White paper impact of-cloud-on-the-data-centre


Published on

“Cloud hype continues to mount,” reports market researcher International Data Corporation, “but underneath the hype, enterprise IT really is evolving. There are essentially two categories of cloud services — public cloud services are available to anyone with the means to pay, while private cloud services are dedicated to a single customer or small group of customers.

  • Be the first to comment

  • Be the first to like this

White paper impact of-cloud-on-the-data-centre

  1. 1. I D C A N A L Y S T C O N N E C T I O N David Bradshaw Research Manager Applications and Solutions IDC EMEACloud and the DatacenterSponsored by: ComputacenterOctober 2012Cloud hype continues to mount, but underneath the hype, enterprise IT really is evolving. Thereare essentially two categories of cloud services — public cloud services are available to anyonewith the means to pay, while private cloud services are dedicated to a single customer or smallgroup of customers. There is also a lot of discussion of building internal private clouds withinorganizations. Though there is no absolute dividing line between a highly virtualized environmentand an internal private cloud, the latter will generally have billing to the user department based onconsumption.IDC survey data reveals that while adoption of cloud services — in particular public cloud services— is widespread, it remains shallow in the majority of organizations in Western Europe. Astaggering 98.9% of organizations interviewed claimed to use at least one cloud service.However, the most widely used cloud service, Web conferencing, requires relatively little changein corporate IT. If Web collaboration is discounted, still 91.5% already use public cloud services(either limited or full-scale use) and 23.4% have multiple cloud services in full-scale use.However, if we look at the cloud services that generally have high numbers of users and require amuch greater commitment to cloud, such as CRM and HRM, the proportion of organizations usingthese is lower.Overall, cloud services are already widely used in business, but as yet they represent a smallportion of most organizations IT. However, usage of cloud of all types is growing rapidly and if thefuture is anything like the past, economic woes will encourage more CIOs and businessmanagers to consider cloud services. So IT must have a strategy for cloud.Cloud Challenges for User OrganizationsAs we have established above, unless you are one of the 1.1% who have only got as far asevaluating cloud, your organization is already using cloud services whether or not you areinvolved. And CIOs should involve themselves in any usage of public cloud services, advisingwhat uses of cloud are appropriate and what uses are inappropriate.There are challenges to maintaining this control in the face of the increasing consumerization ofIT, with staff using their own IT in preference to corporate devices and applications. Theapocryphal story is of the CEO turning up on a Monday morning with a new iPad and demandingthat IT connects it up to all the information the CEO needs to manage the business. However,staff of all ilk are using their own mobile (and other) devices for work purposes, and this trend willcontinue. CIOs therefore have to ensure that the key systems used by the workforce can worksecurely with a range of different endpoint devices. Crucially, this is one area where cloud serviceproviders often have helpful experience.
  2. 2. Another issue is employees adopting their own cloud services and using them for work purposes.Two widespread areas are personal Web mail accounts being used for work purposes and as abackup for when the corporate mail goes down, and cloud file and folder sharing services such asDropbox being used to share and synchronize files between colleagues.A more extreme example is when entire business units have gone out and subscribed to a set ofcloud services, such as CRM or HR/talent management, to supplement or completely replace theservices from their corporate IT group. Typically these business units will say that they have abetter service and are delivering better results, but this can also have indirect drawbacks, forexample when the cloud services are not connected back into the corporate back-end — thoughthis is becoming less of an issue.Widespread use of these "shadow IT" services potentially means there is a disconnect betweenthe IT provided to employees and the services the business users want, probably due to businessrequirements changing faster than IT has been able to move. The constructive approach is to findways that meet the employees needs in a mutually satisfactory way, for example finding servicesthat are convenient for the employees but also secure and compliant for IT.How do enterprises decide what is appropriate to place in the cloud? Clearly the first priority isthat the cloud service chosen should deliver stronger business value than alternative ways ofmeeting the same need, such as lower implementation costs, faster implementation, lower (or no)capital costs, better fit to business needs (particularly from using try-before-you-buy to robustlyevaluate the business impact of cloud applications), lower ongoing costs, and an exit from thesoftware version upgrade cycle. However, there are some serious governance issues related tothe cloud that can determine which vendors you can use or indeed if you can use cloud servicesat all. These include:• Data location. Cloud services (and again, particularly public cloud services) have datacenters in different countries, which may or may not include your home country, but often include the U.S. There are issues over data being located in the U.S., but the Patriot Act is not one of them, as all countries have similar legislation; rather this issue is in U.S. civil litigation, with U.S. courts able to grant sweeping rights of "discovery" to uncover evidence stored on cloud services in the U.S. However, if you have a presence in the U.S., you are already potentially at risk to this kind of action, and moreover these powers are beginning to be used in European courts.• Data security. Ensuring that your data is at least as safe and secure as it would be on your own servers is a key part of any vendor selection process, whether you are considering public or private cloud services, or indeed any type of service that entrusts your data to third parties. Increasingly cloud services providers are seeking third-party certifications for their operations, and these will cover data security. However, data security is a war of attrition between data owners and would-be data thieves. Ultimately, you must be assured that any cloud services vendor is capable of fighting this war at least as well as you could.• Duties and responsibilities. When you use the services of a cloud services provider, you continue to be the data controller while the cloud services provider is the data processor. It therefore remains your responsibility to ensure that there is adequate protection of the data stored on the cloud service, including any personal data relating to your customers or employees. You therefore have to be proactive in ensuring that your service provider is carrying out its work to a satisfactory standard. This requirement is not new, and it is the same for any external data processing service, from individualized outsourcing services through to standardized public cloud services.• Portability. How easily can you take your data and processes from one cloud to another, or indeed move them back into conventional IT should you want to? Generally, moving data is less of an issue — though this does depend on the volume of data — but moving processes can be troublesome when they are embedded in the cloud service itself. 2 ©2012 IDC
  3. 3. • Service level agreements. There is a considerable amount of variation in the level of service levels that vendors are willing to commit to. Indeed, some vendors offer no guarantees at all, instead pointing to their track record.Is there a "right" balance between cloud and conventional IT? IDC believes there is, but it will bedifferent for every organization, and it will likely change over time.Cloud Impact on the Corporate DatacenterThe range of cloud services offering alternatives to on-premises IT grows day by day, and thereare some (typically quite small) organizations that rely entirely on cloud services for their ITneeds. But for organizations of any size, there are huge swathes of core IT that have to beprovided by conventional on-premises systems. There is therefore going to be a continued needfor the datacenter to play a vital role in supporting corporate systems that cannot (yet) move tothe cloud.On the other hand, cloud brings key benefits set to transform the way IT is consumed within theenterprise, including:• Cost. When all costs are taken into account, cloud will typically be a cheaper alternative to traditional IT premises-based delivery. One of the largest costs of internal IT is the periodic version upgrade of business applications; in contrast cloud applications are continuously enhanced incrementally at the vendors expense. On-premises software vendors say they are reducing the cost of version upgrades, something they have to do to compete with cloud services, but we remain skeptical that this will entirely remove all the periodic upgrade costs.• Flexibility/agility. Many cloud services offer a high level of flexibility with the ability to turn servers and storage on and off and pay for what you use. This is a key advantage compared with traditional IT delivery models.• Speed. In services like IaaS, arrays of virtual servers can be instantiated in minutes and taken down again equally quickly.• Utilization. Cloud gains much of its efficiency through very high utilization, with many cloud service providers datacenters running at 50% or higher utilization. In contrast, many enterprises run their datacenters at 10% or less. Cloud services vendors have certain advantages, for example their customers have contrasting usage profiles, and they can aggregate usage from a wide range of time zones, not least by datacenters in one region acting as remote backup at night to other regions systems that are in work time. Actions like these drive utilization and therefore cost efficiencies still higher.• Standardization. Every part of the datacenter is highly standardized, albeit sometimes to the vendors proprietary standards, which makes the datacenter much easier to control and manage, and for failed serves or storage units to be swapped out and replacements fitted.• Automation. Cloud datacenter operations are highly automated, deploying and removing loads, for example, typically requiring no intervention from the service providers staff.• Green. As a result of the high levels of automation, standardization, and utilization, they tend to have significantly lower environmental impact than traditional IT systems for the amount of processing work they perform. Indeed, many cloud vendors publish their green credentials as a marketing exercise.Corporate datacenters (and this includes mainframe environments) will progressively bebenchmarked against cloud datacenters, and this will lead them to gain the characteristics above.To achieve this, IT will have to embark on measuring, understanding, and predicting the demandsfrom the different workloads that it currently supports internally and also those that are supportedby external service providers across the spectrum from outsourcing to public cloud services.©2012 IDC 3
  4. 4. Cloud, the CIO, and the CIOs TeamWhether it represents a small or large part of an organizations future IT vision, cloud needs toform an integral part of the IT strategy — not standalone as a separate silo. Best practice showsthat organizations taking full advantage of what the cloud — in various forms — has to offer arethose able to articulate clearly which of their requirements are best served by cloud services and,more importantly, which flavor of cloud (public or private), particularly in the short to medium term.Before cloud services appeared, the move toward IT outsourcing meant that the CIOs role hadalready begun to evolve toward supporting the corporate business processes and enabling theorganization to innovate through IT. Cloud accelerates this change, while at the same timehanding back more granular control over business processes than is usually possible inoutsourcing. Of course, the CIO and other members of the team are still responsible for corporateIT of all kinds, but this has to be seen as the means to an end and not the end in itself. Yes, ITpeople often talk about delivering business outcomes, but often that ends up being an IT objectivethat may have little obvious connection to users business requirements. Cloud changes the gameand means the IT organization needs to increase its business skills.The IT department also needs to deal with users in a new way. As observed earlier, there is agrowing tendency for users to adopt "shadow IT" to get around the shortfalls (real or imagined) ofcorporate IT. On discovering any shadow IT, the reaction should not be "No you cant do that" but"Yes you can do that, and heres a way of doing it better and more securely."In conclusion, CIOs who ignore cloud do so at their peril and cost. There are risks and challengesinvolved in embarking on a cloud strategy, as there are with any major IT innovation, and theserisks and challenges need to be properly assessed, considered, and met. The greatest risk is notusing cloud at all, and allowing competitors to overtake you. But not far behind this risk is thinkingof cloud primarily as a way of saving costs or capital when introducing greater agility, flexibility,and speed into the IT portfolio. Finally, and almost equally important, is the risk of leaving thebusiness to introduce its cloud strategy without you. A B O U T T H I S A N A L Y S T David Bradshaw is research manager for public cloud services in Europe, and the focus of research is on the development and competitive environment of the software-as-a-service (SaaS), platform-as-a-service (PaaS), and infrastructure-as-a-service (IaaS) markets in Europe, the vendors that are active in these markets, and the ecosystems around the European public cloud services market. Prior to joining IDC he had a long and varied career at Ovum, where he was principal analyst of the Software Group, practice leader for CRM, VP of consulting for North America, principal consultant in convergence markets (such as unified communications and contact centers), and service manager of computing services in Europe. Before becoming an analyst, Bradshaw was a market researcher and a technology journalist/editor. Bradshaw has an MBA from City University London and a bachelors degree in physics from Oxford University. He is a full member of the Market Research Society. Follow him on Twitter at http://twitter.com/SaaSEurope.A B O U T T H I S P U B L I C A T I O NThis publication was produced by IDC Go-to-Market Services. The opinion, analysis, and research results presentedherein are drawn from more detailed research and analysis independently conducted and published by IDC, unlessspecific vendor sponsorship is noted. IDC Go-to-Market Services makes IDC content available in a wide range of formatsfor distribution by various companies. A license to distribute IDC content does not imply endorsement of or opinion aboutthe licensee.C O P Y R I G H T A N D R E S T R I C T I O N SAny IDC information or reference to IDC that is to be used in advertising, press releases, or promotional materialsrequires prior written approval from IDC. For permission requests contact the GMS information line at 508-988-7610or gms@idc.com. Translation and/or localization of this document requires an additional license from IDC.For more information on IDC visit www.idc.com. For more information on IDC GMS visit www.idc.com/gms.Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com.IDCAC06U 4 ©2012 IDC