Chris Poelker says enterprises should watch the feds' Cloud2 play.
The government may be ahead of the private sector for once in leading the charge to adopt new technology," says Chris Poelker, a deputy commissioner on Cloud2, a TechAmerica Foundation group. The foundation is a nonprofit, nonpartisan affiliate of TechAmerica, which represents the U.S. technology industry. Poelker is referring to the Obama administration's directive that government agencies adopt cloud services wherever possible. "The current administration's CIO is doing a good job in assuring taxpayer dollars are spent wisely by reducing overlap in IT expenditures, consolidating redundant infrastructure, and moving common and public-facing applications to commercially available cloud versions," Poelker says, adding that the General Services Administration is poised to play a larger role as a reference model for centralized or shared IT infrastructures.
As enterprises evaluate these services, he says, CIOs must remember one thing: "In their hearts, [cloud vendors] believe in the fundamental benefits of IT optimization and services-oriented utility computing. They want laser-like focus on their core mission and no longer want to be bothered with the operational details of providing data services."
For companies eager to gain the benefits of the cloud but waiting for security, reliability, and standards to improve, he recommends adopting a building-block approach, letting them take advantage of hybrid and public storage offerings while vendors get regulatory, bandwidth, and data mobility specifications up to par.
The Obama administration is working with the Cloud2 Commission to assess standards in area such as ubiquitous encryption of data in flight and at rest with simple key management. The commission has a three-month mandate to provide recommendations for how government may better deploy cloud technologies, and for public policies that will help drive U.S. innovation in the cloud and spur economic growth. "Cloud providers have a vested interest in adopting and investing in these standards," Poelker says.
For now, he sees network bandwidth, deduplication, and encryption as the three most important technical factors vendors must address. Poelker's Top 10 questions CIOs need to ask:
1. On what RAID type is my data being stored?
2. Are there warranties regarding performance and throughput? How is latency handled?
3. Is my data comingled with the data of other users on the same disks? Is it pooled, or is it stored on physically separate shelves, disks, or arrays?
4. How is my data isolated and protected from intrusion?
5. Is my data encrypted at rest and in flight?
6. What is your disaster recovery strategy?
7. How do you back up my data?
8. How do I move my data to another provider if I want to cancel my contract?
9. If I want to move my data back in house, how do I get it, and what are the charges?
10. Do you guarantee five nines? If yes, what are the contractual penalties if you miss?