When it comes to cloud computing, a lot changed in 2010. If the cloud were like an NFL quarterback, its status went from doubtful or even being on the injured reserve list to suddenly becoming everyone's favorite, smash-mouth player.
And In 2011, the cloud's definitely got game. Expect to see some clever handoffs and big gains in implementations over the next 12 months as interactions between the cloud and enterprise data center pick up. One thing that will emerge will be better management tools, tools that can address multiple hypervisor environments, like Novell's XENworks. Here's 5 predictions about what to expect in the coming year.
1. Payments In The Cloud
Nowhere is the changing environment more evident than in the possibility of Payment Card Industry (PCI) transactions, which weren't even in the cloud's playbook in 2009 or early 2010. They could materialize as a big factor in 2011. A transaction may still originate on company premises, but now it can be handed off to the public cloud, executed there, and still be in regulatory compliance.
On January 1, the Payment Card Industry Security Council implemented new regulations for PCI compliance, called PCI 2.0. While PCI 2.0 doesn't recognize cloud computing, it does recognize the secure operation of virtual machines. That takes PCI a giant step closer to the cloud.
In November, a technical subgroup of the council released a white paper, "PCI-Compliant Cloud Reference Architecture," that, while not endorsed by the council, clearly describes what's possible. It didn't take Amazon Web Services long to notice. On Dec. 7, AWS announced that a PCI auditor, IOActive, had certified EC2 for conducting Level 1 transactions under PCI regulations. No auditor had done that before.
In 2011, the PCI floodgates are likely to open and credit card data will flow into the cloud. The drafters of the next set of PCI regulations, version 3.0, will have to stand by over the next three years and watch as (hopefully) secure transactions are executed in many cloud settings. Instead of the cloud following the standard, it's likely the standard will be trying to catch up to the cloud by the time a PCI document uses that term for the first time. That would likely be in the fall 2013 timeframe.
Secure transactions in the cloud are good news to startups, which struggle to establish the separated infrastructure needed for compliance. Even larger companies may find they can further shrink their data centers by safely offloading the peak transaction load that materializes during their year-end selling season.