Enterprise skepticism remains despite cloud benefits, growth

IntroSkeptics still question cloud computing's value, reliability and security, but users who have taken the cloud plunge say those on the sidelines are missing out. This long-running debate over cloud benefits and challenges shows no signs of stopping, even as cloud computing growth increases in a number of enterprises. “There are legitimate security and compliance concerns to be sure,” said Christopher Wolf, partner at Hogan Lovells US LLP, a law firm based in Washington, D.C. that represents cloud providers and cloud services users. “But most of them are manageable.” Cloud disillusionment persists Of the 1,497 respondents to TechTarget's recent Cloud Pulse Survey, 61% use cloud services. Of the remaining 39% that do not, most did not indicate immediate interest; 80% of that minority said they do not plan on using the cloud for at least another year, and 45% said they do not plan on using it at all. Of the survey respondents who don’t plan to deploy cloud services, 38% said their current IT investment is enough, 24% said the cloud's benefits are inadequate to justify a migration, and 18% said in-house virtualization is enough. There was also the perception of poor cloud security among 36% of those respondents, as well as concern over inadequate control of the cloud for 33%. Some IT pros are disillusioned with the entire concept of cloud computing. “I can hardly stomach the term ‘cloud’ anymore because it has become so overused by marketing personnel,” said Eric Kilgore, a member of the information technology infrastructure team for Severstal North America, a Dearborn, Mich.-based manufacturing company. “I just tend to view it as a virtual infrastructure running on physical hardware. At the end of the day, it is still a bunch of computers running software.” Cloud benefits exceed virtualization benefits IT pros who are converts to cloud argue strenuously that there is a significant difference between cloud computing and having an in-house virtual infrastructure. Skeptics are missing an opportunity to easily scale up and lower costs, said Kris Bliesner, CEO of 2nd Watch, a cloud computing consultancy and systems integrator based in Liberty Lake, Wash. “[Cloud] agility is creating a different marketplace for people,” he said. “Now if you need a worldwide infrastructure tomorrow, you can have it.” Other cloud benefits include better security and redundancy, as well as increased cost flexibility, said Michael Mullarkey, CEO of Brickfish, a Chicago-based social marketing software developer for retailers. Brickfish made the move from managed services to Infrastructure as a Service (IaaS) about a year ago. “The NaviSite system that we use automatically adds additional cloud servers for any spike in traffic that we may get,” he said. “Then the next day when it starts to tail off, our rates go back down.” By not taking advantage of the cloud's agility, companies could miss out on business opportunities, he added. When a financial customer wanted its data separate from other Brickfish clients, the company was able to copy its production environment into a new cloud in just four hours. “An opportunity that we would’ve lost in the traditional model we were able to save because we were able to repeat our production environment in such a short time period,” Mullarkey said. Cloud services can also help organizations save on excess software and computing capacity and allow for more efficient collaboration by having data available in a central location, Wolf said. Cloud benefits for security and compliance Despite the persistent concerns, security and compliance are red herrings at this point, Bliesner said. 2nd Watch has customers running HIPAA-, PCI- and ITAR-compliant applications at Amazon Web Services (AWS). AWS is actually more secure than most collocation facilities because it’s impossible for those with access to the physical infrastructure of Amazon’s datacenters to identify which servers are assigned to which customers, Bliesner said. Furthermore, it’s possible to encrypt data both in transit and at rest within Amazon’s cloud, and private keys for this encryption are generated within the customer’s browser, on the customer’s network, so Amazon never has access to them, he said. The responsibility for security and compliance beyond certifications for the physical facility lie in the hands of cloud customers. “You can build a really simple application that has no security controls on it, that only runs on one server, and if Amazon has any outages and any issues, your server’s going to fall over and you’re going to have service issues,” he said. “Or you can build [a] rock-solid, bulletproof, highly secure infrastructure that has multiple places of redundancy, no single point of failure, and you can take down multiple datacenters and still take on production load.” Cloud applications still pose hurdles That's not to say cloud computing doesn't have its drawbacks. Take application suitability, which forces businesses to rewrite or convert workloads for the cloud, for instance. Fifty-five percent of survey respondents who use public cloud services and 62% of those who have deployed private clouds identified application suitability as their biggest challenge. Some applications, particularly those that rely on very large machines or data sets (otherwise known as scale-up workloads), simply aren’t appropriate for the cloud, said James Staten, analyst with Cambridge, Mass.-based Forrester Research Inc. “IT has a real credibility gap growing with the business because they can’t respond fast enough, [and] they’re not tapping into new innovative technologies," Staten said. “And so the business tends to go around IT to get this stuff. If IT can proactively begin learning about the cloud and proactively begin making it available to the business, they can start to close that gap.”