Cloud computing has been a buzzword in the IT industry for long now with everyone talking about potential benefits that organizations can
derive from it. While several software service providers are gearing up their
infrastructure to incorporate Cloud computing, developers have started building
apps that have provisioning for scalability to meet the Cloud computing
requirements. However, key IT decision makers are still skeptical with some
valid concerns to adopting the public cloud for their data-sensitive or mission
critical applications.

What is Cloud?
Cloud Computing isn’t a new concept, though it has taken a while for standards, infrastructure and common interests of organizations to meet and result in a commercially viable technology solution. Cloud Computing in general
refers to both application delivery as services over Internet and the infrastructure in the datacenters to provide those services. From a user’s perspective, it can be termed as an extension to Saas based service delivery
model. Whereas, from a service provider’s perspective, it is overhauling the infrastructure to cater to better resource utilization, dynamic provisioning and
auto-scaling capabilities. This new model offers a paradigm shift in the manner
in which applications can be delivered to the users; as it provides elasticity
for scaling up and down the computing resources, thereby offering reduced IT
costs.

Thus, the overriding benefit of cloud computing is that it
enables the service subscribers to only use what they want, and pay accordingly.
As organizations are being more cost conscious post recession, Cloud Computing
is becoming a viable option to deliver web applications.

The Cloud computing spectrum incorporates SaaS as well as
PaaS (Platform as Service) and IaaS (Infrastructure as Service) to fully
encompass the complete definition of Cloud computing. SalesForce.com and Google
Apps (Gmail, Google Docs, etc.)fall under the SaaS model of Cloud computing
where Web-based software applications are delivered. While Microsoft’s Azure and
Google AppEngine fall under PaaS category of Cloud computing where you get a
development environment (.NET in case of Azure and Python or Java for AppEngine)
for hosting applications.

Frost & Sullivan survey findings
To understand the changing face of the application delivery market in light
of the influx of Web applications and the rapid emergence of the Cloud computing
concept among enterprises, Frost and Sullivan conducted a survey in Asia Pacific
(APAC) region, which was commissioned by F5.The survey established a strong
association between business agility and Cloud computing. It also highlighted
the key benefit as cost savings for enterprises to adopt the Cloud.

The findings also positioned security and access control as
key challenges that could potentially affect enterprises’ decision to either
embrace or discount Cloud computing as a viable business tool at the present
moment. Interestingly, the survey also revealed that whilst enterprise
perception towards Cloud computing as a business enabler was encouraging, but
Cloud computing as a technology remained fairly vague to the majority of
enterprises surveyed. This was confirmed from the survey findings; with almost
50% respondents saying that Cloud computing and SaaS (Software as Service) were
essentially the same thing.

While for the concerns organizations have towards adoption
of Cloud Computing, the survey revealed that majority of respondents,69%,
perceived Cloud Computing as entailing greater security risks. More importantly,
the vast majority of respondents (72.0%) held the opinion that Cloud computing
technology was yet to mature, which was perhaps indicative and representative
of the prevailing market sentiments towards the topic at the moment.

Obstacles to Cloud computing
One of the significant barriers to Ccloud computing adoption is the lack of
a common definition of what the Cloud actually is. If you ask four different
persons, you are bound to get four different definitions of the same. This can
be attributed to lack of standards, or absence of a governing or regulating body
like W3C or IEEE. You can get elaborate definition of Cloud computing on
Wikipedia; though, every explanation incorporates that Cloud computing is about
dynamic provisioning, dynamic scaling, and from both providers and users point
of view, it results in cost effectiveness and optimum resource utilization.

As it happens with any organizational IT decision, the move
to adopt a Cloud model would always be based on sound understanding of
organizational business needs and requirements. Cloud computing market as such
is in an early adopter stage, and with so much of hype and misunderstanding, it
can happen that “Cloud Providers” of today could shift focus or completely shut
down in next few years. Any service subscriber won’t like such confusion to
prevail over their adopting to Cloud computing strategy. Coupled with this
unpredictability of service provider, there are perceived risks and
considerations associated with hosting organization’s sensitive data, or moving
applications to non-compatible Couds, service flexibility and ability to migrate
to another provider are all posing to be barriers to adoption of Cloud computing
amongst enterprises.

Security concerns
As the survey also reflected, enterprises are primarily concerned about the
security before adopting or shifting to a Cloud based model. It is the
responsibility of the service provider to maintain and address the security
concerns for their Cloud computing infrastructure. The security concerns not
only entail network security but also application security as well.

A hosted application may comprise of services provided from
multiple sources, and the system could have limited capability to identify from
where all the sources are coming. In such a scenario, it can be difficult to
contain Trojans, viruses, worms, back doors, etc. from causing a system outage.
Therefore for service providers it becomes imperative to make considerable
investments towards securing their networks and making them robust.

Information security is a prime concern, with organizations
letting their confidential data being hosted on third party datacenters.
Organizations prefer to have their data within their premise under their own
vigil. And when they host it elsewhere, they are concerned about the security of
their data. For that matter, Cloud providers are looking forward to meet
standards or compliances. SAS 70 Type II (Statement on Auditing Standards) &
Federal Information Security Management Act (FISMA) compliance are few of the
recognitions for security standards that major Cloud service providers like
Amazon, Google , etc are vying for.

Service availability
Though the existing SaaS service providers have already set high standards
for availability of service, there are concerns for the Cloud based model,
because it is not just confined to application delivery but also to the platform
for computing services, Infrastructure as a Service (IaaS) model. Any
organization relying on Web based app delivery cannot afford to have service
outage for reasons other than natural disasters. In situations where an
organization is subscribed to IaaS, say from Amazon EC2, it needs to have the
proper resource allocated for the computing-intensive apps that they will
execute on the Cloud provider’s infrastructure. This auto-scaling or elasticity
feature of the Cloud is what organizations are keen to capitalize on. Until now
organizations have to build up their infrastructure or subscribe to services
considering the ‘what if’ scenarios. Most of the times, the resource utilization
comprising RAM, CPU and storage is 5% on average, therefore rendering the
dedicated resource underutilized most of the time. Whereas, with a Cloud
strategy, organizations can capitalize on scalability, both up & down.

Data lock-In concerns
Interoperability amongst various software applications has been achieved
over the years that has resulted in seamless information flow across the
enterprise. But in case of Cloud computing, most of the APIs are proprietary and
lack standardization, due to which applications meant for a particular Cloud
platform can’t be migrated to another Cloud vendor. For instance, an
organization deciding to host their business application on Cloud, would have to
spend time and effort developing the app. if they choose .NET they’ll host it on
Azure and if they choose Java, the hosting platform will be AppEngine. Once,
they have built their app they would be locked in to that platform and won’t be
able to migrate to other platform later. The same concern lies with SaaS service
providers too; the customers cannot easily extract their data or programs from a
provider’s site and run it on another.

SLAs and licensing
Service Level Agreements that would incorporate security measures, resource
and service availability and penalty clauses are what organizations want from
the Cloud providers. First of all, it has to be the organization’s strategy
decision to decide type of business process and applications they should have
on Cloud and applications they should own on their own. For, example
data-intensive applications like ERP and CRM can be kept on-premise, but
compute-intensive applications like analytics can be hosted on Cloud.

Software licensing is creating a tricky situation for Cloud
providers. Most current software are licensed on the basis of computers it would
be running on. On Cloud, it is not predefined how many computers an application
would need to run upon, it’s all about scalability, resources are provisioned
accordingly. So, what basis should Cloud providers charge their customers for
particular software license is a concern for both providers as well as for
subscribers. From the technology aspect, Cloud computing can be enabled, but
from adoption side it is necessary for the Cloud vendors to address these
concerns that pose today as roadblocks to Cloud adoption.

Related Articles

1. Building Your own Cloud Computing Netwok
2. Before You Move to the cloud