Despite the fact that cloud computing is one of the fastest growing global IT trends, there are those who consider the technology 'too risky' and question the levels of data security and transparency in the cloud.
In a bid to reassure the sceptics, the UK-based Cloud Industry Forum (CIF) launched a code of practice last month (November 2010) designed to assist members to develop “a clear, professional and trustworthy approach to the delivery of cloud services”.
Key objectives of the code include an accurate definition of the services offered by cloud service providers, with detailed explanations of how they will impact business processes, their level of integration with existing technologies and how cloud adoption will enhance data security.
Coinciding with the CIF announcement was the European Union's decision to fund a three-year research project intended to allay security concerns about the cloud.
Risky business
And earlier in the month the Asia Cloud Computing Association, an open collaboration forum based in the Asia Pacific region, launched its own initiative to address challenges to the adoption of cloud computing in Asia, including “privacy and security concerns, compliance and regulatory mandates, licensing models, service levels, and other market risks”.
There is a strong sense of urgency in the UK, Europe and Asia to have these and other concerns resolved by industry collaboration, allowing stakeholders to work in partnership on issues specific to these regions, with the goal of enabling faster and more efficient adoption of cloud computing.
All three initiatives could have implications for organisations on a global scale, including South Africa, where security concerns seem to dominate any cloud discussion, shading possibly more relevant, growth inhibiting issues such as low penetration of bandwidth in rural areas, and government policies more aligned with traditional computing models.
Many South African organisations ignore the widespread informal use of cloud-based applications by their staff, including gmail and Facebook.
Martin May is regional director of Enterasys Networks.
Ironically, many South African organisations - in the public and private sectors - ignore the widespread informal use of cloud-based applications by their staff, including gmail, Facebook and other social networking sites.
This amounts to widespread tacit acceptance of the cloud. All that's needed now is a code of best practices and standards to give local companies confidence that suppliers are able to assist with the formal adoption of cloud computing in a structured way. This will give South African companies better clarity of purpose and confidence in their choice of service provider.
In common with the CIF's code, the local equivalent will need to define best practices for cloud computing, highlighting provider capability and accountability. A key objective should be to identify providers capable of delivering a resilient cloud service with operational practices, and procedures capable of being measured against accepted industry benchmarks.
Some of the benchmarks that might be unique to South Africa could centre on data storage, management and power saving. Others could hinge on the location of data and where transactions are taking place.
Asked and answered
Simply put, the local code should be able to help customers answer questions such as 'where is my data held?' and 'where is the service provider physically located?'
These issues may raise tax and legal compliance issues for organisations, according to Deloitte, one of South Africa's leading professional services firms. There might also be exchange control implications for e-commerce transactions, according to Billy Joubert, tax director at Deloitte, in an article on the firm's Web site.
Many industry watchers expect cloud computing to play a fundamental role in re-shaping how telecommunications service providers offer applications to end-users and how their internal systems are implemented.
In this light, an important issue that needs to be addressed is the question of open standards in the cloud to avoid vendor lock-in. It's a thorny subject. Many cloud vendors pay lip-service to the concept while offering different paths to realise this objective.
A failure to achieve interoperable standards across the cloud environment will hinder data portability - a potentially catastrophic situation in the telco industry.
There is a need for speed. The sooner open standards for cloud computing are set, the faster organisations will come to terms with a full migration to the cloud and begin to realise the economic benefits cloud computing can offer.
As the IT industry has found so often in the past, end-users will more readily commit to a technology when they know which standards are being enforced.
Share