Justin Pine takes a look at the ongoing debate around cloud standards.
Recent research conducted by Mimecast has found that a large proportion of businesses are now using some form of cloud service, with a further 30 percent planning on adopting more cloud services in the future.
Fashionable new architectures within the technology industry are not unusual. However, even allowing for a certain amount of bandwagon jumping, this rate of cloud adoption has been considerable.
The ‘cloud’ itself is a competent and established business tool that solves a range of security issues and drives efficiency. However once one delves deeper into the world of cloud computing, one finds that there are some issues that still need resolving.
One problem is that as more organisations turn to the cloud, the need for an effective set of industry standards is becoming ever more pressing. There is a clear divide between those who argue for implementation of cloud standards and those who argue against. At the heart of this debate is a clear need to balance the benefits of having a standard with the call for a sustained pace of innovation. The argument against cloud computing standards is based upon the premise that standards just are not necessary.
In this sense, industry-wide uniformity and standardisation is seen as something which would stifle innovation and distract focus from more specific problems. According to this train of thought, different providers need to be free to evolve solutions that best fitdistinctive domain and customer needs.
The alternative ‘one voice, one system’ argument sees the lack of standards in the cloud industry as a serious problem. With the industry being void of any commonly accepted standards, vendors have nothing to hold them to account and as a result potential and existing customers have little objective information on which to base their buying decisions.
A lack of homogeneity can cause a range of issues. For instance a deficiency of inter-cloud standards means that if people want to move data around, or use multiple clouds,the lack of fluency between vendors creates a communication barrier which is near impossible to overcome. Surely companies should be able to move their data to whichever cloud provider they want to work with without being tied in for the foreseeable future?
Another issue is that there is considerable confusion around the term ‘cloud’ itself. Among vendors there is a definite trend of ‘cloud washing’whereby less scrupulous companies re-label their products as cloud computing too readily, overselling the benefits and obscuring the technical deficiencies of what they have to offer.
This “cloud washing” is in some areas leading to a mistrust of cloud. Furthermore, with the market becoming increasingly crowded and no clear standards in placeit is hard for customers to tell the difference between a cloud vendor with a properly designed delivery infrastructure and one that has patched it together and is merely using cloud as a ‘badge’.
All of this makes it increasingly difficult for customers to navigate their way through the maze of cloud services on offer and, of course, it is the customer who should be the priority throughout these discussions.
Moving forwards, there are a range of bodies that are pursing some form of resolution to the standardisation debate. However for these organisations to have a genuine impact on the industry, companies and individuals need to rally behind them and actively support their calls for universal standards.
The first standard that needs to be tackled is security. It’s the number one customer concern about transferring data to the cloud and needs to be addressed as soon as possible. The reality is that this concern is mirrored by vendors who are similarly wary of any potential security breaches and, as a result in most cases go to extreme lengths to protect their customers’ data. In factone cloud security firm recently estimated that cloud vendors spend 20 times more on security than an end user organisation would.
Security breaches would inevitably mean the reputation of a company falling into disrepute and in worst cases mark the end of their business altogether. Moreover,the creators of any new cloud based technology do not want to see their project fail for obvious reasons. It is those vendors that do not apply strict standards to their business that need to be called into question. An industry standard is the only way to manage this and good vendors would welcome one because they have nothing to fear from rules of best practice.
The second standard that needs to be tackled is the “Cloud Data Lifecycle”. In previous years, when a customer bought software they installed it directly on their premises. Therefore if the vendor went away they could keep running the software until they found an alternative. With an increasing number of people flocking to the cloud, how can a customer ensure they continue to have access to their dataif the vendor goes out of business? It is for this reason that we need Data Lifecycle standards because currently the onus is on the customer to check the financial health of their provider.
The good news for cloud users is that there is light at the end of the tunnel. The issue of standards is no longer being sidelined but instead being addressed on a large number of platforms with contributions from some of the industry’s top decision-makers and influencers. For most, if not all conversations, it is simply a question of when, not if, cloud standards are established. However while the debate continues, customers will need to ensure that they are aware of the dangers and pitfalls associated, albeit rarely, with adopting a cloud service. Carrying out their own due diligence and research to ensure that their chosen technology is robust, properly architected and secure will remain an essential practice until that time.
Justin Pirie is director of communities and content for Mimecast,
Mimecast is exhibiting at Infosecurity Europe 2011 from 19th – 21st April at Earl’s Court, London.