Welcome to the world of Infosys Engineering! It is a half a billion plus organization that takes pride in shaping our engineering aspirations and dreams and bringing them to fruition. We provide engineering services and solutions across the lifecycle of our clients’ offerings, ranging from product ideation to realization and sustenance, that caters to a cross-section of industries - aerospace, automotive, medical devices, retail, telecommunications, hi tech, financial services, energy and utilities just to name a few major ones.

« Threat Modeling To Ensure Application Security | Main | JEE: Server Performance and Configuration -Part 2 »

How Real is Cloud Adoption

Last week of May 2012 saw industry leaders get together in Bangalore for the first ever Cloud Connect in India. The Cloud Connect conference is one of the most comprehensive and in-depth cloud conferences to have the presence of some of the leading cloud experts, analysts and IT professionals all under one roof. The primary theme was adoption of cloud in the business context. Though there was a broad consensus that cloud is a game changing paradigm and provides tangible benefits in terms of monetary savings, many speakers highlighted the relatively low adoption by industry, associated challenges and doubts. As per separate surveys conducted by Symantec and KPMG, despite being high on the radar for CIOs, only about a fifth of organizations have adopted cloud in one or the other form.
A phrase often heard during the conference days was "Consumerization of IT". The term implies availability of IT services like any other off the shelf consumer product; just pay for what you need. This paradigm, made feasible by cloud computing, makes IT services available to a wider set of users including small businesses which might not have the capital for initial investment needed for building their IT infrastructure. Besides, it allows organizations to focus more on their core business rather than maintaining and upgrading their IT assets. Apart from making IT services' reach wider, cloud computing has helped in improving service delivery efficiency. P Sridhar Reddy from CtrlS, India's first and only certified Tier IV datacenter, talked about accomplishing near zero data loss for some of their customers. Popular online gaming portal Zynga has been known to host new offerings using Amazon cloud services for initial few weeks, gather data about user load patterns and then provision IT infrastructure within its premises to host games on their own systems. Taking example from the Indian context, cloud adoption at Dabur is an interesting case study. Even though options of renting IT infrastructure have been prevalent in one or the other form, since quite some time, the maturity of delivery model in the form of cloud has enhanced predictability and is a sure booster for ensuring better quality of IT services. Consumption models like the one adopted by Zynga, are revolutionary and help business achieve true agility in delivering services.

IT analysts have often cited that the average server utilization in most data centers ranges between 10%-30%. The ones which have implemented virtualization range towards the higher end, but as evident from the figures, majority of the capacity still goes unutilized for most of the time. With increased focus on reducing carbon footprint and cutting costs, optimal use of IT infrastructure is an important item on every CIOs agenda. Infrastructure-As-a-Service offerings, from cloud vendors, provide facility to buyers, to acquire and release IT assets, on demand basis. With such delivery models having attained a good level of maturity, the current focus of discussion is not whether cloud adoption can bring benefits to business; it is rather about how it should be done. Organizations are faced with a lot of challenges while adopting the cloud model. Some key challenges are highlighted below:

Which of private, public or hybrid cloud is suitable for my business?
A survey done among Indian CIOs reveals that general thought among them is adopting a mix of private and public cloud services which is known as hybrid cloud. This decision has to be tailored based on needs of each individual organization. Private cloud implies tighter control on infrastructure, processes and data but it demands investment in maintaining all of these. Public cloud offloads infrastructure management to the vendor. Time and effort needed from the organization is greatly reduced but keeping sensitive data in vendor's data center needs to be done with due caution.

What should be migrated to cloud? How to assess the readiness of my products for porting to cloud?
IT applications can be broadly categorized into two segments viz. those for internal systems/processes and the ones exposed to end customers. Though there is no standard methodology to identify which kind of applications can be moved to cloud but factors like proximity to users, variation in load on system, nature of data consumed within the application can help make this decision. Privacy and security considerations are of paramount importance for customer facing applications. Internal applications are tied more to the need of ubiquitous connectivity and data availability especially for the sales staff that are constantly on the move and need most up-to-date information available with them. Internal information is also sensitive for the organization and warrants adequate thought before migration. Readiness assessment is an important factor to determine the roadmap for porting cloud applications and can actually aid decision makers arrive at conclusions as to what is best left hosted on on-premise servers. There is no industry-standard, readymade framework so far, which can evaluate a suite of IT applications and assess their readiness for migration to cloud. System integrators like Infosys have been working in this space and creating tools, frameworks to assess cloud readiness for software applications. Infosys Labs Cloud CoE provides an overview of the tools and accelerators developed.

There is hardly any interoperability among services offered by cloud service providers. How to reduce dependency on the cloud vendor and make switching between vendors easier?
Janakiraman MSV, a cloud specialist, provided an overview of features and limitations of PaaS offerings from leading players like Google App Engine, Microsoft Windows Azure, Amazon Web Services and VMWare Cloud Foundry. Though the focus of his talk was on comparing these leading players, underlying inference was about lack of interoperability among services offered by different vendors. Firstly, it is difficult to evaluate offerings from any cloud vendor, in the absence of standards or certifications to measure service delivery. With almost every vendor offering a 3 nines or 4 nines availability, it is easy for businesses to get confused especially if they go ahead without understanding the details of the service model. Once committed to a vendor, it would be very arduous to switch to another in case the vendor fails to deliver the promised services. Though there are efforts by the IT community to evolve standards for interoperability, like the Cloud Computing Interoperability Forum but the truth is that a lot of work needs to be done to address the interoperability needs.

How to assess the security of end customer's data residing in the data center of a cloud service vendor.
There are valid concerns prevalent in industry about safety mechanisms adopted by cloud vendors. With the data crossing geographical boundaries to the vendor's data centers, adherence to legal policies needs attention. Several countries prohibit storing sensitive information of its citizens outside the country. Stephen Mathais, Partner, Kochhar & Co., touched upon the legal aspects involved in cloud adoption and highlighted that the issues can get complicated when there is lack of clarity in the laws. Many speakers put forth the thought that cloud vendors and organizations need to duly verify compliance with laws before making any moves.

There are independent auditing agencies and industry standard frameworks to assess the practices adopted by the cloud vendor w.r.t data security and infrastructure management. There are industry domain specific standards like HIPPA (for insurance), PCI DSS (for financial sector). It is important to understand the regulatory and compliance standards adhered to by the vendor. However, something which needs to be understood by business organizations is that movement to the cloud changes only the hosting platform for their software. The application is only as secure as it has been designed to be.

With the amount of data increasing at an unimaginable rate and rising popularity of social media and mobile computing, there is an unprecedented load on computing resources. It is therefore necessary that efficiency of IT systems and services which process and maintain this data should also increase at a similar pace. This is where cloud fits in. It is agreed that due to multiple challenges, cloud adoption has not reached the levels it was expected to. However, as demonstrated by successful models embraced at Zynga, Dabur and many other large corporations it is beyond doubt that leveraging cloud for delivery and consumption of IT services allows business to solve traditional problems in newer ways . The need is to invest in resources to create a robust ecosystem of cloud services which eases the decision for movement to cloud.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.

Subscribe to this blog's feed

Follow us on

Blogger Profiles

Infosys on Twitter