Welcome!

@CloudExpo Authors: Ed Featherston, Liz McMillan, Elizabeth White, Scott Allen, Lori MacVittie

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog

@CloudExpo: Article

Riding the Enterprise Cloud Computing Wave of Change into the Future

Plan your path so you can achieve real, practical results

The term cloud computing was first coined in 2007. Enterprise Cloud Computing seems to have emerged as a term in 2009. It's now 2012 and many are trying to ride the wave of Enterprise cloud computing or private cloud into the future. In a short four years, we've seen this phenomena of cloud permeate everything. Some question its validity as a technology and a term. If you look at the Gartner hype curve, the mere questioning of cloud can be considered validation. The abbreviated Gartner curve shows the rapid progress of cloud and private cloud from term introduction to the "peak of inflated expectations." We're about to dive down into the dreaded "trough of disillusionment." Maybe the skeptics are already there. Or maybe, cloud will jump from its current holding spot over to the "slope of enlightenment" without spending (measureable) time in the trough. I'll look forward to the Gartner curve update in 2012.

Why do I think it's possible to skip the trough of disillusionment? Some key reasons were covered in my first talk at Cloud Expo back in 2009. Cloud computing is, simply stated, the next generation of IT architecture. We've been moving to the cloud for the past several years through virtualization, improved enterprise management systems, high-speed global networks, wireless access devices, and so forth. It's a lot less of a revolution and a lot more of an evolution. The ubiquitous, white fluffy physical representation of "cloud" caused much of the initial skepticism, I think. Now, people are comfortable with the word cloud and marketers have found innovative, successful ways to connect the features and benefits for the average technology user.

Enterprises cite many reasons for cloud adoption. This survey from December 2010 highlights reduced CAPEX and OPEX combined with speed and agility as key advantages for federal organizations. The survey results from the federal space mirror the survey answers across all industries. Tough economic challenges over the past few years have catapulted cloud providers to the top of the IT company lists.

A contrasting survey from Meritalk focused on the issues and concerns for cloud. The survey highlighted three key challenges for cloud adoption in the federal space: security, culture, and budget. Our experiences at NRO mimic the survey results. I want to walk through these top three challenges with a focus on practical strategies for reducing barriers to cloud success.

Number One: Security
The number one issue on the Meritalk survey - and many other surveys - is security in the cloud. The myth is that cloud computing is less secure. I recently co-authored a paper for AFCEA with Jamie Dos Santos, President of Terremark Federal. We identified three areas contributing to the myth the cloud is less secure.

  1. The cloud is like fog and the company/organization can't see clearly into what's happening, as a result, security seems compromised. You don't trust what you can't easily see.
  2. The cloud vendors are making the technical decisions/standards and we, as customers, are losing control. We're forced to take what they give us and the inability to demand certain requirements is translated into lack of security.
  3. The cloud is, by nature and characteristic, always changing. My IT workforce is already overwhelmed and they will never be able to keep up with something that changes all the time; it can never be considered secure if my team can't keep up.

In our research - which included touch points with industry, government, and academia - what we actually found is that recent trends in cloud computing demonstrate the architecture has matured and offers distinct advantages for cyber security defense.

The three countering reasons it can be more secure are:

  1. Visibility. The cloud offers you many points of measurement and instrumentation - at every layer of the IT stack. You can use the metrics to improve the overall knowledge of the cloud and gain valuable insights not achievable previously. Using this knowledge, you can improve the overall security posture of the cloud. It takes a commitment to analysis and review but the results are significantly better than today's insights. Knowing vulnerabilities is necessary before you can mitigate them.
  2. Collaboration. We found new and improved public-private partnerships forming to protect national interests, lift the "fog," and change relationships between providers and customers. Knowledge of cyber events is passing between corporations and government entities faster than ever before and new security solutions are emerging to protect all information in clouds from malicious or suspicious events. Industry recognizes data protection is as important as reputation protection. One smear can ruin the company.
  3. Workforce Enrichment. We also found cloud computing is highlighting our need for a workforce that bridges the IT and Information Assurance fields. In the past, we've often segmented work into IT or IA; we need to drive academic and job-training programs to blend the skills for maximum advantage with cloud. This will allow a workforce that skillfully uses measurement and analysis tools to bring better security to the cloud.

Back to the Meritalk survey: The number two issue highlighted by Meritalk was Culture.
Gartner's Cloud outlook for 2011 hit upon three cultural changes for the enterprise: (1) using the Cloud can facilitate smaller and shorter projects; (2) the tools used in cloud projects will be more open source and less costly; and (3) to take advantage, companies will be seeking younger talent more familiar with the new tools. The result - as depicted in this picture - is a happy, blended, workforce. But, be careful. Your organization probably includes IT folks representing a diversity of ages and skill sets. You can't just bring in a new workforce and sweep the current one under a rug. Managing the cultural change in your people, your processes, and your technology will improve your overall success rate. Let's talk about those three areas of culture change.

First, let's talk People: You may need a new set of IT professionals but you have a legacy team in place now. You will need to successfully merge your legacy and new workforces to have a high performing blend of talent for the future. If you have legacy team members with a lot of time in your IT program but without a lot of interest in learning the nitty-gritty of the cloud controller, you might consider repurposing or refocusing those team members to fill gaps in other IT areas. For example, we never seem to have enough people to analyze advanced persistent threats and cyber vectors. A company might use its experienced team members to oversee the analysis of the many new data points you get with the cloud. Or, a company might use its experienced team members as customer liaison specialists for technical customer engagement or innovation. Whatever your existing resources, you'll need to make sure the legacy team can get on board with the changes; a mass replacement is not likely to breed success. A lucrative merger of your legacy and new workforces can create the high performing blend you need.

The second cultural area to address is process. It's another legacy you'll have to change for cloud to reap its benefits. You don't need a special purpose infrastructure for each application. Each application doesn't have to build a vertical stovepipe for success. Instead, you will need strict adherence to standards so your infrastructure can scale quickly and efficiently. Your engineering talent doesn't have to spend tons of time in engineering review board meetings or configuration control meetings. By reducing the complexity in the baseline, your engineers can focus on delivering new capabilities higher in the stack that provide greater unique value to your company. You can change your software lifecycle from months to weeks (or less) when you get the infrastructure lifecycle out of the way. Platform as a Service and Infrastructure as a Service require fairly rigid standardization to be a true cloud - anytime, anywhere, elastic capacity on demand. If you don't force the rigid standardization in the lower layers of the IT stack, you are likely to see custom builds creep back into your environment. Customized solutions will, generally speaking, elongate your delivery cycle. Cumbersome, slow, and expensive processes will return and reverse your efficiency gains.

The third area of culture change that will occur with Cloud is in the technology area. Smart choices here will help you turn your server huggers into cloud lovers. First, don't attempt to migrate everything to cloud up front - if ever. Cloud is the latest generation of IT architecture but that doesn't mean cloud works for all. You should start with low hanging fruit - those capabilities ready and ripe for a cloud world - and work your way up the tree to harder, more resistant capabilities. Use cloud as a means of improving your technology curve for certification and accreditation. Once you've certified the cloud infrastructure, the applications are less tethered and become both faster and more innovative. Finally, as your workforce clamors for more access via consumer devices, use cloud migration to securely support that access.

Let's return to the Meritalk survey to discuss its third key issue. Remember we've talked about the first two issues: security and culture. The third issue is budget. This figure provides three perspectives. Lockheed Martin recognizes that most savings will be in your labor, which means IT resources will need to be repurposed or removed to achieve great savings. Another view, from AF GEN Spano, noted that moving to cloud - solely to save money - may not be the right approach. And, Booz Allen noted the path to savings is based on several factors. If your primary driver for cloud is to save money, make sure you're realistic about what it will take to achieve that goal. CapEx savings might be realized but the bulk of savings will be from OpEx reductions.

A key take-away from the Meritalk survey is that you need to spend time planning your cloud implementation. It's not something you just wake up, decide to do, and then leap right in. Timing and planning are critical to success. The wave and surfing analogy fits well. You don't just jump into the water with a board and ride the perfect wave. You need a process: paddle out, position yourself, survey the oncoming waves, pick the wave that best corresponds to your position, and paddle like mad to stay right in front of that wave to catch the perfect ride.

This graphic represents a potential 9-step plan for cloud deployment. It's just an example. Regardless of the roadmap you use, the first step is a rational approach that will work in your specific environment.

At the NRO, we've spent the past 18 months developing our IT strategy and roadmap. We've determined a private cloud followed by a hybrid cloud (private/community, with the Intelligence Community) will be our delivery model. We'll focus on infrastructure and platform as services first and then move to Software as a service. Our strategy also highlights the need to look beyond the technology of cloud. Understanding the roles and responsibilities between the ISP and ASPs is also being worked out. In our organization, a lot of development is done by general defense contractors. Making sure we know exactly what the ISP must provide and what the ASPs are responsible for is paramount for rapid problem identification and resolution. Acquisition models need to be planned. For us, we needed to understand if it was going to be:

  • GO GO: government owned and government operated;
  • GO CO: government owned and contractor operated; or
  • CO CO: contractor owned and contractor operated.

It may seem simple to you but the complex relationships between the government and our contractor base made this analysis "not simple" for us.

And, we decided to implement and migrate in four phases: test it, prove it, use it, then exploit it. We're currently in the Prove It Phase. At each phase, we will specifically assess "go/no go" to ensure we remain properly focused and successful.

Phase 1 (Test It) allowed us to focus a few pilots on different capabilities for testing and risk assessment/buy-down. We had three cloud pilots focused on different kinds of capabilities, technologies, and processes. We had a pilot that determined if commercial cloud operating models would work on our business/admin systems. We had a pilot to determine how cloud controllers did/didn't work with graphical processor units vice CPUs. And, we also did some work on data clouds for big analytics.

We're in the Prove It phase now. This phase is designed to put an enterprise-class capability on the floor. It has specific technology activities combined with many "governance-like" activities such as standard products, applications inventories, and policy development. We actually are pursuing two distinct commodity clouds: one supports business, administrative, and enterprise systems and the other supports NRO unique mission needs. Each is implementing a different cloud controller and we intend to prove necessary federation in this area. We are maintaining work on the high performance, GPU cloud. It's turned out to be sufficiently different from the commodity cloud. Our data work is proceeding along a slower pace internally while we examine potential leverage points across the Intelligence Community for smart data.

Assuming success in the Prove It phase, we intend to scale the current work for broader success. It will take a few years. We have a lot of program alignment to do in the Use It phase. Deciding which applications migrate when is likely to be a combination of those that are ready and those that are facing a major recap/refresh anyway.

Our path - as you can see - is pragmatic and methodical; we will take time to gauge our progress each year by properly measuring and analyzing results along the way. For some, our path is shockingly slow. For others, it's ridiculously rapid. We think we've built a strategy that can respond to both views - allowing those applications/capabilities that need more time, to take the time they need.

In summary, you have to plan your path so you can achieve real, practical results. You have to identify the top issues that might impede your cloud success. Within your organization, you'll need to develop plans to overcome the issues while continuing to make progress. Don't underestimate the cultural forces at work. Some members of your workforce may be hoping this new technology will just go away. Moreover, if you try to move to cloud but you don't tackle your business processes currently in place, it will be hard to achieve success. You can't deliver in hours or days if your culture is used to working things in months and years.

More Stories By Jill Tummler Singer

Jill Tummler Singer is CIO for the National Reconnaissance Office (NRO)- which as part of the 16-member Intelligence Community plays a primary role in achieving information superiority for the U.S. Government and Armed Forces. A DoD agency, the NRO is staffed by DoD and CIA personnel. It is funded through the National Reconnaissance Program, part of the National Foreign Intelligence Program.

Prior to joining the NRO, Singer was Deputy CIO at the Central Intelligence Agency (CIA), where she was responsible for ensuring CIA had the information, technology, and infrastructure necessary to effectively execute its missions. Prior to her appointment as Deputy CIO, she served as the Director of the Diplomatic Telecommunications Service (DTS), United States Department of State, and was responsible for global network services to US foreign missions.

Singer has served in several senior leadership positions within the Federal Government. She was the head of Systems Engineering, Architecture, and Planning for CIA's global infrastructure organization. She served as the Director of Architecture and Implementation for the Intelligence Community CIO and pioneered the technology and management concepts that are the basis for multi-agency secure collaboration. She also served within CIA’s Directorate of Science and Technology.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
When it comes to cloud computing, the ability to turn massive amounts of compute cores on and off on demand sounds attractive to IT staff, who need to manage peaks and valleys in user activity. With cloud bursting, the majority of the data can stay on premises while tapping into compute from public cloud providers, reducing risk and minimizing need to move large files. In his session at 18th Cloud Expo, Scott Jeschonek, Director of Product Management at Avere Systems, discussed the IT and busin...
There will be new vendors providing applications, middleware, and connected devices to support the thriving IoT ecosystem. This essentially means that electronic device manufacturers will also be in the software business. Many will be new to building embedded software or robust software. This creates an increased importance on software quality, particularly within the Industrial Internet of Things where business-critical applications are becoming dependent on products controlled by software. Qua...
In addition to all the benefits, IoT is also bringing new kind of customer experience challenges - cars that unlock themselves, thermostats turning houses into saunas and baby video monitors broadcasting over the internet. This list can only increase because while IoT services should be intuitive and simple to use, the delivery ecosystem is a myriad of potential problems as IoT explodes complexity. So finding a performance issue is like finding the proverbial needle in the haystack.
"We host and fully manage cloud data services, whether we store, the data, move the data, or run analytics on the data," stated Kamal Shannak, Senior Development Manager, Cloud Data Services, IBM, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Machine Learning helps make complex systems more efficient. By applying advanced Machine Learning techniques such as Cognitive Fingerprinting, wind project operators can utilize these tools to learn from collected data, detect regular patterns, and optimize their own operations. In his session at 18th Cloud Expo, Stuart Gillen, Director of Business Development at SparkCognition, discussed how research has demonstrated the value of Machine Learning in delivering next generation analytics to imp...
Large scale deployments present unique planning challenges, system commissioning hurdles between IT and OT and demand careful system hand-off orchestration. In his session at @ThingsExpo, Jeff Smith, Senior Director and a founding member of Incenergy, will discuss some of the key tactics to ensure delivery success based on his experience of the last two years deploying Industrial IoT systems across four continents.
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
With over 720 million Internet users and 40–50% CAGR, the Chinese Cloud Computing market has been booming. When talking about cloud computing, what are the Chinese users of cloud thinking about? What is the most powerful force that can push them to make the buying decision? How to tap into them? In his session at 18th Cloud Expo, Yu Hao, CEO and co-founder of SpeedyCloud, answered these questions and discussed the results of SpeedyCloud’s survey.
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
"This week we're really focusing on scalability, asset preservation and how do you back up to the cloud and in the cloud with object storage, which is really a new way of attacking dealing with your file, your blocked data, where you put it and how you access it," stated Jeff Greenwald, Senior Director of Market Development at HGST, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develo...
“We're a global managed hosting provider. Our core customer set is a U.S.-based customer that is looking to go global,” explained Adam Rogers, Managing Director at ANEXIA, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Basho Technologies has announced the latest release of Basho Riak TS, version 1.3. Riak TS is an enterprise-grade NoSQL database optimized for Internet of Things (IoT). The open source version enables developers to download the software for free and use it in production as well as make contributions to the code and develop applications around Riak TS. Enhancements to Riak TS make it quick, easy and cost-effective to spin up an instance to test new ideas and build IoT applications. In addition to...
Predictive analytics tools monitor, report, and troubleshoot in order to make proactive decisions about the health, performance, and utilization of storage. Most enterprises combine cloud and on-premise storage, resulting in blended environments of physical, virtual, cloud, and other platforms, which justifies more sophisticated storage analytics. In his session at 18th Cloud Expo, Peter McCallum, Vice President of Datacenter Solutions at FalconStor, discussed using predictive analytics to mon...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
IoT is rapidly changing the way enterprises are using data to improve business decision-making. In order to derive business value, organizations must unlock insights from the data gathered and then act on these. In their session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, and Peter Shashkin, Head of Development Department at EastBanc Technologies, discussed how one organization leveraged IoT, cloud technology and data analysis to improve customer experiences and effi...
SYS-CON Events announced today that Isomorphic Software will exhibit at DevOps Summit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, cutting-edge enterprise web applications for desktop and mobile. SmartClient combines the productivity and performance of traditional desktop software with the simp...
"We've discovered that after shows 80% if leads that people get, 80% of the conversations end up on the show floor, meaning people forget about it, people forget who they talk to, people forget that there are actual business opportunities to be had here so we try to help out and keep the conversations going," explained Jeff Mesnik, Founder and President of ContentMX, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.