Cloud Computing – From Myth to RealityBy the Cloud Computing Standards Coordinating Task Force, ITSC
Taking the first step towards cloud computing
The term “Cloud Computing” has been a technology buzzword for years. What was once viewed as an ultimate goal to solve some of the critical issues IT departments face today – explosion of data, heavy increase in the usage of mobile devices, on-demand connectivity and up to date business intelligence, is finally becoming a reality. The cloud is finally taking shape, moving from myth to reality and slowly becoming an integral part of mainstream IT.
Just as its namesake, the definition of cloud computing is foggy as vendors and service providers use different definitions. The National Institute of Standards and Technology (NIST) of the United States defines cloud computing as “a model for enabling ubiquitious, convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.” The definition also goes on to list five essential characteristics of cloud computing – on-demand self-service, broad network access, resource pooling, rapid elasticity or expansion, and measured service. Clearly, the value of a cloud computing service is in the potential outcomes it can enable.
The economics of cloud computing is driving the push for adoption. Cloud computing follows a scalable utility model based on consumption. This heavily reduces IT operating expenditures in terms of infrastructure, energy expenditure and catering for peak load times; instead businesses pay for what they use. Also, without the need to buy hardware, acquire software licenses or engage in complicated implementation services, businesses can deploy projects and applications in a fraction of the time it would have previously taken them.
In Singapore, businesses, especially MNCs and SMEs, are taking a very serious look at the cloud. Gartner Inc reported that 76% of Singapore enterprises had allocated IT budget to the cloud in 2010/2011. According to a report by analyst firm IDC, commissioned by Microsoft, cloud computing is expected to create 12,000 new jobs in Singapore by 2015.
However, the know-how of how to migrate to a cloud infrastructure is lacking, with various vendors championing different strategies. To date, aside from interoperability and portability issues, the biggest worry CIOs have with cloud computing is security in and around the cloud, which by extension is due to there being no cloud computing standards in place. The lack of security guidelines is hampering cloud adoption and CIOs have to ask themselves many questions – Is there a chance of me losing my data? How do I protect my employees from external threats? If I use one vendor, will I be able to switch to another vendor or will I be locked into their technologies.
To alleviate these concerns and to support the growth of cloud adoption, IDA and ITSC has formed a Cloud Computing Standards Coordinating Task Force under ITSC in February 2011 to address the industry demands for cloud computing standards and to lead and coordinate the cloud computing standardisation efforts across the Technical Committees in ITSC. The Task Force has as, a start just developed two Technical References (TRs) which will be published before the end of May 2012.
The first TR is on Virtualisation Security for Servers which guides users on how to mitigate the security risks posed by compute hypervisor virtualisation. The second TR is on Security and Service Level Guidelines for usage of public cloud computing services. It also contains a set of guidelines on the security best practices that service providers can put in place to enhance users’ confidence of their cloud services.
As enterprises start looking at moving some of their IT operations to the cloud, cloud computing standards will provide a foundation and framework that will assist in the integration of cloud services into their enterprise architecture, ensure the appropriate security controls are put in place and enabling cloud services to be interoperable and portable. ITSC, in collaboration with various industry partners such as IDA and the National Grid Advisory Council will lead the development and promotion of the Cloud Computing standards to help the industry move forward the Cloud Computing paradigm.