Ensuring the value of cloud
Mon 9 Feb 2015
George Reese, senior engineer and executive director, Cloud Solutions at Dell looks at the future of cloud, Dell’s response to market demands, and the importance of API security in the IoT space.
Future cloud developments
Moving into 2015, I see a pair of key developments in cloud computing. Firstly, by the end of the year, the critical showstoppers for production deployment of containerized applications in the enterprise will have been addressed. Consequently, containers will likely become the delivery mechanism for cloud applications in an enterprise context. It would not shock me, however, to see some challenges as the technology gains greater scrutiny from the information security field.
Secondly, true cloud brokerages and marketplaces will begin to gain foothold in some sectors. However, they still have some time before there is widespread adoption of these models of cloud consumption. The above evolution of containers will be a key technical enabler.
Cloud itself has been a tremendously hyped term and so many interests have attempted to co-opt the term to support their agenda. Businesses have gone to the cloud to achieve the agility that “on-demand, self-service” makes possible. Unfortunately, IT and operations have historically been focused on things like cost while businesses want to achieve agility. The cost benefits of cloud have been overhyped as well. Whether cloud is cheaper or more cost effective than other modes of consuming technology depends on so many context-specific variables. But the cloud is undoubtedly a more agile delivery mechanism and has provided real benefits to the business.
Dell, in particular, is focused on helping customers in three main areas: to build cloud environments, manage and integrate cloud environments, and deliver cloud services. We help customers build clouds with holistic solutions including infrastructure, software, services and private cloud partnerships to meet each customer’s unique needs. We also help them manage and integrate public, private and hybrid clouds so they can get the most out of their cloud environments. Lastly, we have a broad public cloud partner ecosystem and a cloud brokerage model that helps customers deliver and consume cloud services in the ways they need for their business.
Not only is there no true “one size fits all” cloud solution, but even within an organization there are many different needs when it comes to consuming cloud services. That’s why Dell promotes cloud choice and flexibility, including private, public and hybrid cloud environments.
Many of the choices made by different private cloud platforms make them inherently good for some problems and poorly suited for others. The same thing applies to public clouds. A typical enterprise may need a combination of a general purpose cloud provider, a cloud provider aligned with one or more of their private cloud platforms, and one or more regional or community (e.g. healthcare) clouds.
The hybrid cloud generally refers to the combination of private and public cloud into a single infrastructure. With today’s current cloud technology, you often have to care about those security and operational details. Some systems simply have to sit behind your firewall in your control because you need the visibility into the operations of those systems to satisfy regulatory or other kinds of compliance demands. Whether or not you can run your infrastructure more securely than the cloud provider, the cloud provider can never provide greater visibility into their operations than you will have from your own. Sometimes, compliance demands that kind of visibility. In addition, sometimes you need very specific hardware to meet performance objectives and public clouds—almost by definition—can’t meet the needs of purpose-specific computing. For all of these reasons, Dell believes that a mature cloud strategy includes both public and private components and Dell Cloud Manager can bring them together under a single governance model.
Cloud computing is the next logical extension of the Internet which was built on top of open standards and open architectures. Dell has a long history of championing open standards and architectures across multiple technologies. We’ve been committed to openness with respect to cloud for the many different flavors of “open” that people use. We’ve been actively engaged with the OpenStack community since its inception. We have made available to the public under the Apache license and built a community around the Dasein Cloud API for accessing cloud resources. We sponsor the Cloud Standards Customer Council to ensure customer choice and flexibility. Finally, the systems we build for the cloud have always looked to open standards as a means for integrating our solutions with the wider cloud ecosystem.
In terms of governance, the primary challenge is simultaneously exercising proper governance and security over data and systems being deployed in cloud environments without killing the value proposition behind cloud—the agility that it empowers. IT and operations tend to focus on control as the chief weapon in their governance toolkit. Control kills agility. The path to success is to gracefully reduce control points while increasing governance capabilities. Automation of governance through tools like Dell Cloud Manager can help the CIO achieve that objective without compromising the value proposition of cloud.
IoT and API security
The IoT world does seem to be evolving to an “API-first” mentality which is what is driving ecosystems in the IoT space. When manufacturers of “things” stick an open API on their “thing”, they enable so many uses of their devices that they themselves never dreamed of.
The critical first step is for IoT vendors to put security first. Going beyond that first step, however, is worrying about what happens when you attach all of these devices—talking to each other through their APIs—to the cloud. How do you prevent one device or manufacturer from abusing its API access? How do you develop a security model that meets both local needs and cloud-connected needs? All these questions are being considered now and we’ll see major movements on these in the coming years.