Working with public cloud: How to tackle the challenges
Read this...
As the take-up of public cloud services grows, so organisations are figuring out how to fit these services into their existing IT infrastructure and business processes. Despite the many attractions of on-demand utility computing from an external provider, integrating these services can throw up a mess of technical, regulatory, licensing, billing and other complications for firms.
Here are some of the approaches that major organisations have taken to managing a mix of in-house and public cloud services.
The public cloud: What is it good for?
Public cloud is all about providing commodity, undifferentiated services on-demand, so it comes as no surprise that it's most commonly used for generic administrative tasks, such as HR and finance.
That certainly seems to be the case for SAP customers, who are choosing to concentrate in-house IT resources on areas that differentiate the business.
Analyst firm Gartner, however, found its clients planning to make wider use of cloud services, investing in SaaS to rapidly secure the technologies and expertise needed to seize new business opportunities rapidly, and IaaS to provide platforms for testing new ideas.
And for Michael Ibbitson, CIO of Gatwick Airport, not being having to run the kit that underpins a service makes it easier to swap to an alternative when a better choice comes along.
"We can choose to switch to a different 'as-a-service' provider pretty much at any time we want," he said at the time.
"We can bring another service in and test it out with a core group of users. If it works for them better than what we had before, we can migrate people across in a much more simplistic fashion than we could when we built and owned all of the infrastructure."
Regaining control
Of course, talking about what should be in the public cloud presumes that IT actually has control over the public cloud services used by a businesses' employees.
That isn't always the case. The tendency for staff to use public cloud services designed for personal use was revealed by figures showing the most widely used cloud storage services are consumer-grade offerings from Dropbox and Google, rather than enterprise-targeted alternatives such as Box.
Blocking these unsanctioned services isn't an effective way of restricting access. In some cases preventing logins can lead staff to switch to a less secure online service; the logistics of stopping access can also be tricky due to the plethora of devices that can connect to them.
One way of regaining control that some businesses are starting to experiment with is by building an enterprise app store that provides staff with easy access to alternative online services that are sanctioned by the business.
The licensing headache
Even when IT does have a handle over the cloud services the organisations uses, licensing can be a real headache.
David Wilde, CIO of Essex County Council, found that licensing is making it tricky for the authority to share services between the council and its government sector partners.
His organisation delivers services for at least half-a-dozen other public agencies, but cloud licences currently make it difficult to set up such arrangements.
"And I don't understand why: it's all public sector and it's bodies, and I can count them up. Does it matter whether it's us or somebody employed in Basildon Hospital?" Wilde said.
Cloud usage policies
Rather than try to ban staff from purchasing cloud services, the BBC has set up a central group to regulate their use and inform employees about adoption of these services.
The broadcaster sets and communicates cloud usage policies, and also determines compliance workflows that take staff through the questions they need to ask when making purchases, step by step. The group comprises representatives from a number of departments, including legal, information policy, security, architecture and IT delivery, as well as a large number of users.
According to BBC head of infrastructure strategy and architecture Paul Boyns, the approach is about accepting the reality of how staff use IT services inside a modern business.
"I'm not saying they are the right buyers of cloud services, but it is something that is extremely hard to put a stop to. Therefore we have to figure out how we're going to mitigate the risk associated with that until such a time we have services where staff feel less need to go elsewhere."