Posts Tagged ‘cloud computing’
A Cloudy Day at TechExecs
I moderated a panel at an event here in Houston today. The event was our local TechExecs CIO Panel Forum and covered Cloud 2.0 topics. I have been writing about similar topics in recent posts on this blog. See a security focused example here. Prior to our panel segment, we heard from several vendors mostly talking about cloud technology. There was quite a bit of good information presented and I learned that several vendors have been making more progress in the maturity of their products and services than I had given them credit for.
For example, one of the vendors was layeredtech. An intriguing notion in their presentation was the idea of a Virtual Private Data Center, or VPDC. While this acronym seems to be a natural extension of virtualization and cloud technologies that have been around for a while now the acronym is actually fairly new. My simple metric for that assessment is that there is no listing in Wikipedia for VPDC or Virtual Private Data Center (heads up layeredtech, you should fix that). The attraction of a VPDC is the notion of a holistic, virtualized data center that can dramatically simplify corporate IT life and lower costs for large, mid-size and small companies is compelling. The ability to quickly adapt a data center to align a company’s data center to better align with business process changes is music to my ears.
Another example was from iland. The presentation today discussed cloud-based disaster recovery. While that idea has been around a while and there are multiple vendors offering similar services, I found it interesting how well thought out their presentation was. It was just another indication to me of growing maturity. If you haven’t considered this scenario for disaster recovery yet, I suggest it’s time to do so.
Our panelists represented primarily larger and mid-sized companies. My overall impression from their comments was that they had well thought out opinions on each topic that not long ago were considered quite controversial. Remember, the Gartner Hype Cycle chart referenced in my security focused post mentioned above is new information. It still shows cloud computing at the peak of inflated expectations with some amount of negative hype still ahead. Our panelists were all highly competent professionals. There comments reflected well considered opinions about cloud security and value to their businesses. My overall conclusion from today’s event is that cloud computing has matured to the point of acceptable risks for people whose necks are on the line for such decisions. That’s a big deal.
I suggest that you catch a TechExecs event in a city near you. They don’t require much travel and only last half a day. Yet they are still able to provide useful information and a good networking opportunity. And as we all know, the moderators are really the big draw. It’s their witty way of reading printed questions, shutting up and listening for someone else to deliver the wisdom. I do the shut up part really well.
Thanks for stopping by. Until next time…
Flat World, Flat Clouds
I was thinking on some of the issues raised in Thomas Friedman’s book “The World is Flat” and what it means to the consulting world and the midsize business world. If you haven’t read this book a link to a summary is provided here. His book is actually divided into two general parts. The first part contains his observations on a globalized economy, social factors, technology and the development of several third world countries. The second part contains his social/political recommendations for the future. I think the first part is very useful. The second part, not so much (big government and big taxes aren’t my cup of tea). This post is directed at U.S. located companies. For those of you not located in the U.S., the logic is much the same.
My concern is the management of intellectual property and projects amid the proliferation of sources of skilled service labor, such as consultants, managers, engineers and software developers. For example, your company may need to develop a new product. If your company is a midsize manufacturing company, it may not have sufficient resources to execute all aspects of converting a good business idea into a mature, profitable production facility. Your company will probably look outside to various sources, both familiar and new, for help and advice. If you apply the observations from “The World is Flat” to all the companies involved with your project, the result can be a complex, interdependent web of knowledge and judgment sources.
Certainly companies deal with that situation today. However, the complexity of such arrangements will grow in the future. Now is the time to plan for how to handle that dilemma. I don’t presume to offer a solution in this short blog post. I can only try to frame the questions and offer some ideas. At least, I hope to get you thinking about this topic.
I need to define the types of service labor and regions that will be relevant to this discussion. First, I categorize service labor into three basic groups, shown in the table below. The table also includes some of the major attributes of each category. The key differentiation between each 
category is the tightness of the bond between the company and each group. That is determined by the level of involvement in core business processes. The “coreness” of a business process is defined by how integral it is to the value proposition of the company. “Direct” labor will always be direct employees of the company. “Close” labor may not be employees of the company but they will probably seem to be employees to an outside observer. “Packaged” employees will obviously not be employees of the company although their contributions will be considered very valuable. Other categories could also be defined for various levels of closeness to the company but these three will be sufficient to make my point.
There is also a need to define the notion of proximity. Direct labor will mainly be located at one of the company’s locations or a location sanctioned by the company, such as an employee’s home office. Close service labor may be located at the same locations as Direct labor or their employer’s locations. Packaged labor will typically be remote to the company’s locations but available when needed. This type of labor can be located anywhere in the world. Typically they will be located in one of the areas on the global map above colored in red (Note that the color red does not have a political significance, only an ease of visibility significance).
There are also some other terms of significance. You will also need definitions for “outsourcing“, “insourcing“, “offshoring” and “onshoring“. To save time and words, those definitions are provided by their corresponding links. All of these terms apply to the location and accessibility of service labor resources. For example, it is entirely reasonable to talk about outsourcing a business process to a domestic (onshoring) contractor. That service may require “Packaged” service labor requiring a well defined scope of work and contract.
Projects, such as the types discussed above, can require a traditionally managed approach or use a lean, timeboxed approach. For example, if using the lean approach, a timeboxed part of a larger project could be outsourced to an offshore provider of Packaged engineering resources. The customer must then provide a home for all of the intellectual property being generated as the deliverables. A well defined policy and content management system are essential requirements. Fortunately, various tools are already available to fill these needs and more are on the way.
In summary, every company needs to be developing policies and tools for managing the intellectual property produced from multiple, smaller and networked service providers. These providers of skilled service labor can be located almost anywhere in the world. They may be close at hand or at arm’s length. I want to strongly encourage readers from midsized companies to not view this as a problem only for large, multinational corporations. If not now, it will also be your problem in the near future. In future posts, I’ll drill down into these broad ideas and suggest some specific actions. Hopefully, I’ve raised the awareness of those of you who haven’t been thinking about these ideas before now.
Thanks for stopping by. Stay tuned for more…
Cloud Alignment – Part III (Security)
The purpose of this post is to address the issue of the security of cloud based applications from the perspective of the CIO of a midsize company. His focus would be primarily on prudent cost reduction opportunities. I will not attempt to provide an in depth technical discussion here. I will provide some useful links to such discussions. However, I don’t think a midmarket CIO, or CXO, would be well served by loosing himself in the technical details at this point. It’s all evolving too fast.
As I researched this topic I was initially amazed at the amount of information. After I thought about it for awhile I realized that this was a hot and rapidly evolving topic, so this volume of information is to be expected (and I’m contributing to it myself with this blog post). My research has been fairly extensive but not exhaustive. I could have easily made this a white paper taking months. It will also be dated fairly quickly. Like I said, this subject is changing quickly.
The first item of business is a definition of some useful terms. I will standardize on the definitions provided by NIST (National Institute of Standards and Technology). The link to those definitions is here and a link to a cloud computing overview is here. I like the NIST definition: “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” The other document at this site is a 92 page PowerPoint presentation. I think it is useful but lacks sufficient material in the speaker’s notes.
I am a big fan of Gartner’s Hype Cycle diagrams. Over the years I have found them to be a good way of representing the expectations we have of technology. I have included an overview below. A link to the Gartner site is here.
Every technology category is typically represented by a point on the curve. That point is color coded to indicate how fast it is moving through the cycle. If you want more details on this I encourage you to go to their site and sign up for their free registration. In Figure 1 I overlaid a red line on that section of the curve where I believe cloud computing is today based on Gartner’s predictions as well as other sources. We are clearly at or near a peak of enthusiasm and expectations for a new technology.
Figure 1 – Cloud computing expectations
One concern that I have is that when I have talked to people in midsize or small companies making a decision on how to use cloud computing all I hear about is the opportunity for cost reduction. That opportunity is real but the decision is not just about cost reduction. It’s also about risk exposure and that means security concerns. One document that details those risks is from ENISA (European Network and Information Security Agency). Its link is here. Be warned, this document is not for the faint of heart. It is large and detailed but does offer a comprehensive list of risks. Another less detailed source of cloud security insight is provided in an InfoWorld article on a Gartner report. Its link is here.
One thing to remember is that using cloud computing usually means virtualized applications made available over the internet. A useful but detailed discussion of virtualization can be found here. There are several types of virtualization risks such as attacks on the hypervisor, attacks on automated provisioning and problems in digital forensics due to mobile locations of virtual machines. Detailing each of these examples generate a significant amount of information and is beyond the scope of this post.
We should also briefly touch on the major players providing cloud based infrastructure and development environments. The three big names in these areas are the Google App Engine, the Amazon Elastic Compute Cloud (EC2) and Microsoft’s new Azure Platform. For these offerings, you rely on either secure data center operation or the security capabilities of their development tools. Cloud computing is new to most developers as well. Their skills in using these tools are still maturing, including security.
It would be easy to discuss various risks almost indefinitely. However, that wouldn’t address the main concern of making an informed decision on what to do with cloud computing now. As you can see from Figure 1, I placed a red line over the region of the curve which represents the earliest time for mainstream adoption. The period between where cloud computing is today and mainstream adoption starts is a time for trying out this technology. I recommend a trial that doesn’t involve sensitive company data but is non-trivial. Such a trial will provide insight into the management of cloud based infrastructure, applications and working with cloud vendors. It will provide an opportunity to gain experience in relative safety.
For example, I am part of the Google Wave beta program. If interested, check out this link or the Google site. In addition to that, I am working with Itensil on a new product which leverages Google Wave with its other existing products for collaborative, wiki-based consulting project work. For me it’s a great opportunity to learn more about using cloud computing to do something relevant for my business. That work could eventually lead to a significant competitive differentiator. For a business IT alignment consultant, it’s putting my money where my mouth is and aligning some cloud IT to my own business.
For a blog post, this one is long. As a discussion of the security of cloud based computing, it just scratches the surface. The recession has accelerated the adoption of cloud computing and the recovery will accelerate its adoption further. Midsize and smaller companies will be most of the early adopters of cloud technology along with a few large corporations. Security concerns will be the throttle that regulates the speed of adoption. As cloud security is resolved I think we are in for some very transformational times.
Thanks for stopping by and stay tuned for more…
Cisco TelePresence Briefing Review
I attended a meeting of the Greater Houston Partnership’s Technology Cluster Council committee today. It was held at the local Cisco offices. As part of that meeting we got briefings on various Cisco technologies. The subject that really got my attention was the demonstration of Cisco’s TelePresence. Just to be clear, I have no commercial or personal relationship with Cisco or any Cisco employees and will not receive any compensation for what I say. My opinions are strictly my own.
The reason that the TelePresence demo got me excited is that 1) I hate business travel and 2) it could be a major benefit to midsize companies, my primary market. For me, the glamour wore off of business travel long, long ago. Business travel is very important for doing most business and a vital part of building relationships but it’s hugely inefficient. My view is that today people need to meet face to face to build relationships but most other work can be done remotely with the right technology. I want to emphasize that it usually takes several meetings and one-on-one time over an extended period to build good working relationships, so I accept the need for such travel. I’m just saying that today technology offers us a way to minimize the marginal trips. I have had briefings on other video conferencing systems in the past from LifeSize and others but on slightly older technology.
We were taken into a room arranged very much like the images below.
We connected with a person at one of the Cisco offices in California. He then proceeded to run through the features of the system. What I noticed was the attention to details. As the person in California moved from one end of his table to the other, his voice tracked out of the corresponding speaker in our room so that his voice and image drew your eyes to the same place. The resolution was very high quality. We didn’t get into depth on the technical specifications but you can research that topic at the link provided above. If found that keeping the screens at table level made me feel more like the remote site was local. They said that they would have a real-time translation capability very soon (I got permission to say that!) which will be huge. You will be able to have a meeting with an international trading partner and be able to hear your native language and/or see subtitles in your native language. I hope the system will be able to produce a printed transcript of the meeting minutes but that didn’t come up and I forgot to ask.
My imagination got fired up when they mentioned using Wacom tablets with the system. I immediately thought of the model shown below.
I am a manufacturing engineer, IT guy (i.e., geek) and commercial photographer (alas, only part time). I am a very visual person. I visualized a group of people collaborating over a drawing or photograph. Now imagine one of these tablets in front of every chair in the conference room (I’m being creative, not practical). One person has control of the document being discussed. Others can annotate the location of their comments (like drawing a circle around an area of the document) so the editor can make changes. The image is displayed on a screen devoted to presentation materials like the projected white area which appears below the center of the table in the smaller conference room (bad idea) or the overhead screen shown in the larger conference room (good idea). When I asked about this the response is that it’s on their radar (my words) but it is a very hard problem. From that I’m assuming that they are sensitive about that being a good idea but made no commitments about where or if it is on their product roadmap. That’s a fair response since it is a very hard problem.
Now on to my next fantasy. This is a very expensive system. Well beyond the budgets of many midsize companies and all small companies. Let’s imagine Cisco seeding most major cites with conference centers containing several of these meeting rooms. Those conference centers take reservations from the public for video conferences. These systems are complex to build but we were told they are designed to be easy to manage, so the IT support resources should be minimal. To extend beyond the initial locations Cisco sets up a franchise-like operation which allows business partners to build additional centers in each area. Eventually, each urban hub has a collection of these conference centers. At that point, we may have to drive across town but that’s way better than driving to airports, flights, rental cars, hotels, etc.
If any Cisco people read this I hope some of my enthusiasm finds its way into product roadmaps and partner channel management plans. In any event, I appreciated the demo. If anyone has a similar fantasy please post a comment. That’s all for now.
Cloud Alignment – Part II (Overall Performance)
This is part II of my series on some of the practical aspects of cloud computing. In this post I’ll focus on the overall user-centric performance of the cloud computing experience. I’m using this vague phrase because the performance of the user experience is made up of several factors, like Internet congestion, “last mile” bottlenecks, hosting server performance and user PC performance, to name a few. Let’s start by defining some general classes of users.
User Types
The most basic classes of users are those that do all their work in one place with dedicated infrastructure (fixed users) and those users who may do their work from multiple locations, both connected to the Internet and not connected (mobile users). Examples of fixed users are customer service workers, corporate staff jobs like clerical accounting workers, etc. They go to work at the same place every day, sit in front of the same PC doing the same kind of work and then go home at the end of the day and leave their job behind. I hear there are still some of them around these days. Examples of mobile workers are everybody else with a job and a computer. Now we need to focus on the types of data traffic involved.
Data Traffic
Any basic graphic of the use of the cloud consists of a user with a PC, a cloud containing a server and a lightning bolt connecting the two, as shown below. The firewall (brick wall symbol) can either be on the local network or in the user’s machine itself.
I am presenting two scenarios to consider. Scenario 1 is the least demanding on the user end and represents the slowest, lowest cost option. It is the scenario usually implied when we talk about cloud computing. It does require that the overhead of the user interface is moved down to the user’s machine along with the data itself. Scenario 2 is actually representative of a user application which relies on an external host to provide compute power and push data down to the user’s machine. It is the faster but more expensive option. It doesn’t require that the user interface overhead be sent down along with the data since the user interface is already on the user’s machine. Remember, the yellow lightning bolt (the remote connection) is the limiting link in the chain. It is by far the slowest segment of the trip. Now we need to consider the tradeoff between the two scenarios for each user type.
Tradeoff – Productivity vs. Cost vs. Performance
For the fixed user, scenario 1 will probably work well enough to justify the cost savings at the expense of performance. Our definition for this type of user is primarily clerical in nature. However, as we move to the mobile user, things get a little more complicated. The speed of the remote connection link will vary depending on the location of the user. In some cases, the remote connection will be slow or non-existent. If the remote connection is slow the user interface overhead will make a cloud application unacceptably slow. Obviously, if the connection is dropped or not available the point is mute, there is no cloud. There is a subset of the fixed user community that has other issues. There are those who are fixed in their location but are creative types who need the flexibility and richness of local applications. Examples of these people are graphic artists, designers, architects, engineers, etc. For them, browsers are not yet a visually rich or powerful enough user interface for their work. In time, that will change but not now.
The solution for mobile and creative types may lay with composite applications, mashups and hybrid clouds. The discussion of these options is beyond the scope of this post, but check out the links for more information. My main point is that cloud computing is not one size fits all. It’s important to not get caught up in the hype and realize that, with some adaptation, the benefits of cloud computing and acceptable levels of performance are available for all users.
I have provided some video links below that present a somewhat cynical view of cloud computing. While I think that Larry Ellison (Oracle CEO) represents an oversimplified view, he is entertaining. The Forrester analyst offers a thoughtful counterpoint.
onclick="javascript:pageTracker._trackPageview('/outbound/article/www.youtube.com');">Larry Ellison on Cloud Computing " onclick="javascript:pageTracker._trackPageview('/outbound/article/www.youtube.com');">Forrester Research