What’s the right cloud for enterprise-class email?

What’s the right cloud for enterprise-class email?

Summary: Although the enterprise cloud is well suited for commodity applications like email, that doesn’t necessarily mean it’s ready for applications like email.

SHARE:
TOPICS: Cloud
2

Commentary - Not a day goes by that you don’t read or have a conversation about the cloud… public cloud, private cloud, data in the cloud, cloud economics. Over the past five years the rise of the cloud has produced the good, the bad and the ugly. Meanwhile, corporate IT has been put on notice that they must embrace the cloud or get left behind. Not surprisingly, CIOs are jumping on the bandwagon with apps that seem to lend themselves most easily to this new model, such as email.

As enticing and efficient as the cloud is for consumer applications like photo sharing, when it comes to enterprise environments the playing field is quite different. Although the enterprise cloud is well suited for commodity applications like email, that doesn’t necessarily mean it’s ready for applications like email. That’s because large companies have a different set of business, operations, security and compliance needs.

A Public Cloud solution like Microsoft Office 365 provides enterprises with little or no control over the underlying technology infrastructure, and the company’s direct control over data, hardware, networking, operating system and other software is simply not an option. While this will appeal to decision-makers looking to reduce complexity, it may not be appropriate for larger organizations bound by rigorous demands for security, control, storage or regulatory compliance since the multi-tenant nature of the public cloud also makes it the least secure cloud option. For example, the public cloud is susceptible to routine outages and downtime, as evidenced by widely publicized incidents at Microsoft and Google.

Lastly, the public cloud model includes hidden costs for add-on options such as archiving, migration, mobile device support, the need for increased network bandwidth and more. These can drive up total cost of ownership to the point where it is more expensive than some private cloud options.

The fact is, cloud computing and the convergence of data, voice, video and mobility have optimized the IT experience so that email, collaboration and unified communications are all primed for private cloud innovation. At the same time, one of the major IT debates going on is whether or not to push the majority of hardware and capital expenditure costs to the cloud in an effort to raise the lowest common denominator of IT services and help take the systems management concept to a higher level.

Four cloud alternatives
According to many industry estimates, market penetration for public cloud email is only four to five percent of the total installed base with most of these users coming from the small and medium business (SMB) ranks. Enterprises have yet to jump on board. So far, the following four alternatives to the public cloud are more appealing to large companies.

The first is the No-Cloud model, also known as the traditional “on-premise” IT option. This is, believe it or not, still the most prevalent approach for Microsoft Exchange email, SharePoint collaboration and Lync unified communications environments. In this case, hardware, software and data stay at home offering full control, integration and feature sets. For many organizations, this solution (or one of the private cloud solutions listed below) will likely remain the most efficient, at least until well into 2015 when the upcoming Microsoft WAVE 15 set of products has finally gone mainstream.

The most secure cloud model for email is the Physically Dedicated Private Cloud which offers many of the same benefits as the public cloud – shared resources, hardware usage optimization and elasticity – without the service outages and other downsides inherent in a public, multi-tenant environment.

This private cloud model resembles the on-premise option but is instead deployed in a third-party data center within physically dedicated racks and is connected to the enterprise’s Private IP network over MPLS or Point-to-Point VPN with dedicated routers and/or firewalls.

For organizations with strict security and regulatory compliance requirements, the private cloud’s single-tenant environment provides unparalleled privacy and protection. Workloads and infrastructure are easily segregated and compliance tools seamlessly integrated. Companies maintain direct control over their data, hardware, networking, operating system and other software, and can even audit changes to the environment.

The Virtually Dedicated Private Cloud on the other hand offers much of the same flexibility as a physical private cloud, but – as the name implies – the infrastructure is virtually dedicated inside a secure, multi-tenant cloud. With this model, customers can deploy computer and storage resources quickly and easily on an as-needed basis, using secure, virtualized hosting with built-in fault tolerance and complete infrastructure visibility. For enterprises choosing to move to one of these private cloud models, there will likely be little incentive to shift over to a pure public cloud solution for the foreseeable future. That’s because all of the key intangibles such as feature set, IT control, cost, and security,

Finally, the Hybrid Cloud, which combines public and private cloud capabilities, provides an incremental stepping stone to pure public cloud environments and/or a long-term dual-mode scenario. It offers significant flexibility for responding to unique business scenarios and/or security/regulatory restrictions. For example, an enterprise running Exchange on-premise may acquire another company running Lotus Notes. Rather than ripping out the existing infrastructure to replace it with a new Exchange system, the acquiring company can simply provision the acquired company’s employees with Office 365 and federate this public cloud service with its existing on-premise email system. This hybrid approach provides the benefits of public cloud email without its inherent security, feature and control limitations.

Due to the relative immaturity of the public cloud for many mission critical enterprise applications, hybrid clouds remain a more theoretical than near term alternative for most larger organizations. However, the potential advantages of hybrid cloud deployments for single application scenarios (like email) and mixed application environments (like Exchange in the public cloud combined with Lync in the private cloud) will become very compelling once Office 365 approaches dial-tone levels of reliability.

Choosing the right cloud
For a high-level checklist, consider the following when deciding which cloud alternative best matches up with an enterprise’s technology and business needs:

  • Security: where will email data be stored, what security measures are used to protect it from prying insiders and outsider attacks, how quickly can it be accessed for e-Discovery?
  • Availability: insist on a service level agreement (SLA) that guarantees at least 99.999 percent uptime, and provides compensation if the SLA is not met. This represents less than six seconds of down-time per week. In comparison, a 99.9 percent SLA can equal as much as a full work-day of downtime each year.
  • Support: what type (phone, chat, email, etc.) and levels of support (24X7, 9-5, etc.) are offered. Are support personnel based in the US or off-shore?
  • Adds-ons: what is included with the base email service? Are security filtering, archiving, encryption, archiving, etc. available? Are they billed as add-ons?
  • Migration: will the provider assist in migrating users to the new service, setting up mailboxes, directory integration, etc.?
  • Feature parity: are all versions of the cloud really offering the same level of email features and functionality or do some require sacrifices from the full feature set?
  • Customization & control: can the system be uniquely designed and configured to suit the needs of the business? Does the enterprise maintain direct control over its data and systems?
  • Integration: are all the third party apps that plug into email still able to access the system on the cloud service?

The advent of cloud computing, in its many incarnations, has provided enterprises with a bevy of options for supporting email services. Each offers different measures of flexibility, control, availability and hands-on/hands-off management. Choosing the right cloud for enterprise email, or any collaboration and unified communications system for that matter, is best accomplished by mapping organizational needs to the unique capabilities, strengths, and compromises associated with the alternatives described above.

biography
Phil Van Etten is CEO of Azaleos, a provider of remotely managed email, collaboration and unified communications services.

Topic: Cloud

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Clouds - (not Joni Mitchell's)

    The article hit almost every point in an initial review of the entire matter of Cloud Computing for enterprise solutions. Regarding e-mail itself however, the is a need in many business, like LAWYERS, for absolute integrity and privacy in e-mail solutions. Without it, I believe that the sacred Attorney-Client privilege is gone regarding emails about the client or to and from the client.

    We already know that Google scans (reads) every email in GMAIL. Why would anyone believe that the practice would not continue in a public cloud environment or even a virtual cloud environment? For that matter, if Google began hosting Private Clouds and running a "server farm", what guarantee is there that old habits will die. The information is within its grasp, so why not scan it and see if there are any advertising or other business opportunities.

    The same argument would apply to any "Hoster" but Google has already shown its propensity to ignore privacy issues for the sake of "assisting the user with a better online experience". It is bad enough that various gov't agencies have the capability of intercepting e-mails. At least THEORETICALLY it is for the public good to discover anti-US conspiracies. Having an aggressive "for profit" corporation with the same access and capability destroys the use of the net for any kind of secure and private communications.

    The only answer I see with "Cloud (nice euphemism) Computing" is full encryption and NSA aggravating encryption. Please understand that I would embrace the Cloud but how can I guard privacy/security?

    Richard Isacoff
    rii@isacofflaw.com
    riisacoff
  • Public Cloud email is the most secure solution, by far

    Its logical for Azaleos, which make a living selling private clouds solutions, to attack the value of Public Cloud solutions.
    In 99.999% of the cases, an organization running it's own private instance of Exchange, in a private Cloud or an hosted environment, cannot match the security of serious industrial providers, like Google Apps.

    Google DOES NOT read mails in Gmail and less if possible in Google Apps. Using keyworks for advertisements in Gmail has nothing to do with "reading" mail. This is a fallacy which is still pushed by legacy companies like Microsoft.
    You are a "security maniac and want encryption? Just use CipherCloud solutions on the mail for Google Apps and you will get AES 256 protection.
    Louis Naugès
    Chief Cloud Evangelist - Revevol
    Louis Nauges