Among cloud players, IBM and Microsoft get the highest marks on practical cloud strategies, and the second-highest go to the common-carrier cloud services, even though AT&T’s cloud offerings are still developing and Verizon’s (via Terremark) are only recently branded by the carrier. The reason is that enterprises see any outsourcing as a risk, IT outsourcing as a conspicuous risk, and outsourcing of any critical applications or data as a risk bordering on unacceptable. They demand both a trusted partner and a credible strategy for risk management.
Right now, both the big vendors we’ve named offer both, and the carriers are trusted in terms of financial stability, professionalism and quality of infrastructure. Where vendors have the edge is in the planning of a cloud-ready IT commitment. I think that the latter is more important than most people realize; simple IaaS cloudsourcing doesn’t address enterprise needs except in development and pilot testing. Anything other than IaaS requires significant SOA-like integration, something IBM and Microsoft realize and others either don’t realize or don’t address.
The assertion that the Sony PlayStation Network hack was hosted on Amazon’s EC2 isn’t raising all that many hackles among the cloud promoters, but it has demonstrated to enterprises yet again the concept of “collective risk.”
Sony gets attacked because it’s big, but would Mom’s Pizza be at risk? Not as a stand-alone, but it might well be part of a larger risk pool if their cloud host is attacked. Thus, moving to the cloud could raise risks of hacking. Not only that, if the cloud is hosting the hackers, might they not be able to hack others on the cloud more easily, exploiting interprocess issues or opportunities for denial of service? Hacking is an ROI- or publicity-driven process, after all.
Some of the earliest cloud successes (in total-revenue terms) are likely to be the kind of services that AT&T is offering for Windows support. These services don’t ask customers to outsource data or their critical applications, only to outsource support. Cloud resources are applied not to run customer apps but to improve support economies of scale and thus improve both pricing and profits.
This illustrates why I believe that service provider cloud computing and service provider service-layer intelligence are likely to converge on the same architecture. It’s only logical to assume that a provider that successfully sells a support service would be successful in selling cloud services, if the tie between the two was clear. It’s also better for economies of scale if IT functionality (whether the providers’ own apps are used in customer support and services, or the customers’ apps hosted in a provider cloud) use common servers/software and common support tools.
Speaking of Amazon, early responses from my spring enterprise survey suggest that the EC2 problem it had didn’t impact enterprise cloud planning much. That’s because enterprises were not, in the main, considering EC2 as the host for their critical applications. What the survey shows among SMBs is that those with clouds in their eyes, the early adopters, took the process in stride, while those that were on the fence were more likely to be hardened against cloud usage. In short, it increased the skepticism among those still considering the cloud, which may (if the feeling persists) impact the sales cycle for cloud services.
We tend to forget that a market is normally classified as being push or pull, meaning it is sales-driven or demand-driven. Some buyers will go out into the marketplace (meaning the Web, in most cases) to look for cloud providers. That’s not likely to be how mission-critical apps are handled, though. For that, you need a sales effort to create a sense of personal accountability. The larger players like AT&T, IBM, Microsoft and Verizon have sales forces that can hug and cuddle wary buyers, and that is more likely than anything to propel them to the top of the cloud heap.