforms, hardware) as an on-demand, scalable, elastic service.

For others cloud computing is, “A mode of delivering services on a scalable andvirtualized infrastructure using Internet technologies." It hosts customer’s businessapplication in scalable platform and bill it as per usage or consumption. It’s a wayof delivering business value by speeding –up efficiency and productivity

Cloud computing is a computing model that lets you access shared IT resources inservice format as per your need ( hardware, software, tools and storage) over theInternet, without having the need of buying, installing, maintaining and managingthem of your own. Eventually you don’t have to run your application on your ownplatform and with your own data centre. Just subscribe it, log in, customize it andstart using. You will get billed as per the usage, that is all … you don’t have tocontact your IT department to host the application. All this will cost you dramaticallyless and with greater performance. You don’t have to worry about performanceissue when business transactions goes up, it is automatically taken care of. Moreoveryou don’t have to worry about up gradation of your hardware, software, tools orhosting environment for that matter. Risk of technology obsolescence is none.

Cloud featuresThe cloud really touched on several concepts: interoperability, workloadredistribution, monitoring and scaling. Interoperability allows users to run theapplication anywhere which is built once. Workload redistribution enables movementof an existing process from one cloud to another in a seamless manner and relativelyquick.

Services delivered through cloudCloud can deliver multiple services in mass scale ranging from communication,collaboration , training, social networking to hosting business applications moreover cloud infrastructure can be used for online backup solutions and storageservices, Cloud computing is a pay-per-use model for enabling available, convenient,on-demand network access to a shared pool of configurable computing resources(e.g., networks, servers, storage, applications, services) that can be rapidlyprovisioned and released with minimal management effort or service providerinteraction.

You don’t have to worryabout performance issue

when business transactionsgoes up, it is automatically

taken care of. Moreover youdon’t have to worry about up

gradation of your hardware,software, tools or hosting

environment for that matter.

White Paper

Cloud computing modelsThe dominant or proven services model on how computing services will be deliveredin cloud is yet to get established since most of the services are getting tried andtested. Currently it leaves with numerous choices to those who are opting forcloud services. Various versions of models may emerge in near future withcombination of multiple service packs suitable for every size of industry (such assmall, medium and large). Also in the form of hardware, software or platform whichcan be hosted in cloud computing environment and serviced to IT customer. Theservice component is made available through on demand services model orsubscription based model.

Enterprise cloud computing modelToday very few cloud computing solutions are enterprise ready since there areoutstanding issues on movement of large volume of data and multiple applicationson multiple platforms, data security, storage, and archiving informationconfidentiality, regulatory and change management as well as limitation on hostingof certain business applications ( not all)which needs to be addressed. Cloud has toturn out trustworthy for business class and critical application computing since allof them would be crossing the fire wall. Enterprise is also looking for stringentSLAs, bandwidth and extensive support (24X7) for critical applications.

Flavors in cloud computingCloud computing takes multiple routes and formats while delivering the servicessince it accommodates host of IT components such as infrastructure, platform,software’s etc. On a major scale the cloud services are delivered in three formatssuch as Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service

Infrastructure-as-a-ServiceInfrastructure-as-a-Service (IaaS) is one category of cloud computing offerings thatmake basic computational resources — such as storage, disk space, and serversavailable as per service demand eliminating the need for installing physical machinesat cloud customer’s premises. IaaS eliminates the need of capital expenditure towardsbuying the infrastructure components by the organizations when they want to deploytheir large scale applications.

Since IaaS service is available on the basis of pay-as-you-go, it allows companies toscale up and down as per their real-time business needs, rather than having to payup front for entire infrastructure that may or may not get used. The beauty of IaaSis that, it caters for any transient spike in demand within no time without the needof making extra provisions. This is a very attractive proposition for the small andmid size businesses. The players who provide such services are Akamai ( for NetStorage and CDN services),Amazon ( for Elastic Compute Cloud/EC2 and SimpleStorage Service/S3), Go Grid (Cloud Servers and Cloud Storage), Joyent (Accelerator).

Platform-as-a-ServicePlatform-as-a-Service (PaaS) is one of the fast-growing service flavors of cloudcomputing which offers scalable, quickly and easily deployable web platform.Although large scale enterprises are running multiple business applications onmultiple platforms, PaaS provides them solution for running their businessapplication on every latest version of platform eliminating the need of buyingmultiple license software’s. The players who provide such services are Akamai(Edge Computing), Elastra and Right Scale (platform environments for Amazon’s

The beauty of IaaS is that, itcaters for any transient spike

in demand within no timewithout the need of making

extra provisions.

White Paper

EC2 infrastructure), Google (App Engine), Microsoft (Azure), Oracle (SaaS Platform).In this case cloud will act as a functional platform model, where the user subscribesto the use of a set of functional services, rather than to a set of hardware capabilities.Cloud providers will make provision and move functions around their own cloud tomeet the needs of dynamic workload. Many PaaS vendors have also created theirown language to be used to link components together.

Software-as-a-ServiceCloud computing began with this service format of Software-as-a-Service (SaaS),where complete end-user applications are deployed, managed, and delivered overthe Web. SaaS continues the cloud paradigm of low-cost, off-premise systems andon-demand, pay-per-use models, eliminating development costs and lag time. Thisgives organizations the agility to bring services to market quickly and frees themfrom dependence on internal IT cycles. The speed and ease with which SaaSapplications are purchased and consumed has made this category of cloud computingofferings the most widely-adopted today. Important cloud SaaS vendors and servicesinclude, Adobe Web Connect, Cisco WebEx, Google Mail, Hotmail, Yahoo! Mail(communications applications) Demand ware (e-Commerce), Net Suite (Accounting,ERP, CRM, and e-Commerce), SAP Business by Design (HR, Finance and other ERPapplications), Workday (HR, Finance, and Payroll).

Cloud representation as per need of organizationThe internet or web based technology of cloud computing with objectives of sharing,optimizing its hardware, software and tools to multiple customers makes it impossiblefor organizations to maintain Confidentiality, security and privacy of data,applications and business traits. This poses serious concern to the organization inmaintaining their confined identity on cloud. To address this concern, the cloudservices are available in private and public domain and characterized as private orpersonal and public cloud

Private cloudThe concept of private cloud emerged from the basic need of exclusiveness andconfidentiality in what organizations want to do while services are handled by thecloud vendors. The private cloud model allows an administrator to manage histechnology infrastructure from a single point and assign resources as needed. Owningand managing a private infrastructure is less cost-effective for a business, but itincreases the organization's ability to manage and protect data. This is especiallyimportant for businesses that have strict compliance regulations.

A private cloud is the transformation of the data center into a modular, serviceoriented environment that makes the process of enabling users to safely procureinfrastructure, platform and software services in a self-service manner. Most currentprivate cloud computing environments consist of reliable, highly scalable servicesthat are built on virtualized servers and provided as a service via the Internet. Theservices can be billed on the basis of amount of time used by a specific applicationor server by a particular department within the company.

Some cloud vendors offer private cloud services as a virtual private cloud whichoffers a secure, scalable tunnel so that an organization can easily extend its availableresources out into the cloud seamlessly, with little or no disruption in the networkor application network architecture. Such cloud ensures no degradation ofperformance. There is some private cloud communities who can build Condominium

Owning and managing aprivate infrastructure is less

cost-effective for a business,but it increases the

organization's ability tomanage and protect data.

White Paper

clouds and condominium fiber confined to their members only, who shares theresources to its members only to allow them to scale and use it for their closebusiness users.

Private cloud computing deployments can save cloud customers from 40% to 80%on physical space, cooling and utility costs. A well-planned private cloud can doubleor triple cloud customer's utilization and ROI of corporate assets.

Personal cloud Based on the variety of computing needs the concept of cloud is further brokendown from private to personal cloud, in which developers could use a personalcloud that would allow them to configure their local environment, develop and testweb applications in multiple ways virtually from any location and they can copythe version on laptop to work offline when cloud services are down.

Public cloudPublic cloud is a cloud computing service available with virtually no boundaries onservice scalability and resource tapping and is almost like internet service in termsof accessibility. It carries a serious concern of security and privacy of data. CIOsare waiting for cloud services to get matured, secured and SLAs to address businessand compliance commitments before they opt for public cloud. Public cloudcomputing services are especially useful when you want to test application in publiccloud environment. Public cloud provides economics with large scale.

Trade off between Public and private cloudEnterprise Organizations are looking at cloud computing opportunities by doingpilots and trials under internal and private cloud environment which is securedand can be controlled to some extent. The start-up SMBs use public cloud sinceinvestment is lowest. Internal and private cloud adoption will happen over the twoyears while public cloud computing and internetworking between public cloudservices providers will be five to seven years of plan by then the security issuesmay get addressed. Public cloud is a favorable ground for open source which issupported by cloud vendors such as Amazon.com, LAMP, and AWS. Many of theseinternal private clouds are built on open source (Linux, MySQL, Eucalyptus) etc.)

Combine cloud or switching overCloud customers have an option of using an internal private cloud to manage thenormal workload, with the capability to burst out to the public cloud for peak demand,and they don't have to manage that in-house. Such marriage between the public/private clouds provides a hybrid solution and can be tried as a virtual lab at everyorganization. The future of the cloud is seen as a combination of private, traditionaldata centers, hosting, and public clouds.

Cloud Optimization ServicesAlthough cloud computing services are based on aspects of performance, scale andreliability while delivering the robust services to enterprises. Economical model ofpeering may pose serious consequences. It may result in, overburden, packet loss,service degradation, slow and uneven performance of cloud-based applications.Such issues are addressed by certain cloud vendors with unique routing,communications, and application optimization technologies to accelerate IaaS, PaaS,and SaaS services across the cloud. Path Optimization technology monitors real-time Internet conditions to identify alternate paths over the Internet that are fasterthan default BGP-defined routes. In addition to accelerating the long-haul Internet

CIOs are waiting for cloudservices to get matured,

secured and SLAs to addressbusiness and compliance

commitments before they optfor public cloud.

White Paper

communications that are necessary for dynamic cloud applications and uncacheablecontent it also improves the reliability of these communications by routing aroundtrouble spots, finding alternative paths that optimize connectivity.

The greatest possible application performance and scalability are achieved whenthe application itself can be distributed to the edge of the cloud, close to the endusers. Application instances are automatically created in different cities and regionsbased on real-time demand — something that cloud vendors such as Amazon EC2and Google App Engine cannot do. This allows edge computing customers to enjoytruly maintenance-free scalability in addition to unparalleled end user performance.Edge computing is designed to work seamlessly within a hybrid cloud environment.By deploying content-centric application components — such as site search, surveysand contests, or page assembly — at the edge of the cloud, while running sensitiveor transaction-oriented application components at the origin infrastructure, theapplication can be scaled and the end user experience can be optimized, whilemeeting the different business requirements of each application component.

Securing Cloud Applications and PlatformsSince the public cloud platforms are as vulnerable to Internet threats and serviceattacks as traditional Web sites and applications, some vendors (such as. Akamai)have developed network acts as a “secure perimeter” that eliminates public entrypoints to cloud infrastructures, helping to keep malicious DDoS attacks, Internetworms, hacker threats, and attacks on application vulnerabilities outside the origindata center.

Technologies such as DNS security, IP layer protection and access control, HTTPorigin cloaking, and application request checking are also developed. By providingadditional layer of security, you can completely ‘cloak’ a Web site from the publicInternet by effectively removing the origin from the Internet accessible IP addressspace, or in-cloud Web Application Firewall can identify attacks in HTTP and SSLtraffic before they get to application servers, protecting cloud services right fromthe edge of the cloud.

Ensuring Site and Application AvailabilityCloud optimization services are so necessary — to provide resiliency from the manypotential pitfalls preventing the successful delivery of cloud services to end users.Cloud optimization service includes Site Failover, offering multiple options forenterprise business continuity in case of origin or cloud server failure. Some vendorshave developed cloud-based traffic management system that allows an enterpriseto balance traffic between multiple entities based on a variety of business policyand Internet performance factors. These service options, combined with a 100%uptime SLA, enable enterprises to leverage cloud computing — in any form theywish — while maintaining the rock-solid availability their businesses demand.

Virtualization and cloud computingVirtualization is the technology that gave birth to the current cloud computing byevolving IT infrastructure. It is backed –up with the concept of optimization andutilization of IT infrastructure in a shared environment so that multiple cloudcustomers can access the computing environment virtually from anywhere anytime for their business application from the common source. Cloud computing hasadopted and embedded the virtualization concept while making the IT infrastructure

The greatest possibleapplication performance andscalability are achieved when

the application itself can bedistributed to the edge of thecloud, close to the end users.

White Paper

flexible, scalable and available to the business users anywhere. Virtualizationobjectively aims at utilizing the CPU power to its fullest capacity in an efficientmanner and by making it available to multiple users from multiple locations. Servervirtualization and cloud computing are, in many respects, two sides of the samecoin. Ideally, corporations and their IT departments can meld the two so that theywork in a synergy to achieve their business goals.

Compliance and Regulations on cloud computingAlthough cloud customers are seeking services from cloud vendors for data backup,storage, records management and availability of log files etc., however prima facieit is cloud customer’s responsibility to ensure that the legal, regulatory and auditobligations are fulfilled for the applicable IT services of that region and country.There are various laws and regulations applicable which include data privacy lawsand Payment Card Industry Data Security compliance standard relating to creditcard payments in cloud or a SAS 70 Type II audit which are applicable even if youare opting for services from cloud vendors. Cloud customers are subject to myriadlaws or regulations such as SOX, 404 (in USA) that stipulate in what manner andhow long data has to be kept and how do you ensure the audit and control of financialinformation. Countries like Germany and the U.K have specific regulations relatingto email The Federal Rules of Civil Procedure (FRCP) those U.S. lawyers must followin civil cases require the disclosure of electronically stored information at an earlystage of a case. EU's privacy restrictions and Massachusetts data protection act ishost of such regulatory needs. Laws and regulation such as Markets in FinancialInstruments Directive, or MiFID, (in the UK); JSOX (in Japan); or Corporate LawEconomic Reform Program, or CLERP 9 (in Australia)?

If you have cloud customer’s data in the cloud, it is necessary to demonstrate thecontrols that ensure compliance with published privacy policies and with the privacyand freedom of information regulations in force in all of the countries where youdo business. Any kind of official records stored on cloud resources -- files, documents,emails, instant messages, memos, forms, scanned images, etc. along with its retentionpolicies comply with Federal Rules of Civil Procedure in the case of a law suit, orwith DoD 5015.2 record-keeping regulations?

In fact, Gartner Inc. published a report sometime back stating that security, privacyand risk of compliance will prevent adoption of cloud computing in regulatedindustries and global companies through 2012.

There are multiple bodies working in parallel to develop cloud computing, serviceportability and interoperability standards across the cloud platform. Computerscientists at NIST, in collaboration with industry and government, are producing aspecial publication that covers cloud architectures, economics, security, anddeployment strategies. Some professors in universities are working on a frameworkfor building infrastructures that are more accessible, reliable, efficient, and yes,understandable. A more holistic standard to cloud computing has been that ofCloudware, Cloudware is focused on streamlining things like database integrationand replication into a cloud environment.

A major systems-management standards body has formed a group dedicated todeveloping open management standards for cloud computing. The DistributedManagement Task Force (DMTF), whose board includes representatives fromcompanies such as AMD, Cisco, Citrix, EMC, HP, IBM, Intel, Microsoft, Novell, Red

Computer scientists at NIST, incollaboration with industry

and government, areproducing a special

publication that covers cloudarchitectures, economics,security, and deployment

strategies. Some professors inuniversities are working on a

framework for buildinginfrastructures that are moreaccessible, reliable, efficient,

and yes, understandable.

White Paper

Hat, Savvis, Sun and VMware announced the creation of the Open Cloud StandardsIncubator (OCSI) group. The existing DMTF specifications including the CommonInformation Model (CIM), Open Virtualization Format (OVF), WBEM Protocols,member submissions and investigation of opportunities for collaboration with otherindustry standards bodies

Addressing compliance requirements: There are multiple ways cloud vendors and cloud customers are trying to fulfillthe compliance and regulatory requirements although there are issues relating toknowledge of where data lives, where it is stored and who has access to it• The cloud centers are equipped with SAS 70 certification and some capability for

auditing.• A rigorous security process around cloud customer’s data is established and is

being reviewed when loop holes are observed by some cloud vendors. Due towhich, every new product that comes out will have security review when itcomes out.

• The enterprise cloud customers would generally integrate their ownauthentication and access control system with cloud vendors. There could beauthentication at cloud vendor level or cloud customer level backed-up by heavyscrutinization.

• If there are data breaches and potential loss of personally identifiable information,then the compliance officers considering the cloud will look at previous accidents.

• Regular background checks of employees and their certification for performingcertain tasks also helps in ensuring that authorized personnel are handling thepolicy tasks. These authorized personnel can work with cloud vendors key teammembers to draft the legal and security service agreements to ensure thatprotections exist and perform tasks related to sensitive data.

• Some of the ways are to build indemnity or defense into the terms of servicesrendered by cloud vendor who ultimately has some liability in the case of adata breach and can get sued

Deploying cloud

Private cloud deploymentConstructing and deploying a private cloud specific to the organization requiresdetailed estimation of total cost of ownership (TCO) The cost components such ascost of lease/rental facilities space, the cost consumptions of power, IT services,selection and configuration of its deployment, production and test virtual serversbackup and disaster recovery, storage and third-party management tools that arecrucial to support an on-demand cloud computing services model. Minimum sixmonths of time is essential to develop, pilot and deploy the plan and further performthe upgrades. For large organizations, the changeover to a private cloud may take ayear or more.

Here are some specific points to be noted during private cloud deployment:1. Prepare a comprehensive plan on which services to be sent to the private cloud,

which to keep in-house and which are safe to leave outside the relatively safeconfines of the firewall.

2. Construct a detailed blueprint of how you will manage the security aspects ofyour private cloud including authorization, authentication, access controls,isolation management, integrity and policy management and trusted virtualdomains.

Minimum six months of timeis essential to develop, pilot

and deploy the plan andfurther perform the upgrades.

For large organizations, thechangeover to a private cloud

may take a year or more.

White Paper

3. Licensing of software databases and other tools need to be decided4. Determine the exact cost of downtime and the level of uptime, performance

and also prepare contingency plans. Set –up SLAs in collaboration with cloudvendor that addresses your business needs

5. Add suitable clauses if the conditions are not met. Remediation can consist ofcash rebates or future service credits.

6. Set up suitable Operation Level Agreements (OLAs) to understand how everyonewill work together to meet and maintain the company's service-levelrequirements. OLAs are designed to set forth a plan of operation and determinewhich person or group within the company is responsible for specific duties andsystems. The OLAs will be an important adjunct to the SLAs for your privatecloud computing environment.

7. Resources on internal application and storage infrastructure will be free oncecloud-based storage and other content services are resumed. If you add somecaching to your local unified application delivery network then you can improveperformance and further reduce the cost of serving that content because it willonly be accessed periodically, keeping your cloud-related resource consumptionto a minimum.

8. For large data transfers one can use WAN optimization and applicationacceleration techniques to improve the performance of large data transfers acrossthe Internet. The cloud vendors will allow only authorized cloud customers tocreate such a tunnel, and it needs to be deployed on a platform that is able to beintegrated into the provisioning process such that the management of suchexternal connectivity and access doesn’t end up consuming human operationalcycles.

9. Point-to-point encrypted, optimized and accelerated tunnels are used for datatransfer with additional Hardware, software with suitable configuration at bothends of the connection.

10. The process, costs and duties for discovery and preservation requirements needto be negotiated up front, and the appropriate protocols for maintaining attorney-client privilege should also be established at the outset.

Services offered by Cloud vendors.

In general most of the loud vendors will offer following services1. Strategy Consulting Services. The cloud vendor helps its cloud customers take a

strategic look at cloud services including preparation of business case and totalcost of ownership (TCO.). Such services include consultation on whichapplications to migrate, when to migrate etc.

2. System Integration Services. This service is given to those cloud customers whoare building private clouds for large enterprises. It provides expertise onintegration between applications and the cloud environment.

3. Engineering Services. Software vendors that want to put their applications onthe cloud will need someone to re-code it for multiple users.

4. Cloud solutions. The public cloud services such as e-mail, ERP, storage, back-up,and security in the cloud.

The cloud vendors will allowonly authorized cloud

customers to create such atunnel, and it needs to be

deployed on a platform that isable to be integrated into theprovisioning process such that

the management of suchexternal connectivity and

access doesn’t end upconsuming humanoperational cycles.

White Paper

The IT players in Cloud computing

Cloud computing encompasses everything from pay-as-you-go software subscriptions (Software as a Service, or SaaS) to platformto infrastructure that can be provisioned and scaled up or down as business needs dictate.

Multiple players are available to provide services; some of the key players are listed in Table-1

White Paper

Adoption of cloudAnalysts survey shows that since last one year, adoption of cloud computing is onthe rise, with 50 percent of Global 2000 companies already opting for cloudinfrastructure or are planning to do so within a year. In another survey of 104Global 2000 companies conducted by AppLabs, 30 percent of respondents werealready using the cloud, while 20 percent said they were looking to move theirapplications onto it within the next 12 months. For the group not planning to adoptthe infrastructure, 29 percent said lack of awareness deterred them from movingtheir applications to the cloud. Another 21 percent each cited security concernsand a dearth of technical expertise. Cost was a factor for 19 percent of respondents,while 10 percent said limited services held them back from jumping on the cloudbandwagon. Cloud computing paradigm is fast evolving "from a futuristic technologyto a commercially viable alternative".

Many Asian governments are committing to economic stimulus spending, whiletheir citizens are demanding for more responsive public services. These two factorshave laid the ground for countries in the region to transform themselves into digitizedcloud nations. "Singapore is among the most advanced and progressive public sectorsin the world in terms of ICT investments and vision, and the government arecontinuing to invest in IT to further transform the public sector." Springboard saidUS$14 billion had been earmarked by Singapore as governmental stimulus spendingto spur the use of IT in the public sector so as to transform the nation's healthcareand transportation sectors as well as

Adoption cloud is typically done by smart organizations with a wait-and-see attitudecombined with proactive prototyping and a selection process that will help themselect the best set of cloud computing services and tools. Early trials with non-mission critical applications will be a useful way to help everyone in the organizationgets up to speed on cloud computing technologies and how they integrate withexisting IT processes.

Candidates for adopting cloud computing services?

1. Anybody with a need to make data and processing available to a large number ofusers is a good candidate. Workloads or applications with unpredictable or capacityrequirements play well in the cloud computing model. Project such as a marketingcampaign are well suited for hosting.

2. Software development organizations will be among the first because they have avested interest in making it work. They can use a cloud-like environment forintegration with other application components. And when they want to migratingenvironments to QA and onward

3. CDNs [Content Delivery Networks] service providers are most likely to adoptcloud.

4. Utilizing the cloud for requirements management is a better use of their time."The important thing is we don't need to manage the back end, which is critical.

5. Application development and testing in the cloud is ideal proposition if you arelooking at cutting infrastructure cost of build and test environment that replicatesthe production environment. It's the best way to use the cloud on a short-termrental capacity basis. If you are conducting large performance tests that simulate400,000 people hitting that application, cloud provides the cheaper way to handlethat kind of load.

These two factors have laidthe ground for countries in

the region to transformthemselves into digitized

cloud nations.

White Paper

6. Autonomous applications, or ones that don't interact much with the back office,are also a good fit for cloud computing.

7. Public website hosting and content delivery

What you cannot host on cloud

1. Those back-office applications which are not designed to scale on a cloudplatform, because they may not be simple to administer since they often requiresclustering which may be tricky on any platform

2. Cloud computing may not be suitable for outsourcing large data centers, accordingto a new report from McKinsey & Company

How to get prepared for cloud computing services

During planning phase

1. Business assessment and Strategic planning: Cloud customers need to haveclear understanding of their business goal for moving towards cloud along withshort and long term ROI. Also what will be the impact on bottom line and topline, what are the current Total Cost of Ownership (TCO) and how much it isexpected to reduce by moving to cloud? The SWOT analysis is essential beforefinalizing the decision to move to cloud. Consulting and involving the financedepartment may be a right move.

2. Realize the hidden costs: Organization should check with cloud vendors forall hidden costs such as management, governance, and transition costs includingstaff training which may flare up at the later stage and hence need to be factoredbefore moving to cloud services

3. Assessment of IT software assets and people: While assessing the IT assets,the questions such as, how will it affect Service-Oriented Architecture (SOA)strategy? How is disaster recovery plan impacted? What about backups and legallymandated data archiving policies? What is the risk profile for using cloudcomputing services and what is the mitigation strategy? What is the potential forplatform lock-in and how can it be avoided? Shall be addressed, prioritization ofputting eligible standalone applications (e.g., sales promotion programs, emails,HR benefits etc.) in the cloud is of prime importance and shall be thought bybusiness users. The IT team needs to prepare a program charter, Reorganize ITteams according to application functionality and engage them during deployment,migration and testing of application on cloud although cloud vendors may bedoing part of it.

4. Knowledge transfer: The business and IT users have to be trained in cloudenvironment. Their familiarization to cloud concept, terminologies is of primeimportance, moreover they will have to get convenience on the benefits of cloud.Also it is essential to understand what are the due diligence issues

5. Business continuity management: Before migrating the applications to cloudenvironment it is important that the entire environment for the cloud service ismapped out and a disaster recovery plan is set up

The IT team needs to preparea program charter, Reorganize

IT teams according toapplication functionality and

engage them duringdeployment, migration and

testing of application on cloudalthough cloud vendors may

be doing part of it.

White Paper

6. Migration strategy: A clear strategy of which application should be migrated tocloud first and why shall be clearly documented. Best way to make a beginningis with non critical applications such as e-mails, content hosting. Core functionswill probably stay in the corporate data center; but storage, legal, and disasterrecovery are good things to move to the cloud

7. Prepare a back-out strategy: A plan for back out of cloud is essential even if itis not given by cloud vendor so that if you get in to serious issues with cloudvendor you should be able to continue with the business by restoring back yoursystems

8. Go for proactive prototype or pilot: It is essential to clearly establish thetechnical and commercial outcome of migrating the applications to cloud byconducting detailed pilot with one or two key business applications which mayhave lowest business risk. Such pilots should check the viability, performanceand integration issues as well as service support capabilities of cloud vendors.Test your system around the clock to make sure that the service offerings beingprovided to you are top-notch and meet your goals. It is also very important foryou to map out the network's architecture completely, so you always have aninsider's view of the service.

9. Evaluate cloud vendor: While evaluating the cloud vendor, it is desirable togather information from other organizations that have opted for services fromcloud vendors being evaluated and make a comparative analysis of serviceperformance, issues faced and potential risks. This will help in making informeddecisions. It is helpful to talk to multiple cloud vendors too

While evaluating, selecting and finalizing the cloud vendor following importantaspects should be considered

Technical scrutiny:

A careful analysis is essential while evaluating cloud vendors technically. Followingareas are very important to check back with cloud vendors

• Data related: What type of business data will be preserved, in which format andwhich location? How is the data collection to be done? What will be the allowableduration for data? What are the confidentiality and privacy norms and how thedata will be made available for compliance and regulatory requests? How data isencrypted? Does the cloud vendor use any sub-contractors or rely on anypartnerships to process the data? Is the data backed up and if so, where are thebackups stored? What is the frequency and periodicity of data back-up? Whathappens to copies of the data if the relationship is terminated or if the cloudvendor fails? Will the cloud vendor provide archival copies of the data to thecustomer? How will the cloud vendor react to legal inquiries about a customer'sdata set? What types of auditing tools are available? Do the administrators haveto have access to the data? What tools are used to make sure the backup (or acopy of it) doesn't go on a CD or thumb drive but only through an approvedsystem?

• Which platforms are not supported and which configurations are not possible?

• How database licensing would be handled, who will have licenses?

• What is the scalability, redundancy and availability during staging and production

It is also very important foryou to map out the network's

architecture completely, soyou always have an insider's

view of the service.

White Paper

• What virus protection is there and how regularly are vulnerability scans andpenetration tests run?

• How often their systems will be backed up? Are the back-ups encrypted? Whereare they stored

• Can cloud vendor be able to respond to an e-discovery request?

• What is the cloud vendor’s window for scheduled maintenance, when systemsmay not be available? How the infrastructure and services are utilized to providepersistent access to needed applications and data sets.

Service Level scrutiny:

• SLA related: What are the SLAs relating to reliability, performance, responsetime, security parameters, data privacy, reliability/availability and uptime, dataand infrastructure transparency? Elaborate SLAs are the most effective way toachieve the business objectives. Does SLAs specifically addresses managerialissues , intra cloud quality of service, allowable downtime, specific performancelevels, cost and time to recover from outages, provisions for lost data and anysecurity breaches, as well as backup, disaster recovery and storage. Does service-level agreement guarantee a specific amount of uptime?

• Security service related: What security service assessments client has in place?Do the administrators have to have access to the data? What tools are used tomake sure the backup (or a copy of it) doesn't go on a CD or thumb drive butonly through an approved system? Ask for a description of the infrastructure,the format in which the data is held, what happens to backup tapes, and whetheror not you can have specific retention processes applied to your data.

• Governance and compliance related: What governance and compliancestandards are followed and complied with. What certifications cloud vendor hasobtained (such as ISO27001, BS25999, and ITIL)? Do they have a data back-upand retention process?

• Communication and reporting related: What are the statuses reports, measuresand analysis trends generated and delivered to cloud customers? What is theperiodicity of service review? Which parameters are tracked, monitored andreported?

• Service Failures: What arrangements cloud vendor has in view of equipmentfailures or power outages? How is a services outage defined? What tools are inplace to determine the severity of the outage? How is the customer credited orcompensated for an outage? What level of redundancy is in place to minimizeoutages? What alternative methods of access are offered if there is an outage?

Business Level Scrutiny:

• Customer references: Check out the references from similar cloud customersfrom whom the cloud vendor is providing services, check with them the problemfaced and challenges during start-up and steady state position during serviceperiod. How long the cloud vendor is providing services

• Intellectual property: How it is protected. What are the arrangements cloudvendor has towards its confidentiality

How is the customer creditedor compensated for anoutage? What level of

redundancy is in place tominimize outages? What

alternative methods of accessare offered if there is an

outage?

White Paper

• Pricing structure: What is the pricing structure? Which costs are not includedin basic services? Are charges based upon traffic, usage or storage limits? Whatare the minimum and maximum limits? What are the applicable taxes, duties,fees? Is there any type of price protection? Are there licensing fees above andbeyond the service fees?

During Implementation phase

• Retain control over the application's environment. When you opt for servicesfrom cloud vendor. It is necessary to make sure that system is under the controlof cloud customer. Create appropriate documentation, measures, and metric andkeep records of all communication with cloud vendors along with issues,challenges faced.

• Engage cloud vendors to deliver services to the remote offices. Cloudcustomers may not have IT staff at these locations, it will be much more costeffective to avail such services and integrate with your own systems.

• Consider deals of shorter duration such as 1 to 3 years period renewalevery year. This would make it easier to switch if your current provider is notaggressively looking for new and better ways to help the business and createvalue.

The cost of cloud computing servicesMoving CAPEX to OPEX: One of the top motives of IT organizations moving tocloud environment is, its ability to bring down the Capital Expenditure (CAPEX) tominimal and use CAPEX to cater for operating expenditure (OPEX) based onconsumption or usage of IT services. Moreover scaling the IT requirements up anddown is feasible with no extra investment since it will be based on consumptionagain. Capacity and volume requirements doesnot add any extra CAPEX. The OPEXcan be tightly controlled by the cloud customers.

As cloud services grow the costs may shoot up over time. Cloud customers need toconsider the cost of switching over to other cloud vendor and the costs of integration.Start-up cost of cloud services and cost during long run of services may be different.Services such as data back-up, storage, data access, archival, disaster recovery maycost additionally if not factored in basic services tariff

Charging systemOn a small scale, charging per instance makes sense, in that you pay for theminimum capacity you need as you go. Large cloud customers think that the pricingmodels based on usage do not holds good for large businesses with heavy transactionvolumes. But if you are a startup more concerned with gradual and affordable growth,such on demand pricing models make sense. The pay-as-you-go pricing modelallowed us to grow little by little and use incremental services without up-frontinfrastructure investments.

Moreover scaling the ITrequirements up and down is

feasible with no extrainvestment since it will be

based on consumption again.Capacity and volume

requirements doesnot add anyextra CAPEX. The OPEX canbe tightly controlled by the

cloud customers.

White Paper

Some deployment storiesSeveral deployment stories of cloud customers are emerging with variety of services being hosted on cloud and indications onnumerous business benefits. Table-2 lists some of them

White Paper

What the IT world is gainingCloud computing provides numerous advantages at business and technical level tocloud customers, few of them are listed below

Business view

• Cloud computing services have proved to be 5 to 7 times cost effective, accordingto the analysts report, study made at universities as well as from theimplementation report of early adopters and in a deep recession, the lowestcommon denominator is cost. Any technology, proven or not, that promises tocut costs will get attention – whether IT likes it or not. Some low-criticalityapplications like email, promotional services on cloud computing will havepositive impact to several users.

• The computing power and storage capabilities of cloud infrastructure are amazingand for simple e-mail application as per Gartner if companies have to spendbetween 10 to 100 $ per user per month it can come down drastically to 1 to 5 $per user per month. Cloud in this instance is really managed hosting. Thechallenge is to get enough compute capacity at a cost below what a companycould stand up in internal virtual environments themselves.

• Most small and medium businesses simply don't have the time, expertise ormoney necessary to buy, deploy and manage the computing infrastructure neededto run their solutions on their own. Cloud computing provides breather, since allIT services are available on subscription basis based on your consumption patternand you don’t have to go for buying any capital item. Services such as CPUcycles, bandwidth, and application logins in the cloud will be reasonably cheapand extensively commoditized for the foreseeable future

• Benefits for the business can be significant: faster project times to market, giventhat IT is not waiting for servers to open up to start testing a new application; theability to tell a department that the new application it wants tested will take acouple of days or weeks vs. months; and of course, the knowledge that you willnot have to expand your environment or even build one.

• Since the service capacity, space, up and down scaling is all offered on the basisof pay as per your demand the Capital expenditure (Capex) will be nullified andwill be transformed to an Operating expenditure (Opex) which will be essentiallyon usage basis and can be tightly controlled

• It is possible to switch to other cloud vendor with minimum cost

Technical View

• Shared infrastructure will provide better hardware utilization since more cloudcustomers, applications, users and transactions can be realized per machine.

• Automation and dynamic configuration enables self-service, rapid provisioningand flexible workload assignment.

• With elastic scalability one can achieve fine-grained capacity and demandplanning

• Cloud provides comprehensive management of an application, hardware,software, network, tools, security and data

The challenge is to getenough compute capacity at a

cost below what a companycould stand up in internal

virtual environmentsthemselves.

White Paper

• The ability to back out if problems arise.

• Users can work online and offline from many locations

• Since the cloud environment has applications delivered through web browserswhich will be front end and backend will be powered by highly-scalable databaseshence it is possible to see Separation of data from apps and it can exist in separatelocations much more easily and effectively. The opportunity here is to allow thefront end apps running in the cloud to tunnel in and connect to the data of yourown private data center.

• Cloud computing applications in future may not be session-sensitive Web pagesthat deliver applications that are unavailable when there's an issue with Internetaccess or loses a user's form data when a backhoe accidentally cuts a fiber line.There will be an offline component in addition to the standard online componentto the web application. Thus offline functionality stores the application locallyand caches user data so that any interruptions to a Web session or connectivityoutages allow users to continue to work uninterrupted. Then when Internetconnectivity is restored, any work and changes made offline are simply syncedup with the online version of the application.

• The access to cloud applications will be feasible 24x7 through any mobiledevice anywhere since internet will be available through high speed mobiledevices

The specific benefits of cloud computing can be summarized in following way inTable-3

White Paper

What are the existing and future challenges?Prima facie there are few key challenges which are prohibiting every organization to move to cloud although there are positivesteps taken by the cloud vendors in addressing those issues. In fact analyst firm Gartner Inc. once published a report statingthat security, privacy and compliance will prevent adoption of cloud computing in regulated industries and global companiesthrough 2012

1. Cloud computing in its original state is not secure .Confidentiality ,protection and preservation of customers proprietarydata coupled with need of meeting of regulatory and compliance standards are major obstacle preventing organizations tomake all out movement to cloud.

2. The other concern being mixing of sensitive data with other cloud customers due to the use of Shared Web servers andpractically every component of the OSI layers 1 through 7 is shared -- not just the application layer -- so the attack surfacecan be exponentially increased. Forensics investigations and any e-discovery requests may be difficult due to the complexitiesof the cloud. Security right from user authentication to transaction processing to back-end data access needs to be in placeand is of prime importance.

3. Interoperability between two clouds for sharing data and information as well as seamless Integration between variousapplications is difficult to do currently.

4. Pricing model, ROI, customer centric performance based SLAs are some of the business level challenges which are not clearto the cloud customers.

The other challenges faced by cloud customers are enclosed category wise in below Table-4

White Paper

Steps towards meeting the challengesSome of the solutions which are being adopted by the cloud community are

• Independent Third party audits, logging and monitoring systems will need to beenhanced, and incident response processes will undoubtedly. Cloud Vendorand cloud customers may have to sit together and implement some measureslike role-based security and privileged access while embarking on cloud basedservices

• The nonprofit entity like Cloud Security Alliance (CSA) is trying to promote theuse of best practices for securing cloud computing and will educate practitionerson security aspects according to Searchsecurity.com. The CSA will address morethan fifteen areas of security issues with prime focus on governance andoperations. In parallel several organizations have also doing some research forsecuring data in the cloud. Both the Cloud Computing Alliance and the OpenCloud Manifesto have LinkedIn groups and can use some help, especially fromsecurity professionals working in large enterprises with service provider classnetworks. The cloud customers are expected to help cloud computing vendorsaddress security in their software delivery model. Security vendors are alreadyresponding to the trend. VMware Inc. released APIs and next version of its OSfor cloud computing to security vendors under its VMsafe program. SymantecCorp., McAfee Inc., Trend Micro Inc. and others are integrating security tools toaddress virtualization.

White Paper

• There will be a need to establish a de facto standard or certification to allowcloud customers to understand the security level differences the cloud vendormay have. Standards like SAS 70 Type 2 have listed controls around confidentiality,integrity and availability of the data on systems. It recommends that serviceproviders conduct regular third-party risk assessments and make the resultsavailable to customers. Other domains addressed in the report include complianceand audit, recommending service providers adhere to SAS 70 Type II audits andISO 27001 certifications, as well as a greater uniformity in comprehensivecertification scoping. Encryption and key management, storage issues, applicationsecurity concerns and virtualization security problems are also addressed in detail.The other issues addressed are trusted relationships, federated services, auditablestandards, third-party monitors, pseudo-clouds and other solutions.

• Cloud Vendors like Google encrypts data in transit and gives admins the optionto turn on SSL. The data is spread across multiple machines, so you don't have asingle machine to attack like the typical environment; this model is more securethan the encrypted server model. Production data is not mixed with testing data,customer access is not mixed with developer access, and sensitive workloads arekept separate from open or promiscuous applications. Security patches are keptup to date, configurations are monitored for breaches, workarounds are appliedfor zero-day threats and malware detection systems are constantly updated.Virtual images, hard drives and backups are encrypted and password-protected.

• Some groups are working on a Private Virtual Infrastructure (PVI) in which, thedata center is "under the control of the information owner" while the fabric isunder the control of the operator (of the cloud service). The cloud vendor andcloud customer are required to share certain types of security information, andservice level agreements (SLAs) along with the roles and responsibilities of allparties in the agreement. Every service in the cloud must be able to report securityproperties, and that the properties must be cryptographically bound and signed.

Future ChallengeNo long-term vision for cloud computing interoperability is visualized. So far theconsensus among the cloud vendors on openness and interoperability in cloudcomputing is not yet well thought. A unified approach that describes theInteroperability standards and its compliance requirements may be essential.Vendors like Azure runs non-.NET technologies like PHP natively and developerscan expose their services over several standards, including REST and SOAP anddevelopers can configure applications hosted on Azure to communicate with endusers via a browser, on-premises servers or even other clouds.

Cloud computing change managementSwitching over to cloud computing environment brings in lots of changemanagement issues with the organizations and it has to be a decision of wholecompany. On one side IT department may be resistant to do certain things becausethey are going to lose control, on the other hand business users may becomeaggressive because they may not have to contact internal IT department to host orchange their application since it will be done by cloud vendors. The whole switchoverprogram will call for systematic process to effect the changes by taking allstakeholders in to confidence.

A unified approach thatdescribes the Interoperabilitystandards and its compliance

requirements may beessential. Vendors like Azureruns non-.NET technologies

like PHP natively anddevelopers can expose their

services over severalstandards, including REST and

SOAP and developers canconfigure applications hosted

on Azure to communicatewith end users via a browser,

on-premises servers or evenother clouds.

White Paper

Migration of application and data to cloud environment will require very clear cutpolicy, understanding and collaboration between senior management, businessusers, IT users ,finance department and customers because everyone will havevested interest. Every stakeholder has pros and cons in switching to cloudenvironment which will have to be justified and approved by management as apolicy.

Many times decoupling business processes from software applications will call fortransformational change in the form of service-oriented architecture (SOA) andbusiness process management (BPM).Also re-architecture of certain applicationsto take advantage of Web-oriented architectures preferred in cloud that exploit thedistributed data and distributed processing model would require development teamto restrategize and restructure the application.

The changes in billing model, consumption pattern of IT services includingcompliance and regulatory fulfillment, back-up, and disaster recovery and businesscontinuity management, data privacy will call for significant changes in organizationspolicy.

In summaryThe future of cloud computing

In today’s economy, with limited budgets and a highly dynamic market, it is criticalto be able to refocus organizations resources and check the viable options withcloud computing which can provide expected benefits.

Without getting trapped in to the cloud hype cloud customers can start inexperimentation and pilot mode in public cloud with non critical applications andonce the security and service level assurance related issues improves ,they canmigrate hosting environment and data centres to dedicated private cloud services.

The market right now is really a subset of the managed hosting business - which isa $9 to $10 billion a year that just continues to grow. The computing environmentof future will always be cloudy with variety of sizes and shapes touching each other,one can chose the right environment, tools and cloud vendor to prove thatorganization is always on 7th cloud in it computing.

Widespread acceptance of virtualization environment and clouds will happen instages - a couple of issues associated with data security, interoperability, separationof service layer still need to get addressed. The new trend in innovations willbring in lot of maturity and reliability in cloud computing along with bettergovernance and security models once technologies start functioning seamlesslyand reliably. With drastic improvements in WAN speed, the future trend willincreasingly see the front end of applications separated from the backend whichhas scalable databases. This may happen more easily and effectively even by allowingcompanies to host the data inside their own private data centers and simply allowthe front end apps running in the cloud to tunnel in and connect to the data. Therecould be move towards development of offline component of web application inaddition to the standard online component which stores the application locally andcaches user data so that any hiccups to a Web session or connectivity outages allowusers to continue to work uninterrupted when Internet connectivity is restored,any work and changes made offline are simply synced up with the online versionof the application.

The new trend in innovationswill bring in lot of maturity

and reliability in cloudcomputing along with better

governance and securitymodels once technologies

start functioning seamlesslyand reliably. With drastic

improvements in WAN speed,the future trend will

increasingly see the front endof applications separated from

the backend which hasscalable databases.

White Paper

The cloud customers would like to continue to keep business ownership with themand workout better trade-off with cloud vendors for service ownership. The bestway to handle cloud computing needs of future could be that organizations form anecosystem as a cloud community and extend the cooperation to tap the potential ofcloud environment on mutual trust.

References1 White Paper-5 Reasons CIOs are Adopting Cloud Computing in 2009 by sales

force .com

2 White Paper-Akamai and Cloud Computing-A Perspective from the Edge of theCloud by Tom Leighton, co-Founder and Chief Scientist, Akamai Technologies

3 Whitepaper-Preparing for cloud computing: The managed services revolutionby Caroline Chappell

4 Cloud and upgraded computing future brightens despite overcast economy.By:Dana Gardner, Principal Analyst, Interarbor Solutions

5 Cloud computing: A new era of IT opportunity and challenges- Posted by DionHinchcliffe

6 Cloud computing and application security: Issues and risks by Kevin Beaver,

7 Cloud computing defies one definition, so here are a few of the latest by ChristinaTorode, Senior News Writer

8 Tips for integrating server virtualization in a private cloud by Laura DiDio,

9 Wipro Voice: Why Cloud Computing Is Here to Stay (Even Though No One IsClosing Their Data Centers Just Yet) by Anand Ramakrishnan

10 The real cost of cloud computing services Christina Torode, Senior News Writer07.08.2009

11 Cloud computing:12 reasons to love it or leave it by Linda Tucci

12 A Cloud Computing E-Book