Cloud Computing – Getting serious about the Cloud
Getting serious about the Cloud
Telecom, banking and oil & gas are more open to cloud computing and Indian companies are going in for a hybrid model. By Manjari Juneja
Large enterprises started building their own private clouds. Traditional outsourcing providers started offering cloud environments where SaaS providers could come onboard and provide services. The year also saw the advent of new features and offerings with many big companies jumping into the public cloud segment with Microsoft announcing Azure, VMware announcing vCloud and Amazon announcing EC2 Windows Server. Some technologies that picked up in 2009 included virtualization as well as e-mail and content management in the cloud.
Minhaj Zia, National Sales Manager, Cisco India & SAARC, added, “On-demand services and SaaS solutions capitalize on the ubiquity and real-time availability of the Web to deliver a new breed of business applications that offer greater collaboration and productivity features via a ‘pay-as-you-go’ subscription fee structure. These solutions also eliminate the infrastructure, installation, maintenance and support costs of the past. Organizations no longer have to acquire additional hardware or hire additional staff to support their business requirements. Instead, the SaaS provider assumes this responsibility as a part of guaranteeing the availability and performance of its solutions.”
It has been a particularly busy year in the cloud computing space. In February, Microsoft announced SQL Azure Database for its Azure cloud computing platform. The offering is an alternative to Windows Azure Table, a non-relational storage system. In April, Google added support for Java to its App Engine application-hosting service. Previously, the cloud-based service supported only Python. In June, Salesforce released the Force.com Free Edition, expanding its cloud applications hosting offerings to include an entry-level option. In October, Amazon released its Relational Database Service (RDS), which brought the MySQL database to its Electronic Compute Cloud (EC2).
Diptarup Chakraborty, Principal Research Analyst, Gartner, commented, “Although cloud computing has been the talk of the town, we did not see any significant deployments happening. Customers were talking and taking interest but there were not many deployments. Things might improve this year. Most large enterprises will go for private clouds while SMBs and consumers will opt for the public cloud going forward. 20% of infrastructure related services are going to be on the cloud by 2011. Also, security will be an overriding concern when it comes to cloud services.”
Seema Ambastha – Director – Systems Engineering & Technology, VMware, said, “Virtualization will affect most organizations in one way or another during 2010. Infrastructure consolidation is a big driver for virtualization followed by business continuity, disaster recovery and utility which are the new growth engines. In 2010, IT departments will continue to optimize financial energy by reducing capital and data center costs to get more done with less, shift human energy from servicing hardware to driving the business, and save the earth’s energy by using less power, cooling and real estate.”
Private vs. hybrid cloud
Vikas Arora, Vice President-Delivery, Astadia Global Development Center, said, “Cloud computing in India will primarily be hybrid, and private cloud applications will eventually be moved to the public cloud by the end of 2011. The adoption of the hybrid model in India is due to the existence of multiple vendors in private cloud computing where a lot of integration is required to achieve complete business objectives. The hybrid approach will grow whereas private clouds will start diminishing as cloud computing matures in India.”
Ram Krishna G., Technical Head, SANVEI Overseas, added, “Large corporations will go for private hybrid clouds. The market will however support several micro, small and medium enterprises (MSMEs) and this would drive the public cloud market.”
In this scenario, there is tremendous scope for hybrid clouds to thrive in India while comparatively fewer organizations can afford to have dedicated private clouds.
Brian Cohen, Chief Technology Officer, iSOFT, said, “It’s understandable that conservative CIOs are reluctant to jump into something new. In an economic slump, CIOs look for proven rather than relatively immature technologies. It could take a few years before the momentum picks up and the market accepts that cloud computing is fundamentally an easier way to get into hosted services.”
Cloud computing brings with it unique security risks, making cloud security an important factor. Even more vital are governance mechanisms that build on top of security and risk management. Governance will be the initial driver that will ensure compliance for data security and privacy.
Vishal Dhupar, MD, Symantec India, said, “When it comes to security on the cloud, concerns include fear about data being transmitted and stored by a cloud services provider, keeping it safe, and preventing it from being lost or stolen. Users often wonder about unproven cloud vendor security practices and the virtual separation between infrastructure and clients. When we discuss security in the cloud, enterprises need to ensure that their privacy and security compliance needs are met, including secure access when connecting to cloud services—such as authentication or authorization, endpoint security validation, and security in the data center.”
Cloud security will be of significant importance particularly to enable the virtual partitioning of the larger physical cloud infrastructure. It will also be significant from the point of view of adoption where users of the cloud have to entrust their partial or complete experience to a platform that is managed by someone else.
David Rosengrave, Practice manager of IT solutions and global services, Verizon Business, said, “Security is one of the most important factors which should be taken into consideration before moving onto a cloud platform. In cloud computing, servers, network capabilities and storage are provided to the enterprise as a service. In turn, data is delivered from the enterprise to the cloud, with attendant concerns about letting sensitive information move outside the company firewall. These concerns must be adequately addressed. Industry standards and regulations such as HIPAA, the Payment Card Industry Data Security Standard (PCI-DSS), the Gramm-Leach-Bliley Act (GLBA), and the Statement on Auditing Standards 70 (SAS-70) have very defined and measurable security requirements. For cloud computing to be viable, providers must adhere to the same standards and controls that an organization would impose in house.”
Bhaskar Bakthavatsalu, Regional Director, Check Point Software technologies ltd, India & SAARC, said, “As cloud computing is rapidly picking up traction with businesses, its inherent security risks are becoming more apparent. When you use services on the cloud, you probably won’t even know exactly where your data is hosted. In fact, you might not even know which country it is being stored in. Customers are ultimately responsible for the security and integrity of their data, even when it is held by a cloud service provider and data in the cloud is typically in a shared environment alongside data from other customers. The customer should verify whether a cloud service provider’s internal security is strong enough to avoid business continuity disruptions.”
Companies that build and design the products based on a cloud computing architecture shall see some fragmentation with new leaders such as Google App Engine or Force.com emerging. Fragmentation is a natural part of evolution and dynamic growth, eventually demand will drive consolidation of disparate cloud APIs to a common form that accommodates individual extensions, but until then the commoditization of cloud APIs and infrastructure is still some time away.
For building scalable and efficient cloud applications, developers would primarily need tools and not necessarily a lot of APIs. There could be a universal API that abstracts the underlying infrastructure APIs. Developers would want to reuse existing methodology and processes and use software similar to 4GL tools making it easy for them and thereby improving productivity.
Renganathan Kasthurirengan, General Manager, Application Services, CSC India, said, “As cloud adoption is widespread across businesses, this will definitely become an issue. Standards are being evolved around these APIs but this is happening at a slow pace. Standardization is required not only around APIs but also across virtual machine and data formats. The way to overcome the fragmentation of developer bases is to standardize APIs across cloud vendors, at least have an abstract layer as an interface, and then the individual cloud vendors can have their own underlying implementations.”
Ramachandran Narayanaswamy, VP & Head, Network & Storage group, MindTree, said, “There would be a natural fallout of lack of standards. As in any software led industry, a de-facto standard would emerge. Both developers and adopters would automatically gravitate towards the leader and would contribute to widespread adoption. The ones that are easy-to-deploy or easy-to-migrate to and can peacefully co-exist with the current model will have a higher chance of success.”
Mukesh Kumar, Founder & CEO, QA InfoTech, said, “At present, cloud computing is at a nascent stage. Amazon S3 and EC2 APIs are almost monopolizing the industry at this point of time. However, of late, several new providers are offering their own APIs. For example, there is the Xen cloud platform from Citrix, vCloud from VMware, Delta Cloud from Red Hat, Sun’s Cloud API, Rackspace Mosso, Dasein Cloud, Microsoft Azure etc. To reduce fragmentation, developers could firstly use a standardized set of core cloud concepts and stick to common functionalities provided by all providers. However, this will restrict innovation but shield against vendor lock-in, API lock-in etc. Secondly, they could use libraries that provide a wrapper to access different clouds (e.g. Libcloud for python). Thirdly, cloud APIs are easy to work with. So it is easier to write your own tools using a particular API if you are sticking to basic functionality but changing to a different provider.”
Sundararaj Subbarayalu, Partner – Convergence, Healthcare and Technologies & Founding Team Member, Anantara Solutions, said, “Cloud providers have well-defined APIs for scaling out applications into the cloud architecture. User organizations can use the application in-house, and get the benefits of elasticity and service model once there is a need to scale out on unexpected or seasonal demand. It is necessary that the developer should get himself adequately trained to leverage the features on the cloud platform. The learning curve should be considered based on the cloud providers that they deal with. The developer community would also need to embrace a different mindset and should take an architect’s view of the application while developing cloud-based applications.”
Cloud as a means of disaster recovery
Cloud storage could be considered as one of the alternatives for low cost, efficient disaster recovery. However, it would need to be supported by a robust disaster recovery mechanism and proper governance; without which storage in the cloud would be inefficient for disaster recovery.
Cloud computing offers services on a highly available grid where data and applications have increased mobility and usability with redundancy and disaster recovery implicitly built in. Therefore, if data and applications, as well as their users are highly mobile, the case for having the data and applications living in a single different physical location (the traditional notion of disaster recovery) to protect its availability is redundant.
Sanjay Deshmukh, Area Vice President, Citrix, India Subcontinent, said, “Disaster recovery involves much more than simply restoring an application server. Ensuring that the data is protected from natural and human disasters is an important aspect of this, which requires off-site storage of data. Both of these problems can be addressed with the current crop of cloud storage backup offerings that are available. By providing automated backup, data is actually backed up. By doing so to a remote site, a moderate degree of disaster recovery is also provided. The data is protected from local disasters, including fire, theft, floods, tornados and human errors by maintaining copies of files safely and securely off-site.”
Disaster Recovery Management Systems or Solutions (DRMS) enable extensive service delivery transparency and auditing, through automation. Infrastructure-as-a-Service presents several opportunities for disaster recovery solutions in the cloud. Disaster recovery solutions require infrastructure (space, power, servers, storage, networks, bandwidth) and application software on the DR site. Traditional DR solutions employed dedicated infrastructure for each production application. This resulted in huge costs and prevented many organizations from deploying DR solutions. Even those who deployed DR, limited its scope to mission critical and business critical applications.
Today, most data center providers in India are looking to offer DR cloud services in various forms be it Wipro or Reliance. Wipro has been offering DR Management Services using its DR cloud infrastructure to several customers already. DR drills are routinely conducted in a reliable manner for the customers and SLA reports furnished on a periodic basis. The drill times have reduced dramatically and the reliability increased significantly. Most of all, customers have the expertise of the service provider with them, in the unforeseen circumstance of an outage.
Abhinav Karnwal, Product Marketing Manager-APEC, Trend Micro, said, “Business operations need to stay online when a catastrophe strikes. An earthquake, flood or a power outage anywhere in the world could instantly knock anyone’s business offline. A hot backup in the cloud spins up when your primary site is down. An on-demand backup facility is a lot cheaper than physical investments as companies invest in contingency planning. One way of disaster recovery would be direct connectivity from one cloud-computing provider to another, giving users the ability to replicate data. Alternatively, users could set up virtual-machine farms internally that push the data to the cloud for backup.”
Shreekanth Joshi – Associate Vice President & Practice Head for SaaS and Cloud at Persistent Systems Ltd., said, “Cloud storage would need to be supported by a robust disaster recovery mechanism and proper governance without which storage in cloud would be inefficient for disaster recovery. Enterprises opting for cloud storage would benefit from the cost, scaling, compliance with regulatory norms and the ability to have multiple redundancies such as geo-replication and the type of storage that is provisioned from day one. Benefits such as these, assure recovery in the case of any possible failure.”
Over the next fiscal, the adoption of this technology would be widespread. The acceptance of cloud computing in India would be fuelled by the need for improved data services. Although, it would be limited to trials and test pilots for now, there would be an uptick as the number of enterprises and ISVs evaluating its feasibility increase.
Susan Hyland, CEO, Mastersoft Research, said, “Just like enterprise application integration and identity management, cloud computing will also have to undergo some more growth before reaching a consolidation phase. In that growth, there will be even more innovation and efficiency gains in the platform and both applications of and the volume of data in those applications will continue to grow.”
Sanjay Singh, Managing Director & VP, Global Services and Support, Akamai India, said, “We believe that some key problems will continue to persist. Network anomalies, globally dispersed users, their distance from the cloud infrastructure and outages continue to affect performance & availability that can further hamper business continuity. These problems can be solved by using a distributed cloud optimization service that can overcome Internet bottlenecks effectively.”
2010-11 is going to be a year of rapid expansion of service offerings and widespread adoption. The key point is that one is related to the other as long as they are moving forward hand-in-hand. If one of them falls behind, it will automatically pull the other one down as well. There will be greater impetus on CIOs demanding a financial model detailing out the cost benefit analysis. Enterprises would roll out a rapid change management program within the IT organization as the whole delivery model would need to undergo massive reorientation while moving into the cloud.
Jeremy Cooper, VP- Marketing, APAC, Salesforce.com, said, “Salesforce.com is bullish about India’s appetite for running and developing enterprise applications in the cloud. We currently have hundreds of customers and 30,000+ developers in India alone. We intend to increase our presence in India to capitalize on pent up demand from small and large enterprises looking for enterprise-class CRM that can be implemented in days or weeks, versus months or years. We also see an opportunity to work more with developers in India. We believe that we are going to see more innovations coming from India in the next few years.”
Concluded Vikas Arora, Group Director- Cloud Services, Microsoft India, “2010 is going to be the beginning of the serious adoption of cloud services by enterprises. 2009 saw tremendous growth in creating awareness of the value proposition of both public and private cloud environments. The private cloud market has been identified as one that is growing at a significant pace amongst enterprises who are embracing it wholeheartedly today.”