I’m beginning to think that the cloud computing discussion is, for most people, more about ‘when and what’ conversations than ‘will it happen’. But let’s not underestimate that ‘when to do it’ and ‘what will it be’ are two of the most challenging questions in the widespread establishment of cloud computing.
Some research recently came out from Cisco which reveals that adoption rates for cloud are slower than one might expect given all the hype. I’d say my experience shows more enthusiastic adoption already taking place, and I particularly agree with one of the sentiments expressed in the press release – that people still don’t always understand when they’re actually using cloud services.
The fact of the matter is that for all the hype, cloud computing is not yet a widely understood phenomenon. I’ve read comments from Gartner which imply that the taxonomy of the cloud is probably more confusing than the technology itself. There are times when I’m inclined to agree. In fact, to ensure we’re clear in how we’re discussing the cloud, Intel has published its own cloud taxonomy (http://intel.ly/nJUxPi).
One of the problems here is that cloud comes in different forms, with various benefits and challenges. Keeping it simple, ‘public’ cloud sees services delivered using a shared infrastructure model, typically provisioned from a 3rd party data centre accessed over the internet, and benefits from massive economies of scale. It also brings perceived security concerns, though whether these are valid is determined by the service provider and their security and resilience standards.
The private cloud sees data and applications sit within a data centre that is accessed from behind your internal firewalls and where you control the access rights. This can typically give you more control over how the data and access is managed but may not give you the flexibility and scale that public cloud services can offer.
The prevailing logic for many end organisations is the hybrid cloud, conventionally defined whereby a company provides and manages some resources in-house, while others are provided externally through a public cloud service. It is also possible to architect a solution where you can ‘burst’ out to a public cloud when the capacity of your private cloud is exceeded. Or take reverse approach and contract back from using a public cloud into a smaller private cloud when you no longer need to capacity offered by a public cloud.
This is typically undertaken to capitalise on the huge potential cost efficiencies available using public cloud, whilst keeping mission critical data safely up your sleeve, in your own data centre. And you can’t really fault the logic in this.
However my plea to all the businesses out there when considering cloud computing is to be thorough when assessing security risks – and that includes your own data centre. Private cloud is an increasingly appealing way to manage mission critical data and applications. But just as we’re all increasingly being told to scrutinise every aspect of a public cloud provider’s infrastructure, don’t be too naïve to do the same to yourself. The technology for a secure cloud is already with us.
Even since the cloud phenomenon erupted, the security of the server has become an accelerated priority. For example, at Intel we’ve paid a lot of attention to Advanced Encryption Standards – developing Advanced Encryption Standards New Instructions (AES-NI) which guarantees faster encryption without a performance lag. Meanwhile our Trusted Execution Technology (TXT) is in place to secure data being moved through virtual environments. Technologies like these mean that the cloud security question really needn’t strike fear in the hearts of end users.
And it’s worth remembering that the need to stay safe in the cloud applies to your own data centre as well as to public cloud service providers.