Cloud computing is like the Wild West, where the players are rough around the edges, the borders are undefined, and the homesteaders are subject to unforeseen risks. In this environment, IT governance is nearly impossible -- but an absolute requirement.
Cloud computing is like the Wild West, where the players are rough around the edges, the borders are undefined, and the homesteaders are subject to unforeseen risks. In this environment, IT governance is nearly impossible -- but an absolute requirement.InformationWeek's Mike Fratto provides an eye-opening look into the state of governance in his article "Cloud Control," which appeared in the Jan. 26 issue of InformationWeek and is posted on InternetEvolution.com. Fratto talked to a handful of IT pros who are working through the issues of cloud computing governance. His sobering conclusion: "The courts and industry groups will eventually help develop guidelines, but for now, we're on our own."
Some of the issues that IT folks need to focus on as they consider cloud computing include security, privacy, availability, and performance. Governance requires applying policies, access controls, monitoring, and auditing to corporate use of cloud services.
One of the trickiest aspects of cloud governance involves just where data is located when it's in the cloud. As Fratto notes, it's not unusual for software-as-a-service and other cloud vendors to store data on servers managed by another company. In effect, there can be two or more degrees of separation between your company and your company's data.
"Outsourcing companies are themselves outsourcing their processing," says John Pironti, an IT consultant. "You have to worry about where your data ends up."
Cloud service providers tend to be opaque about their underlying architectures, making it hard for IT departments to know precisely where data is stored. At the same time, state and federal regulations govern the management of health-related and other personal data, and they won't accept "I don't know" as an answer to queries about where that data is stored.
Cloud service providers are taking steps to give customers more options and control. Just last month, Amazon made it possible for users to launch EC2 instances in specific regions of Europe. That capability was a must-have for companies needing to comply with EU regulatory requirements.
Even so, Amazon remains unacceptably opaque. The company refuses to reveal the locations of its data centers. "You can't audit what you can't see," writes Fratto. "This is a deal killer in many regulated industries."
What's the right course of action? InformationWeek recommends that IT pros be proactive and consult with their in-house security experts, legal counsel, and data owners before getting too far into cloud services.
2014 Next-Gen WAN SurveyWhile 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
Server Market SplitsvilleJust because the server market's in the doldrums doesn't mean innovation has ceased. Far from it -- server technology is enjoying the biggest renaissance since the dawn of x86 systems. But the primary driver is now service providers, not enterprises.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.