It's a variation on the old straw man argument, whereby a vendor defines its customers' main concerns about a product, technology, or technology model and then proceeds to explain them away one by one. When it comes to cloud computing, the next great information technology movement, the leading vendors express customer concerns along these lines: Is it secure enough? Is it reliable enough? Does it make financial sense?
Potential customers are indeed grappling with those issues, but they have so many more questions about cloud computing. Will they get locked into a single vendor, with their data or applications held hostage? Will mostly consumer-oriented vendors such as Google and Amazon.com stay in the enterprise IT business for the long haul? Given the laws and regulations governing certain industries and business practices, what data can live in the Internet cloud and what data must organizations keep closer to the vest? Are there adequate applications and other IT resources to be found in the cloud?
At a session on June 9 at the Enterprise 2.0 Conference in Boston, a panel of executives from Google, Amazon Web Services (AWS), and Salesforce.com pitched their cloud-based services to a panel of CXOs from potential customer organizations and then answered their pointed questions. Here's what's on those CXOs' minds, and how the vendors responded.
• Security. Yes, it's still top of mind for most customers. Is data held somewhere in the cloud (customers don't always know its exact location) and piped over the Internet as secure as data protected in enterprise-controlled repositories and networks?
The vendor argument usually comes down to scale and centralized control. Few enterprises can allocate the money and resources that companies such as Amazon, Google, IBM, and Salesforce do to secure their data centers. Salesforce senior VP Ross Piper makes the point that Salesforce's data centers had to pass the intense muster of security vendor customers Cisco and Symantec. Adam Selipsky, VP of product management and developer relations for AWS, which offers cloud-based storage, compute, billing, and other services to enterprises and individuals, notes Amazon's years of experience protecting tens of millions of credit card numbers of retail customers.
Data stored within the cloud, the vendors argue, is inherently safer than data that inevitably ends up on scattered laptops, smartphones, and home PCs. Google relates how one of its execs, Dave Girouard, had his laptop stolen at a San Francisco Giants game. Girouard evidently called the CIO with one concern: Do I replace it with a PC or a Mac?
But the cloud vendors realize that when it comes to security, enterprise customers aren't going to take their word for it. "We need to prove to you that security is strong with all Web apps," Google Enterprise product manager Rishi Chandra said in a keynote address at Enterprise 2.0.
• Vendor lock-in and standards. Object Management Group CEO Richard Soley, a leading standards setter in his own right, wonders if Internet specifications are mature enough to ensure data portability across the cloud. "How easily could I pick up my application from one vendor and move it to another?" Soley says.
The cloud vendors emphasize the openness and extensibility of SOAP, XMPP, and other Web services protocols. AWS's Selinsky notes that the vendor's IT infrastructure services require no capital or other up-front investments, and Piper points out that Salesforce's app service customers can start with as few as five users and commit gradually. A cloud vendor retort: How easy is it, by comparison, for customers of SAP, Oracle, or EMC premises-based wares to up and leave?