Platform-as-a-service is becoming a standard way to build out an agile, Web-oriented business, but beware of risks.
Editor's note: The author suggests PaaS started out looking something like Force.com, as offered by Salesforce.com. It worked with Salesforce applications and could be used to produce new ones, provided you lived within its limits. But open-source PaaS, such as Red Hat's OpenShift, is much more general-purpose than that. The author is a Red Hat employee.
As platform-as-a-service enters the mainstream with increased enterprise adoption, it's important for IT managers to have a clear, five-point strategy.
Enterprises were reluctant to embrace PaaS in the early days because of vendor restrictions on application architecture and the risk of vendor lock-in. Modern enterprise PaaS offerings, mostly driven by open-source, are designed to reduce these risks.
Still, it's important for organizations to develop a strategy that helps them take advantage of the immense benefits offered by PaaS while also minimizing the risks. Here are the five pillars of enterprise PaaS strategy, which can help your business mitigate the risks while maximizing the benefits.
1. Ease of deployment and management: As private PaaS becomes the norm for enterprise adoption, key factors for IT to consider are how easy it is to deploy and how steep the learning curve associated with its management. Enterprises already have large investments in IT infrastructure. If you can leverage existing investments like load balancers and management tools for PaaS, it will save money and accelerate the deployment.
2. Extensibility: As we move into the services world, smart organizations are embracing the idea of "composable enterprises," a term first used by Jonathan Murray of Warner Music Group. This means the platform should be modular and extensible. Only a platform with an open architecture can provide the extensibility needed to build modern, composable enterprise platforms.
3. Data layer separation: PaaS vendor lock-in can happen in two ways: through restrictions on the application architecture, and through the data layer. Modern enterprise PaaS offerings are geared to minimize the restrictions on application architecture, but it's still important for IT to focus on how the data layer is implemented in the platform. Data gravity implies that if data is locked into a particular platform or service provider, vendor lock-in will immediately follow. It's important to consider a platform where the data layer is loosely coupled with the platform so that the cost of migration from one platform to another is minimal.
4. Role separation: Enterprises can offer platform abstraction for their developers in many ways. The straightforward approach is to use PaaS, but abstraction can also be achieved through an IaaS+ approach using DevOps tools like Chef, Puppet, etc. To decide which approach is best, you must consider the needs of your organization and your existing investments. An effective DevOps approach might involve developers learning operations and ops workers learning to code, or keeping the roles separate but collaborative. An IaaS+ approach requires cross-pollination between the development and the operations teams, with both sides learning the skills of the other. This approach is more expensive, as it is difficult to find talent with expertise in both coding and operations. Depending on the platform, PaaS can help your organization maintain separate development and operations teams while increasing collaboration between the two. This approach not only increases your organization's agility, but it also lowers costs.
5. Portability through standards: Although data layer separation keeps migration costs to a minimum, it's also important to consider whether PaaS uses industry standards to ensure application portability. Containers are fast becoming a standard way to ensure application portability. Some platforms also use standard packaging formats for encapsulating application environments. Red Hat's OpenShift Cartridges and Heroku's Buildpacks are two well known approaches to standardization on this front. Other PaaS vendors are embracing these two standards as a part of their platforms.
As enterprises continue to recognize the value of PaaS, we will see more and more stories of how they are using it to maximize efficiencies. Make sure your PaaS strategy and investment delivers significant value with minimal risk.
Advanced persistent threats are evolving in motivation, malice, and sophistication. Are you ready to stop the madness? Also in the new, all-digital The Changing Face Of APTs issue of Dark Reading: Governments aren't the only victims of targeted "intelligence gathering." Enterprises need to be on guard, too. (Free registration required.)
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Cybersecurity Strategies for the Digital EraAt its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.