In the coming year, the cloud will reach milestones that critics said it never would: it will be certifiably secure for credit card transactions; able to host multiple virtual machine types in the same infrastructure; and easier to manage.
(click image for larger view)
Slideshow: Top 10 Cloud Stories Of 2010
When it comes to cloud computing, a lot changed in 2010. If the cloud were like an NFL quarterback, its status went from doubtful or even being on the injured reserve list to suddenly becoming everyone's favorite, smash-mouth player.
And In 2011, the cloud's definitely got game. Expect to see some clever handoffs and big gains in implementations over the next 12 months as interactions between the cloud and enterprise data center pick up. One thing that will emerge will be better management tools, tools that can address multiple hypervisor environments, like Novell's XENworks. Here's 5 predictions about what to expect in the coming year.
1. Payments In The Cloud
Nowhere is the changing environment more evident than in the possibility of Payment Card Industry (PCI) transactions, which weren't even in the cloud's playbook in 2009 or early 2010. They could materialize as a big factor in 2011. A transaction may still originate on company premises, but now it can be handed off to the public cloud, executed there, and still be in regulatory compliance.
On January 1, the Payment Card Industry Security Council implemented new regulations for PCI compliance, called PCI 2.0. While PCI 2.0 doesn't recognize cloud computing, it does recognize the secure operation of virtual machines. That takes PCI a giant step closer to the cloud.
In November, a technical subgroup of the council released a white paper, "PCI-Compliant Cloud Reference Architecture," that, while not endorsed by the council, clearly describes what's possible. It didn't take Amazon Web Services long to notice. On Dec. 7, AWS announced that a PCI auditor, IOActive, had certified EC2 for conducting Level 1 transactions under PCI regulations. No auditor had done that before.
In 2011, the PCI floodgates are likely to open and credit card data will flow into the cloud. The drafters of the next set of PCI regulations, version 3.0, will have to stand by over the next three years and watch as (hopefully) secure transactions are executed in many cloud settings. Instead of the cloud following the standard, it's likely the standard will be trying to catch up to the cloud by the time a PCI document uses that term for the first time. That would likely be in the fall 2013 timeframe.
Secure transactions in the cloud are good news to startups, which struggle to establish the separated infrastructure needed for compliance. Even larger companies may find they can further shrink their data centers by safely offloading the peak transaction load that materializes during their year-end selling season.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.