Bit of a cloudy week with the discussion of risks earlier and now a related post on enterprise clouds.
Even though I’m not a fan of the term, I suppose I’ll keep using it, like Web 2.0. It occurred to me that like a lot of consumer stuff, service-based-computing should thrive inside the corporate firewall, because of the Slanket of trust we have with our employers.
Original photo by anselm from Flickr used under Creative Commons
What do I mean?
I’m talking about infrastructure. Just as cloud computing has lowered the cost of starting businesses, cloud-based infrastructure should lower procurement costs for enterprises and bolster corporate security.
Small divisions within large companies have disparate sets of needs, e.g. project management with MS Project may work well for some teams that have the licenses and the prerequisite skills, whereas other teams might prefer Basecamp, or an open source option. They might even have the chops to roll their own solution.
These disparate needs quickly become nightmares for procurement and corporate IT/IS. As cloud-based, web app and open source options continue to push out great feature sets at affordable prices or for free, centralized processes struggle to maintain the level of control they’ve become accustomed to over the past decade.
In most companies, if you want to test out new software, you need hardware and physical space first. To host a web app, you’ll need networking setup–data center space, hostnames, DNS, possibly certs and maybe even gear. All this before you even get started.
These processes don’t always move fast enough for your timelines, so services on the consumer web become attractive because they’re affordable and managed for you. However, what if your corporate security forbids you from using services outside the firewall? You’re stuck with a dilemma. You can go through the processes to procure hardware and get it online, or you can change your thinking to fit what’s available now.
What if your company had an EC2-like service inside its firewall that made it quick and easy to get a virtual machine up and running? You go straight to testing that shiny new software, and if it works out well, you could let other teams try it out and scale your infrastructure to support them.
Add a backup service (like S3) inside the firewall and you could not only backup your application data, but you now have a standardized way to make it dead simple for employees to back up their personal data.
Central IT wins here too because they can monitor what’s being used and test out new software among their users in a centralized manner.
For example, maybe your company needs a pdf creator like JotNot because you’re moving away from paper copies of everything. But, security doesn’t want sensitive data on outside servers, natch, and you don’t want to manage the rollout of an O/S- dependent installable package.
Just put up any one of the many options out there on your cloud and provide this as a web app to all your users.
Or, maybe you have a platform that you want people to use for application development. Put it up on your cloud with a cloud-based IDE, like Bespin, and you’re all set. You’ll soon have a company app store, also hosted in your cloud.
A change to infrastructure in an enterprise cloud wouldn’t be totally push-button-start. You’d have to have a decent datacenter and good pipe. Plus, you’d need NOC skills from IT, and you’d still have processes.
Still, this feels like a good idea. As I think about it, I have to assume someone is doing this already. If you know of an option, let me know in comments.
Did I miss something obvious? Don’t agree this idea would work?
Find the comments.
I like the idea of a cloud-type-thingy inside the firewall. Never thought of it that way.
I’ve been to a couple of these virtualization pitches recently, one for desktops and one for the data-center. Pretty cool stuff. I think it’s perfectly applicable here…you’ll get innovation if you give your employees (individually or groups/departments) the freedom to tinker. Doesn’t Google do 20% of your time?
It’s probably why I like your group…small, nimble and jumps tall buildings in a single bound.
Hi Jake, this is what I was asking for as well. I like the term enterprise clouds and I hope Oracle does something in this direction. I've actually heard at random that Oracle did have a plan of a private cloud for Oracle. You should push up your chain and I am trying from my team as well. Thanks for the thoughts and the simple examples you used to justify your thoughts!
Everyone would benefit from flexible infrastructure, but I think the startup costs generally keep IT cautious. I'll ask around, but I'm not confident anyone will talk to me 🙂
HI Jake. I'm still not convinced by the private cloud argument. It epitomises the kind of conservative, minimise-the-change-and-risk thinking that is the real disease in corporate life that guarantees suboptimal performance.
But I'm also a realist – right now, the concerns about trust and reliability are quite valid given the immaturity of the domain, but I think that does not mean we shouldn't still have our eyes raised towards the ideal end-state goal.
I think the issues you've identified are valid, but the reaction – moving to a private cloud infrastructure, hence control – misses the mark in terms of the longer term objective of positioning your IT organisation to fully exploit the cloud services becoming increasingly available (_not_ aim to replicate it all themselves inside the firewall).
Personally, I think the core issue concerns authentication and access control infrastructure. Issues such as where data resides (ignoring for a minute some regulatory constraints) are subsidiary once you have control of the authentication and access control process.
The big issue that corporate IT needs to be hot on right now is that external cloud services _are_ being used for business (no matter what your policies say). And mostly, employees are using personal login credentials for these services. A big security and compliance nightmare. What should Corporate IT do? Getting control means providing some way of enabling corporate identities to be exported on the web (so when I login to google docs, I use my corporate OpenID, not my personal account for example).
I've been spruiking the idea for a while with some positive feedback (definitely not a tidal wave) – for the latest see http://tardate.blogspot.com/2009/09/opx-almost-… – interested in your thoughts;-)
Completely agree that corporate IT is trying to close the barn door after the cows have been using cloud services for a long time. That was fun.
You know there are cases where a private cloud is the only way to provide services too, e.g. testing new software releases or building internal apps on software your company builds. So, I'm not sure why you're calling that conservative.
It's just not possible for every enterprise to go full cloud, and a private cloud is a really good option that, frankly, is a better one in a lot of cases.
Corporate OpenID may be the way to go eventually, but it still has an uphill battle in the consumer world to win first. Maybe the US government's steps to adopt will help.
HI Jake. I'm still not convinced by the private cloud argument. It epitomises the kind of conservative, minimise-the-change-and-risk thinking that is the real disease in corporate life that guarantees suboptimal performance.
But I'm also a realist – right now, the concerns about trust and reliability are quite valid given the immaturity of the domain, but I think that does not mean we shouldn't still have our eyes raised towards the ideal end-state goal.
I think the issues you've identified are valid, but the reaction – moving to a private cloud infrastructure, hence control – misses the mark in terms of the longer term objective of positioning your IT organisation to fully exploit the cloud services becoming increasingly available (_not_ aim to replicate it all themselves inside the firewall).
Personally, I think the core issue concerns authentication and access control infrastructure. Issues such as where data resides (ignoring for a minute some regulatory constraints) are subsidiary once you have control of the authentication and access control process.
The big issue that corporate IT needs to be hot on right now is that external cloud services _are_ being used for business (no matter what your policies say). And mostly, employees are using personal login credentials for these services. A big security and compliance nightmare. What should Corporate IT do? Getting control means providing some way of enabling corporate identities to be exported on the web (so when I login to google docs, I use my corporate OpenID, not my personal account for example).
I've been spruiking the idea for a while with some positive feedback (definitely not a tidal wave) – for the latest see http://tardate.blogspot.com/2009/09/opx-almost-… – interested in your thoughts;-)
Completely agree that corporate IT is trying to close the barn door after the cows have been using cloud services for a long time. That was fun.
You know there are cases where a private cloud is the only way to provide services too, e.g. testing new software releases or building internal apps on software your company builds. So, I'm not sure why you're calling that conservative.
It's just not possible for every enterprise to go full cloud, and a private cloud is a really good option that, frankly, is a better one in a lot of cases.
Corporate OpenID may be the way to go eventually, but it still has an uphill battle in the consumer world to win first. Maybe the US government's steps to adopt will help.