Professional Documents
Culture Documents
Defined
http://www.networkworld.com/supp/2009/ndc3/051809-cloud-faq.html bookmark
http://cloudcomputing.sys-con.com/node/612375 bookmark
http://www.networkworld.com/newsletters/frame/2010/021510wan1.html?
source=NWWNLE_nlt_wan_2010-02-16 bookmark
Security
http://www.infoworld.com/d/security-central/it-pros-divided-about-security-virtualization-
cloud-computing-439?source=IFWNLE_nlt_sec_2010-02-22 bookmark
http://www.networkworld.com/news/2010/030410-rsa--ciso-cloud-security.html?
source=NWWNLE_nlt_daily_pm_2010-03-05 bookmark
http://www.infoworld.com/d/cloud-computing/cloud-securitys-pr-problem-shouldnt-be-
shrugged-776?source=IFWNLE_nlt_sec_2010-04-27 bookmark
• Mobility: The explosion of mobile devices has created a new set of challenges for IT
execs.
• Pack rat nation: How companies are coping with the escalating problem of data
storage
• Best of NDC: from tools in use to strategies in play
• The virtual spectrum: How virtualization is coloring your world
• Blazin’ apps: How to optimize for great end-to-end performance
• The next stop for storage: a travel guide to the latest developments
Read more about data center in Network World's Data Center section.
All contents copyright 1995-2011 Network World, Inc. http://www.networkworld.com
"What is cloud computing all about? Amazon has coined the word “elasticity” which
gives a good idea about the key features: you can scale your infrastructure on demand
within minutes or even seconds, instead of days or weeks, thereby avoiding under-
utilization (idle servers) and over-utilization (blue screen) of in-house resources. With
monitoring and increasing automation of resource provisioning we might one day wake
up in a world where we don’t have to care about scaling our Web applications because
they can do it alone."
-Markus Klems
"For me the simplest explanation for cloud computing is describing it as, 'internet centric software.' This new cloud
computing software model is a shift from the traditional single tenant approach to software development to that of a
scalable, multi-tenant, multi-platform, multi-network, and global. This could be as simple as your web based email
service or as complex as a globally distributed load balanced content delivery environment.
I think drawing a distinction on whether its, PaaS, SaaS, HaaS is completely secondary, ultimately all these
approaches are attempting to solve the same problems (scale). As software transitions from a traditional desktop
deployment model to that of a network & data centric one, "the cloud" will be the key way in which you develop,
deploy and manage applications in this new computing paradigm."
- Reuven Cohen
"I view cloud computing as a broad array of web-based services aimed at allowing users to obtain a wide range of
functional capabilities on a 'pay-as-you-go' basis that previously required tremendous hardware/software
investments and professional skills to acquire. Cloud computing is the realization of the earlier ideals of utility
computing without the technical complexities or complicated deployment worries."
- Jeff Kaplan
"People are coming to grips with Virtualization and how it reshapes IT, creates service and software based models,
and in many ways changes a lot of the physical layer we are used to. Clouds will be the next transformation over the
next several years, building off of the software models that virtualization enabled."
- Douglas Gourlay
"The way I understand it, “cloud computing” refers to the bigger picture…basically the broad concept of using the
internet to allow people to access technology-enabled services. According to Gartner, those services must be
'massively scalable' to qualify as true 'cloud computing'. So according to that definition, every time I log into
Facebook, or search for flights online, I am taking advantage of cloud computing."
- Praising Gaw
See next page for definitions from Damon Edwards, Brian de Haaff, Kirill Sheynkman, Ben Kepes, Omar
Sultan, Kevin Hartig, and Yan Pritzker
See final page for for definitions from Trevor Doerksen, Thorsten von Eicken, Paul Wallis, Michael Sheehan,
Don Dodge, Aaron Ricadela, Bill Martin, Ben Kepes and Irving Wladwasky Berger.
"The “Cloud” concept is finally wrapping peoples’ minds around what is possible when you leverage web-scale
infrastructure (application and physical) in an on-demand way. “Managed Services”, “ASP”, “Grid Computing”,
“Software as a Service”, “Platform as a Service”, “Anything as a Service”… all terms that couldn’t get it done. Call
it a “Cloud” and everyone goes bonkers. Go figure."
- Damon Edwards
"There sure is a lot of confusion when it comes to talking about cloud computing. Yet, it does not need to be so
complicated. There really are only three types of services that are cloud based: SaaS, PaaS, and Cloud Computing
Platforms. I am not sure being massively scalable is a requirement to fit into any one category."
- Brian de Haaff
As we pointed out recently, the use of cloud computing services will increase the amount of traffic that transits the
WAN. As IT organizations begin to plan for how they will cope with that additional WAN traffic they face a curious
challenge. That challenge is that there is a lot of ambiguity relative to what IT professionals mean when they use the
phrase cloud computing. With that in mind, we will use this and the next two newsletters to help remove at least
some of that ambiguity.
FAQ: Cloud computing demystified
We have found that when we talk to an IT vendor about cloud computing, many have a somewhat traditional view.
That view is that cloud computing refers to obtaining a solution from a cloud computing service provider such as
Salesforce.com or Rackspace by utilizing the Internet. While enterprise IT professionals have that same view of
what is meant by cloud computing, it is somewhat less common. In fact, we recently gave a survey to 467 IT
professionals.
The survey respondents were given eight possible characteristics of cloud computing and were asked to identify
which of the characteristics were included in their definition of cloud computing. The three characteristics with the
highest recognition were that cloud computing includes Software-as-a-Service (SaaS); cloud computing involves
access to services over the Internet; and that as part of cloud computing, IT organizations can implement cloud
computing concepts inside of their own IT organization.
The survey responses show an interesting balance between the traditional view of cloud computing and a view of
cloud computing that has emerged over the last 18 months. The emerging view, IT organizations can implement
cloud computing concepts inside of their own IT organization, is typically referred to as private cloud computing.
Some purists, however, believe that the phrase private cloud computing is an oxymoron – that cloud computing by
definition implies the use of services provided by a third party. The survey responses indicate that the purists' view
is out of step with how the majority of IT organizations view cloud computing.
In our next newsletter we will identify the goal and one of the primary characteristics of cloud computing. In the
mean time, we would like to hear from you. If you have already implemented cloud computing, or if you expect to
in the next year, what concerns do you have relative to the network and its ability to support cloud computing?
Read more about lans & wans in Network World's LANs & WANs section.
Steve Taylor is president of Distributed Networking Associates and publisher/editor-in-chief of Webtorials. Jim
Metzler is vice president of Ashton, Metzler & Associates.
All contents copyright 1995-2011 Network World, Inc. http://www.networkworld.com
Everyone in the IT industry is talking about cloud computing, but there is still confusion about what the cloud is,
how it should be used and what problems and challenges it might introduce. This FAQ will answer some of the key
questions enterprises are asking about cloud computing.
What is cloud computing?
Gartner defines cloud computing as "a style of computing in which massively scalable IT-related capabilities are
provided 'as a service' using Internet technologies to multiple external customers." Beyond the Gartner definition,
clouds are marked by self-service interfaces that let customers acquire resources at any time and get rid of them the
instant they are no longer needed.
The cloud is not really a technology by itself. Rather, it is an approach to building IT services that harnesses the
rapidly increasing horsepower of servers as well as virtualization technologies that combine many servers into large
computing pools and divide single servers into multiple virtual machines that can be spun up and powered down at
will.
How is cloud computing different from utility, on-demand and grid computing?
Cloud by its nature is "on-demand" and includes attributes previously associated with utility and grid models. Grid
computing is the ability to harness large collections of independent compute resources to perform large tasks, and
utility is metered consumption of IT services, says Kristof Kloeckner, the cloud computing software chief at IBM.
The coming together of these attributes is making the cloud today's most "exciting IT delivery paradigm," he says.
Fundamentally, the phrase cloud computing is interchangeable with utility computing, says Nicholas Carr, author of
"The Big Switch" and "Does IT Matter?" The word "cloud" doesn't really communicate what cloud computing is,
while the word "utility" at least offers a real-world analogy, he says. "However you want to deal with the semantics,
I think grid computing, utility computing and cloud computing are all part of the same trend," Carr says.
Carr is not alone in thinking cloud is not the best word to describe today's transition to Web-based IT delivery
models. For the enterprise, cloud computing might best be viewed as a series of "online business services," says IDC
analyst Frank Gens.
What is a public cloud?
Naturally, a public cloud is a service that anyone can tap into with a network connection and a credit card. "Public
clouds are shared infrastructures with pay-as-you-go economics," explains Forrester analyst James Staten in an April
report. "Public clouds are easily accessible, multitenant virtualized infrastructures that are managed via a self-service
portal."
What is a private cloud?
A private cloud attempts to mimic the delivery models of public cloud vendors but does so entirely within the
firewall for the benefit of an enterprise's users. A private cloud would be highly virtualized, stringing together mass
quantities of IT infrastructure into one or a few easily managed logical resource pools.
Like public clouds, delivery of private cloud services would typically be done through a Web interface with self-
service and chargeback attributes. "Private clouds give you many of the benefits of cloud computing, but it's
privately owned and managed, the access may be limited to your own enterprise or a section of your value chain,"
Kloeckner says. "It does drive efficiency, it does force standardization and best practices."
The largest enterprises are interested in private clouds because public clouds are not yet scalable and reliable enough
to justify transferring all of their IT resources to cloud vendors, Carr says.
"A lot of this is a scale game," Carr says. "If you're General Electric, you've got an enormous amount of IT scale
within your own company. And at this stage the smart thing for you to do is probably to rebuild your own internal IT
around a cloud architecture because the public cloud isn't of a scale at this point and of a reliability and everything
where GE could say 'we're closing down all our data centers and moving to the cloud.'"
• Mobility: The explosion of mobile devices has created a new set of challenges for IT
execs.
• Pack rat nation: How companies are coping with the escalating problem of data
storage
• Best of NDC: from tools in use to strategies in play
• The virtual spectrum: How virtualization is coloring your world
• Blazin’ apps: How to optimize for great end-to-end performance
• The next stop for storage: a travel guide to the latest developments
Read more about data center in Network World's Data Center section.
All contents copyright 1995-2011 Network World, Inc. http://www.networkworld.com
For all the hype around cloud computing, few business customers are actually storing data on Web-based platforms,
according to a new study that casts doubt on the popularity of cloud storage.
Just 3% of companies have implemented cloud storage, and the vast majority of the customers have no plans to put
data in the cloud, according to a survey of 1,272 IT decision-makers at enterprises and SMBs in North America and
Europe.
FAQ: Cloud computing, demystified
Storage vendors and IT professionals both have spent much time discussing the cloud over the past year, because
data storage needs are growing at least 30% per year while budgets stay flat, writes Forrester analyst Andrew
Reichman in the report “Business Users Are Not Ready For Cloud Storage.”
But so far, “this is just talk,” Reichman states.
“Respondents in all geographies and of all company sizes appear to have little interest in moving their data to the
cloud any time soon,” he writes. “There is long-term potential for storage-as-a-service, but Forrester sees issues with
guaranteed service levels, security, chain of custody, shared tenancy, and long-term pricing as significant barriers
that still need to be addressed before it takes off in any meaningful way.”
The Forrester survey asked IT decision makers if they have any plans to adopt cloud storage services such as
Amazon S3, EMC Atmos, Nirvanix, The Planet, or AT&T.
Forty-three percent of respondents said they are not interested in cloud storage, and another 43% said they are
interested but have no plans to adopt. Three percent plan to implement a cloud storage platform in the next 12
months, and another 5% plan to do so one year from now or later.
While 3% of respondents have already implemented cloud storage, only 1% are expanding an existing
implementation.
In general, enterprises are slightly more interested in cloud storage than small- and medium-sized businesses, and
interest in cloud storage for backup is greater than interest in general purpose storage clouds, Reichman says. The
market has numerous mature backup services such as Asigra, EMC’s Mozy, i365, IBM Business Continuity and
Resilience Services and Iron Mountain, he writes.
“Why the greater interest and adoption of backup-as-a-service? First, it’s a complete service offering, not just CPU
or storage capacity,” he writes. “You get the backup software intelligence and storage capacity in a fully managed
service. Second, it’s solving a very specific pain point — the pain of bringing a costly and error-prone, but very
necessary, IT function under control. This is in contrast to storage-as-a-service offerings where the user has to figure
out how to put it all together.”
Overall, though, storage-as-a-service offerings still need time to develop, Reichman says. Before adopting,
customers need to consider how cloud storage integrates with existing applications and processes, and analyze the
total cost over at least a three-year period.
“The hype is strong around storage-as-a-service, but given the fact that your peers are adopting it very slowly, it
makes sense to wait on this,” Reichman writes. “It’s likely to be several years before offerings are mature, so don’t
rush into anything here.”
Follow Jon Brodkin on Twitter: www.twitter.com/jbrodkin
Read more about data center in Network World's Data Center section.
All contents copyright 1995-2011 Network World, Inc. http://www.networkworld.com
To explain such different perceptions about the security impact of virtualization and cloud computing, Matthew
Steele, Symantec director of strategic technology, said the best way to understand these answers is to know that "if
they had a real security background, they immediately got concerned. But if they care for IT operations, they were
thinking about it from an IT optimization standpoint." And the middle-of-the-road responses -- it's all "more of less
the same" -- tended to originate from those with budget responsibilities. "If the business is still moving, things are
OK," Steele remarked.
Although endpoint virtualization is widely believed to trail server-based virtualization, 8 percent of the survey's
respondents said they had implemented the former, 16 percent were in the course of implementing it, 9 percent were
in a "trial stage," 26 percent had plans for it and 25 percent were in "early discussion," whereas 16 percent weren't
considering it.
And on the question of whether endpoint virtualization makes it "easier or harder to do your job with regards to
network security," the opinion was divided, with about a third each way thinking it's "easier," "harder" or about the
same.
The survey showed that the median annual budget for enterprise security in 2010 is $600,000, an 11 percent increase
over 2009, with yet another 11 percent increase anticipated in 2011. But despite incremental budget growth, the
survey's respondents -- who hail from banking, healthcare, telecommunications and other sectors as well as local and
federal government agencies -- often indicated they had a hard time finding and retaining security personnel.
Organizations on average assigned 120 staffers to IT and compliance matters, with larger enterprises of 5,000 or
more assigning 232. But much of the time this was seen as insufficient, with 51 percent of respondents saying
finding qualified applicants was a "huge" or "big" problem.
Difficulty in finding the right expertise was a driver in all manner of outsourcing, including use of managed security
services, which about half the organizations used. But only about half were truly "satisfied" with outsourcing
arrangements, even as they contemplated expansion into software-as-a-service, platform-as-a-service, and
infrastructure-as-a-service, which Symantec defined as everything from use of Google Apps to full-blown hardware
and operating system rental on demand, making up today's evolving concept of "cloud computing."
In fact, 40 percent of the respondents indicated their organizations were currently using applications in the cloud in
some way -- yet 40 percent said it would be more difficult to prevent or react to data loss under their firm's cloud-
computing strategy.
And when asked "Does your cloud-computing strategy make the risk of losing data bigger or smaller?" 38 percent
said it would be higher, with the reminder pretty much split saying it would be the same or lower. The answers
broke the same way on the question of virtualization strategy.
When it comes to cyber attacks and data loss, the situation looks bleak based on the responses in the report.
Three quarters of respondents said their organization had experienced cyber attacks in the past 12 months, with 36
percent calling them "somewhat/highly effective." The annual cost of a cyber attack was pegged at more than $2
million for large enterprises when tallying up lost productivity, theft of intellectual property, loss of customers, legal
fees and more.
"One of the main issues people have with cloud computing is security. Four in five online Americans (81 percent)
agree that they are concerned about securing the service. Only one-quarter (25 percent) say they would trust this
service for files with personal information, while three in five (62 percent) would not. Over half (58 perent) disagree
with the concept that files stored online are safer than files stored locally on a hard drive and 57 percent of online
Americans would not trust that their files are safe online."
That's the sobering conclusion from a recent Harris poll conducted online between March 1 and 8 among 2,320
adults.
[ Get the no-nonsense explanations and advice you need to take real advantage of cloud computing in
InfoWorld editors' 21-page Cloud Computing Deep Dive PDF special report. | Stay up on the cloud with
InfoWorld's Cloud Computing Report newsletter. ]
Cloud security has a significant PR problem. I'm sure there will be comments below about how cloud computing, if
initiated in the context of a sound security strategy, is secure -- perhaps moreso than on-premise systems. While I
agree to some extent, it's clear that the typical user does not share that confidence, which raises a red flag for
businesses seeking to leverage the cloud.
If you think about it, users' fears are logical, even though most of us in the know understand them to be unfounded.
For a typical user, it's hard to believe information stored remotely can be as safe as or safer than systems they can
see and touch.
Of course, you can point out the number of times information walks out the door on USB thumb drives, stolen
laptops, and other ways that people are losing information these days. However, there continues to be a mistrust of
resources that are not under your direct control, and that mindset is bad for the cloud.
Not helping matters is the recent debacle where Blippy.com, a site that allows people to share their purchase info
with others by linking to credit cards accounts, found that some credit card information was indexed by Google and
publically exposed. To be sure, that was a mistake on someone's part, not an inherent flaw in cloud technology, but
these kinds of breaches further the fears that placing personal or core business information in the cloud may be a bad
idea.
There is no easy answer to this problem, though a look to history can help. When the Web first hit businesses, it was
feared and misunderstood until the business value became clear to all. This took years, and even today we use the
traditional Web by taking the good (for example, the ability to find instantly the one piece of information that caps
your presentation to the board) with the bad (the creepy guy down the hall who was caught surfing porn). The
benefits outweigh the problems, and cloud computing will eventually find a similar path to acceptance.
This article, "Cloud security's PR problem shouldn't be shrugged off," originally appeared at InfoWorld.com. Read
more of David Linthicum's Cloud Computing blog and follow the latest developments in cloud computing and
security at InfoWorld.com.
• Cloud Computing
• Security
• The Industry Standard
• Cloud computing
• Security
Does cloud computing perform well? That depends on whom you ask. Those using SaaS
systems and dealing with standard Web latency can't tell you much about performance.
However, those using advanced "big data" systems have a much different story to relate [1].
[ Get the no-nonsense explanations and advice you need to take real advantage of cloud computing in
InfoWorld editors' 21-page Cloud Computing Deep Dive PDF special report [2]. | Stay up on the cloud with
InfoWorld's Cloud Computing Report newsletter [3]. ]
You need to consider the performance models, which you can break into three very basic categories:
• Client-oriented (performance trade-off)
• Cloud-oriented (performance advantage)
• Hybrid (depends on the implementation)
Client-oriented cloud computing architectures are those systems where the cloud computing providers, typically
SaaS (software as a service), interact with users constantly over the Internet. The issue here is not that the cloud
provider is slow, but that there is latency with the constant back-end machine-to-machine conversation that occurs
between the SaaS provider and the browser.
There's not much you can do about this, other than create your own expensive private link between your company
and the SaaS provider, but that dilutes the value of SaaS quickly. Client-oriented platforms are clearly not as fast as
applications running on the local network, but in most instances, the user won't notice the latency unless there is
network saturation.
Cloud-oriented cloud computing architectures are those systems where the processing occurs within the cloud.
Most infrastucture-as-a-service providers, and some platform-as-a-service providers, fit into this category. Typically,
these systems can provide better performance than their on-premise counterparts because they have access to many
more virtualized resources and can allocate those resources dynamically.
For instance, you could have a database query saturating an on-premise system and taking many hours to run. In
contrast, a well-provisioned cloud computing provider can drag as many additional servers into the mix as required
to support the burst in processing, with a result set returning in minutes. This is the scalable nature of cloud
computing, and it is a clear selling point of cloud when performance is considered against cost.
Hybrid, as you may have guessed, leverages both the client- and cloud-oriented models, typically for platform-as-a-
service systems, but there are many shades of gray. The concept is that you can mix and match user interactions with
highly scalable and on-demand back-end processing. The trade-off is the more you communicate with the browser,
the more latency that's brought into the model. Thus, the approach to the architecture here is to optimize the chatter
between the back-end cloud-based servers and the browser. You accomplish this with some old-fashioned
distributed application architecture.
•
Source URL (retrieved on 2011-05-23 02:43PM): http://www.infoworld.com/d/cloud-
computing/3-cloud-computing-mistakes-you-can-avoid-today-895
Links:
[1] http://www.infoworld.com/cloud-deepdive?source=fssr
[2] http://www.amazon.com/gp/product/0136009220?ie=UTF8&tag=ergo-
20&linkCode=as2&camp=1789&creative=9325&creativeASIN=0136009220
[3] http://www.infoworld.com/newsletters/subscribe?showlist=infoworld_cloud_computing&source=fssr
[4] http://www.infoworld.com/server-virt-deep-dive?idglg=ifwsite_editinline&source=ifwprm_blog_cc
[5] http://www.infoworld.com/d/cloud-computing/3-cloud-computing-mistakes-you-can-avoid-today-895?
source=footer
[6] http://www.infoworld.com/?source=footer
[7] http://www.infoworld.com/d/cloud-computing/blogs?source=footer
[8] http://www.infoworld.com/d/cloud-computing?source=footer
eseerd 11-Mar-10 1:45pm
I went to a presentation from a major cloud vendor and was surprised to find out they had
no backup system in place.
Personally, I don't think it's a good idea to send important data into cyberspace for any
purpose. However, if you are expecting the cloud to provide persistence, be sure your cloud
provider has the same vision and has actually implemented it.
IFWTEH 15-Mar-10 12:59pm
To minimize your capital outlay, use a public cloud and to cover issues with public cloud
usage, why not use 2 or more independent public cloud vendors? The likelihood that they all
would fail or go out of business would seem to be very low. Define a very narrow set of
resources to cover the 3 issues you raise and focus your main resources on your business
and your customers to maximize your success.
drdam4n 15-Mar-10 2:56pm
These 3 points are all too obvious, and I don't see how they could be overlooked. 1) Public
vs. Private -Evaluating options and vendors (do your homework) 2) Security and governance
should be built into every process and service that IT implements 3) Again, business
contiunity should be part of every implementation.
• Understanding the Cloud Computing Stack: SaaS, PaaS, IaaS | White Paper
• Building a Cloud-Ready File Storage Infrastructure | Webcast
• Consideration for the Cloud: The Process Every Enterprise Should Think Through |
White Paper
• CLOUDONOMICS: The Economics of Cloud Computing | White Paper
• Revolution not Evolution: How Cloud Computing Differs from Traditional IT and Why it
Matters | White Paper
• Moving your Infrastructure to the Cloud: How to Maximize Benefits and Avoid Pitfalls |
White Paper
See all White Papers / Webcasts
For CIOs who distrust most technological promises (having heard too many of them), cloud computing sets off
alarm bells. Yet those CIOs finding success in the cloud say their colleagues should be equally skeptical of IT
managers who claim they can deliver better and cheaper results internally. (For expert advice about cloud-vendor
contracts, see " How the Cloud Can Turn Toxic.")
DeVry University CIO Eric Dirst is careful to keep his team honest about the real costs of internal IT. "You have to
think it through. We try to calculate 10-year [total cost of ownership] when we make a big purchase. We don't want
to have to replace things in two or three years," he says.
An honest comparison must take into account the cost of provisioning servers and replacing them about every three
years, plus the overhead of system administration, security patches and disaster recovery. Those are built into the
monthly fee for a cloud computing service, Dirst says. So far, DeVry uses software as a service (SaaS) applications
for CRM, HR and email. It has also has deployed custom applications on Saleforce.com's Force.com and custom
utilities on Amazon Web Services (AWS).
It's difficult to make direct comparisons between cloud computing and internal IT, notes Larry Bolick, CIO of the
creative services staffing firm Aquent. "It's not like when you upgrade a server, and the clock speed is twice as fast
or you're getting four times the memory. That kind of comparison doesn't exist necessarily in the cloud."
Over the past two years, Aquent has converted more than 30 offices in North America to a cloud-based phone
system and moved its core business system to the cloud. In the process of changing the company's homegrown ERP
system to a Web-based model, Aquent switched it from traditional data center colocation to hosting on AWS. The
software now runs in three AWS clouds-one in the United States, one in Ireland and one in Singapore-to deliver
global coverage. "With that particular application, we get some disaster-recovery capability in the bargain because
we're replicating between the three different instances," Bolick says.
James Staten, a Forrester Research ( FORR) analyst, agrees that companies tend to underestimate the cost of internal
IT. "Often, organizations only count the capital expenditure, not the operational costs, so they come to the incorrect
conclusion that it would be cheaper to do it on premise," Staten asserts.
The Capital Expenditure Monster
Today, cloud computing is most popular with small-to-midsize businesses (SMBs). Large enterprises tend to be
more conservative, often citing security concerns. That will change as the servers that those large enterprises own
come to the end of their useful life and CIOs look for money to replace them, predicts Michael Hugos, a consultant,
former CIO and current CIO.com blogger.
At that point, says Hugos, "I think it becomes a CFO discussion about capital expenditure." CFOs may increasingly
force the issue of replacing investments in IT equipment with the variable costs of cloud computing. In addition to
the direct costs, a CFO is likely to consider the opportunity cost of tying up capital in fixed assets such as servers, he
says.
And precisely because customers are crying out for reassurances about the security of cloud services, service
providers will invest in making them secure-at the same time many enterprises are cutting back on information-
security investments. "The idea that data sitting on a server in my server room is more secure [than in the cloud] is
disingenuous," says Hugos. Underlying the argument, he says, are IT professionals trying "to convince the suits not
to outsource my job."
Because many technology managers have a vested interest in fending off this wave of
change, CIOs need to turn a gimlet eye on their staffs (and their own) cost projections,
Hugos says. "I would give my estimate to a bunch of hard-nosed accounting and finance
guys and see what they say about it."