How does the Cloud Computing story affect Enterprise Architecture?
Earlier this month, T-Mobile announced to the Sidekick’s users that all of their data has been lost, and attributed it to a server failure at Microsoft’s (yes.. they own the platform) Danger subsidiary. The fiasco has of course over shadowed the the total data loss at Ma.gnolia earlier this year, which had been the existing benchmark for user data evaporation.
The fact that the platform never had a more robust disaster recovery strategy is something that most analysts are finding difficult to accept. Well, given that the data center was not owned by the actual consumer service provider (T-Mobile), is leading them to comment that this undermines the reliability of the entire concept of Cloud Computing. ZDNet called it “one of the biggest cloud computing disasters so far.” Cnet wrote that the incident “threatens to put a dark cloud” over Microsoft’s cloud ambitions.
While I don’t really participate in this doomsday prognosis, this does highlight that the key enterprise architecture best practices are still relevant irrespective of the ownership pattern of the solution components. In this case, the consumer (T-Mobile), never paid for a disaster recovery SLA and hence they never got it. So, the miss would really be on the part of the consumer than the service provider.
I believe, the basic hypothesis of Cloud Computing bears an uncanny resemblance to the old (ancient ?) paradigm of Application Service Providers (ASPs), and that’s a connection that should not be lost while we try to decompile the jargon around us. One of the unfortunate offshoots of the recent hype generated by Cloud Computing is that most IT professionals are finding it difficult to visualize this connection. Buying v/s Building has been an issue that most organizations have been grappling with for the last many years and going the “cloud” way has often been seen as an extension of that approach.
However, I believe, we need to understand that buying services and platforms doesn’t really absolve the enterprise from key responsibilities of defining, governing and owning the Enterprise Architecture. With the SLA based approach, where most platform providers promise you that you get what you pay for, it becomes ever more important that your shopping list has been deliberated upon thoroughly. This move towards commoditization of the enterprise platform, essentially means that the onus shifts back on the EAs to keep a tighter watch on what they are buying and using.
Some of the Key areas where the role of EA will become much more relevant are :
The evolution of the enterprise’s business will continue and the EA will need to analyse and cater to impact of that on the overall architecture (this greatly depends on what components are pushed out). The move to the Cloud might provide the agility required to respond to this change, but that will need to scrutinized and managed closely.
Again, the role of the EA will continue to be crucial to ensure the capture, processing and reporting of business critical information throughout the enterprise. While the actual control over some parts of the information model may depend on the way the data resides across the cloud components and the on-premise components, the overall ownership has to be with the enterprise.
Policy & Risk Architecture
With the increased chatter going out the enterprise gateway, there will be an increased focus on ensuring the robustness of the external communications gateway. This will be less towards the actual technical communication, since most of that will get consolidated towards industry standards, but more towards security and policy enforcement across the enterprise. It will require architects to figure out the right solutions for identity management, data at rest security, transactional security, and physical security. At the end of the day the enterprise is ultimately accountable for the data stored in a SaaS data center (refer to the Financial Services legislation where FSI's are legally bound to the implications of an offsite breach no matter what type of contract was defined with the SaaS provider ).
In conclusion, the fact that the platform has been federated on either ends of the enterprise gateway, shouldn’t in anyway undermine the role of the Enterprise architects. Overall governance and ownership is going to be as important as ever, irrespective of how we federate the actual solution components across the enterprise or outside it.