Perhaps the biggest complexity when it comes to adopting cloud services is to manage the health and security of the cloud service. For organizations who build their own internal clouds, the burden of security and management falls solely on the organization’s fine IT folks, but what happens when you outsource the environment? Are you still required for all the care and feeding? Is there a better way?
There are really 3 schools of thought when it comes to how to deal with the new cloud model of IT services. On one hand, you can look at cloud services as being an extension of your current environment. This means your staff is responsible for ensuring the integrity and security of the environment. This works well for organizations who have lots of IT staff who have the skillsets to configure, implement, manage and secure the environment as it allows the flexibility of consistent testing and adjusting without having to work with a provider. Regardless if you host onsite or in a third-party cloud, the general pricinciple here is that your team is responsible for everything.
For those who don’t have the expertise, or simply want to stop investing in large IT teams, outsourcing parts of the service to your cloud provider is another option. This hybrid model allows customers to manage some aspects of the environment and have the service provider manage the other parts. A common use of this model is to have third party managed security options integrated into the environment, while the general day to day management is done by internal IT staff. It’s a great way to augment your team with services so that you don’t have to worry about getting the right skillsets in place in order to take advantage of cloud computing.
The last, and my favorite model, is that of the managed cloud provider. These folks offer the Cadillac version of the cloud, and while only a few are really known to exist, it is becoming a more popular model. Take for example VMfarms here in Canada. They offer a fully managed cloud environment whereby they manage and monitor to provide fully compliant cloud services. This is super handy for businesses who are subject to high regulatory requirements. Imagine being able to offload all the worries around ensuring compliance to your cloud provider? Aside from IT staff to run the day to day operations of the environment, all the back end worry around security and accessibility is now the responsibility of the provider.
Now there is a caveat with this last model, after all, nothing is perfect. The trick is going to be ensuring the SLA really reflects that the service provider is now on the hook for the environment. VMfarms for example offers 24x7x365 monitoring and management with a slick 15 minute SLA response time for customers. Why is this important? If you are letting someone else manage your company’s assets, you need to ensure that they take responsibility for any environment issues such as breach or compliance requirements.
It’s nice to know that no longer do you need large IT teams to manage your environments, but if you rely on your partners, pick the right model for your realistic needs and make sure you know who you are trusting with your most important asset, your customers.