When You Wish Upon “The Cloud”
by Erin Griffin
used with permission from the Microsoft Small Business Website
It seems that every networking event this year, every tech magazine issue, and every vendor worth its salt is talking about “the cloud.” The cloud, in one of its many forms – public, private, or mixed – has become ubiquitous! I’ll confess: I started off my cloud gazing with little interest and several doubts, but I’ve learned a lot over the past year about the potential benefits of obtaining software, platform, and infrastructure as cloud services. I’m not quite ready to “drink the kool aid” yet, but it’s starting to look pretty tasty. Still, I have five wishes that need to be granted before I can consider a major move into the cloud.
Wish #1: Service Comparable to What I Provide Now.
When our CEO says jump, well . . . you get the picture. As CIO, I have to provide the level of service that our senior management and board expect from the IT team. So, how do I create SLAs that really ensure that a cloud provider will meet these demanding standards? When a cloud provider doesn’t meet the SLA, the reimbursement is generally a partial rebate of the provider’s fee. When the internal IT staff doesn’t meet the SLA, the “price” can be much higher. So, for example, if I want to have “bursting” support for high levels of availability at peak times, how do I know I can rely on the cloud to provide it? If my cloud provider doesn’t provide the support for the load at the time I need it, I will be compensated with a portion of my hosting fee, whereas if the internal IT team were to fail in this example, we’d be accountable for the lost revenue. That high internal price results in a great motivation to deliver service. Then there are the service issues that are, frankly, out of the control of most cloud providers. The last mile connectivity from premises to data center can be fraught with latency. When users are accustomed to running heavy applications over a private network, accessing them over commodity Internet lines can really impact their perception of system performance.
Wish #2: The Ability to Customize.
We’re all unique, right? Every organization has its – dare I say? – “secret sauce” – the customized software applications and systems that are a major part of the value we bring to our customers. Being able to establish and support a custom implementation in the cloud is still a challenge. For example, we are implementing Microsoft Dynamics CRM. But we need a special search capability that has to be either developed or added as a bolted-on application from a third-party provider. We need such ability to customize standard applications in order to make them effective for us, and that means in the cloud as well as on premises. I’d like to have applications delivered for us to customize and then be maintained in the cloud.
Wish #3: High Security.
Our data is an “attractive nuisance” – people are interested in it because we have personal information on very public figures. Controlling access to that data is critical. No matter what security promises are in our agreement with a cloud provide, and regardless of the amount of SAS 70-2 control in place, we will be loathe to release control over our member data to an outside firm. Although security can be a selling point for Microsoft’s products, abdicating our control over this information poses a significant risk that must be addressed. In addition, the cloud providers I have investigated do not encrypt data in motion or at rest, requirements that have begun to crop up in data security and privacy legislation. Bottom line – I need to be able to affirmatively state that my cloud provider is better and more knowledgeable about data security than I am.
Wish #4: Easy Integration.
Not only are our systems highly customized, they are extensively integrated. I need an end-to-end integration of solutions; in particular, hybrid solutions that support only certain user groups and are integrated via web services with locally hosted options. I haven’t yet seen a hybrid solution that provides easy manageability between on-premises and hosted solutions. And I want to manage performance, access, and the like seamlessly, whether that data or application or user resides in the cloud or on premises. And by the way, which cloud? Just as there are many clouds in the sky, there are many cloud providers. Will information in Oracle On-Demand play easily with enterprise applications developed in Azure?
Wish #5: Clarification of Legal Issues. Our data is part of our intellectual property. Access to that data creates a risk that it will be used in ways that negatively impact our organization. For example, we control access to determining who is eligible to work under a SAG contract. Providing access to work history data could enable other entities to try to make such decisions about our members. E-discovery is another big issue, both in terms of our own need to provide access to electronic assets as well as concerns about allowing inadvertent or unauthorized access to our data in the cloud. If a subpoena is served for access to our data, how will our cloud provider respond? Will we be notified of what data was delivered? Further, what is our obligation to report the remote storage of customer data? As laws surrounding electronic data continue to change, I want to be certain that I’m in compliance and that our organization continues to be served by operating in the cloud.
Despite the fact that my wishes aren’t yet a reality, I’ve decided it’s prudent to assess what steps we can take, and when, to avail ourselves of cloud computing’s potential to save on infrastructure costs and to increase computing capabilities. I’m looking forward to putting together my cloud computing roadmap, and I encourage other CIOs to create their own cloudy forecast.
Erin Griffin serves as the Chief Information Officer for the Screen Actors Guild, the nation’s largest labor union representing working actors. Recognized nationally for visionary leadership, Ms. Griffin is known for aligning IT with business, uniting diverse stakeholders around a common goal, leveraging next-generation technology solutions, and leading turnaround initiatives to accelerate growth, resolve business challenges, improve operational performance, and elevate the organization’s industry reputation. She is also part of Microsoft’s CIO Advisory board.
Cyber threats never take a day off, never clock out and go home at the…
Building, deploying, and managing applications via Microsoft's global network of data centers is easier with…
Microsoft Copilot is a tool, powered by AI, that aims to boost your productivity within…
Making things happen is the art and science of project management. The process involves managing…
In today's fast digital life, website performance is important, as it holds visitors and ensures…
The FBI reported that cyber attacks against government facilities saw an increase of almost 36…