@CloudExpo Authors: Carmen Gonzalez, Pat Romanski, Liz McMillan, Yeshim Deniz, Elizabeth White

Related Topics: @CloudExpo, Microservices Expo, Containers Expo Blog, API Journal, Agile Computing, Apache, Cloud Security

@CloudExpo: Article

Cloudwashing the Cloud Brokerage

Cloud Brokerages are a hot topic - for better or worse.

Since ZapThink wrote our ZapFlash on Cloud Brokerages in April 2011, the Cloud Brokerage marketplace has exploded. Or at the very least, the noise level involving such Brokerages has reached a fever pitch, which the vendors in the space want you to think is the sound of an exploding market anyway. Regardless of your level of cynicism, however, there’s no question that Cloud Brokerages are a hot topic. But as with so many new markets, confusion reigns—in large part because such Brokerages come in so many different flavors. That being said, this market also suffers from rampant Cloudwashing, which refers to vendors (and service providers) who stick the “Cloud” label on existing offerings to take advantage of the Cloud hype. Let’s see if we can separate the steak from the sizzle and delineate how Cloud Brokerages are actually supposed to work.

Gartner: Cloudwashing Facilitator
For better or worse, many people turn to Gartner when they have questions about nascent IT markets. Gartner, however, is a vendor-driven market research firm, rather than a purveyor of vendor-independent best practices. Their research on Cloud Brokerages is a case in point. Gartner defines a Cloud Service Brokerage (CSB) as being composed of three core roles: aggregation, integration, and customization. They point out that the role of Aggregation Broker aligns with the traditional distributor role; the Integration Broker corresponds to the system integrator (SI); and the Customization Broker similarly aligns with the independent software vendor (ISV).

What’s wrong with this picture is that distributors, SIs, and in particular ISVs pay most of Gartner’s bills. So when they conduct their research, they talk to their customers and find out what kinds of CSBs they’re offering. And what do those customers say? I’m a distributor, but now I’m a Cloud Aggregation Broker! I’m an SI, but now I’m a Cloud Integration Broker! And most tellingly: I’m a software vendor, but now I’m a Cloud Customization Broker! It doesn’t really matter if any of these players have something that actually works, or even if it does, it may have little or nothing to do with the Cloud, and there’s no guarantee that any enterprise buyer will actually want what they’re peddling. But hey, it’s an emerging market, so what do you expect?

Contrast Gartner’s list of CSB roles with those from the US Department of Commerce’s National Institute for Standards and Technology (NIST). According to NIST’s Cloud Conceptual Reference Diagram, CSBs have three core capabilities: aggregation, arbitrage, and intermediation. Yes, NIST and Gartner both agree on the importance of aggregation, but that’s where the meeting of minds diverges. NIST calls for arbitrage (support for dynamic pricing in a Cloud services marketplace), but arbitrage isn’t on Gartner’s list. Why not? Perhaps because Gartner didn’t have any Cloud arbitrage vendors to interview when they did their research? Your guess is as good as ours.

As for intermediation, NIST has something quite different in mind from Cloud integration. When a Brokerage intermediates between Cloud customers and Cloud Service Providers (CSPs), the Brokerage provides a range of business-related capabilities, including assurance, consolidated invoicing, and SLA management, independent of whether the Brokerage is also providing integration capabilities between Cloud customers and CSPs. True, CSBs may end up offering integration as well, but more likely as an advanced capability that will become a reality down the road a few years. So why has Gartner included it and not intermediation? Because of the SIs, as well as the B2B integration vendors who have all Cloudwashed their offerings into Cloud Integration Brokerages.

The Two Cloud Brokerage Lifecycles
Instead of taking a vendor-centric perspective on CSBs, let’s think about how people might actually use them. There are two basic types of users for a CSB: the CSP who wishes to make its offering available in the Brokerage, and the Cloud customer who is looking for services from a CSP and is calling upon the CSB to help in some fashion. We expect such customers to be large enterprises who have several departments or divisions who wish to access Cloud services. For such organizations, the Brokerage serves to present a single face to the CSPs while supporting each department’s individual requirements for Cloud services.

To understand the role of the CSB, let’s start with the lifecycle from the CSP’s perspective:

  1. Registration – The CSP must register with the Brokerage in order to begin the enrollment process.

  2. Certification/Assessment – The CSB will assess the candidate CSPs and certify the ones that qualify to join the Brokerage.

  3. Enrollment – The CSP follows the Brokerage’s process for making its services available via the Brokerage.

  4. Negotiation – Once a customer selects the CSP through the Brokerage, the parties must negotiate a business arrangement. The Brokerage may act as an intermediary or simply hand off the negotiation to the two parties.

  5. Provisioning – The Brokerage may assist the CSP in provisioning Cloud resources for the customer.

  6. Management – Management comes in two flavors: business management, where the Brokerage handles invoicing, payments, and other business interactions on behalf of the parties; and technical management, where the Brokerage assists in SLA monitoring and other technical management tasks.

  7. Assurance – The Brokerage may provide auditing and other assurance activities on behalf of customers to insure CSPs are in compliance with required regulations and other policies.

  8. Integration – In some cases the Brokerage may act as an integration hub between CSPs and customers.

  9. Support – The CSP must support the customer, and the CSB may act as an intermediary for such support.

  10. Deprovisioning – If the customer wishes to discontinue a relationship, the Brokerage may assist with deprovisioning. This step may include delivering data to the customer, confirming customer data no longer reside in the Cloud environment, and wrapping up the business relationship. If the relationship between CSP and customer went south, the CSB may even be called upon to provide litigation support.

Now, let’s take a look at the CSB lifecycle from the Cloud customer’s perspective:

  1. Research – The CSB must provide information to potential customers so that they can make informed decisions about Cloud options available to them through the Brokerage.

  2. Qualification – The customer enters its criteria for Cloud services into the Brokerage, and the Brokerage should only show CSPs and individual Cloud services that meet the customer’s requirements.

  3. Assessment – The CSB may assess the customer’s business or technical environment in order to gauge suitability for particular services available through the Brokerage.

  4. Selection – The customer selects services through the Brokerage.

  5. Negotiation – The Brokerage supports the ability for customers and CSPs to negotiate business terms, either by facilitating direct communication or via automated intermediation, which would typically include arbitrage capabilities.

  6. Acceptance – The customer is able to accept the business terms it selects via the Brokerage.

  7. Onboarding – The Brokerage supports the customer’s efforts to provision Cloud resources, either by facilitating direct interactions between customer and CSP or via an automated onboarding capability.

  8. Management – Management appears on both the CSP and customer lifecycles because it always involves managing the relationships between the two (both business and technical).

  9. Assurance – Assurance also involves both customer and CSP. The Brokerage may take a limited or active role. The CSB will interface with the organization’s Information Assurance organization, but the CSB’s involvement doesn’t absolve the CSP or the Cloud customer from performing their due diligence in meeting their respective security and compliance objectives.

  10. Integration – When the Brokerage acts as an integration hub.

  11. Failover – Many customers will use the Brokerage to handle switching from one CSP to another. Such failover may occur as the result of a technical problem (e.g., a denial of service attack brings down the primary CSP) or a business problem (the primary CSP no longer offers the best deal, or in the extreme case, the CSP goes out of business).

  12. Offboarding – The Brokerage may also handle wrapping up business loose ends should the customer cancel its relationship with a CSP.

The ZapThink Take
The point to listing so many steps on the two CSB lifecycles isn’t to propose a final definition of such lifecycles, of course – the market is far too young for that. If anything, they are wish lists for what we might want Cloud Brokerages to do for us, based not on Brokerage-related products and services on the market today, but rather on what people expect Cloud Brokerages to do. But as with any technical capability, what you want it to do depends upon the core business problems you’re looking to solve. In the case of Cloud Brokerages, there remains a rather diverse set of potential business drivers that is leading the marketplace to grow in a complex, messy fashion.

Not only will individual organizations’ requirements for Brokerages differ, ZapThink is also seeing divergence of requirements among industries. In particular, the US Federal Government is very interested in Cloud Brokerages, with Requests for Information from the General Services Administration (GSA) as well as the Defense Information Systems Agency (DISA). In both cases, one of the Government’s key requirements is to support fair competition among CSPs – contrary to private sector customers, who couldn’t care less about such competition, except insofar as it leads to lower prices in the marketplace.

In some ways, the Government is like any other large enterprise. It has hundreds of agencies, each of which may have dozens of individual programs, all clamoring for Cloud services. They are looking to Brokerages to support the ability for such programs to select the best CSP offering for their needs, while providing the best overall value to the Government as a whole. On the other hand, in its role of promoting the general welfare of the people of the US, it is uniquely qualified to foster competition among CSPs and Cloud vendors, leading to better quality and lower prices for everyone.

Image credit: Karen and Brad Emerson

More Stories By Jason Bloomberg

Jason Bloomberg is the leading expert on architecting agility for the enterprise. As president of Intellyx, Mr. Bloomberg brings his years of thought leadership in the areas of Cloud Computing, Enterprise Architecture, and Service-Oriented Architecture to a global clientele of business executives, architects, software vendors, and Cloud service providers looking to achieve technology-enabled business agility across their organizations and for their customers. His latest book, The Agile Architecture Revolution (John Wiley & Sons, 2013), sets the stage for Mr. Bloomberg’s groundbreaking Agile Architecture vision.

Mr. Bloomberg is perhaps best known for his twelve years at ZapThink, where he created and delivered the Licensed ZapThink Architect (LZA) SOA course and associated credential, certifying over 1,700 professionals worldwide. He is one of the original Managing Partners of ZapThink LLC, the leading SOA advisory and analysis firm, which was acquired by Dovel Technologies in 2011. He now runs the successor to the LZA program, the Bloomberg Agile Architecture Course, around the world.

Mr. Bloomberg is a frequent conference speaker and prolific writer. He has published over 500 articles, spoken at over 300 conferences, Webinars, and other events, and has been quoted in the press over 1,400 times as the leading expert on agile approaches to architecture in the enterprise.

Mr. Bloomberg’s previous book, Service Orient or Be Doomed! How Service Orientation Will Change Your Business (John Wiley & Sons, 2006, coauthored with Ron Schmelzer), is recognized as the leading business book on Service Orientation. He also co-authored the books XML and Web Services Unleashed (SAMS Publishing, 2002), and Web Page Scripting Techniques (Hayden Books, 1996).

Prior to ZapThink, Mr. Bloomberg built a diverse background in eBusiness technology management and industry analysis, including serving as a senior analyst in IDC’s eBusiness Advisory group, as well as holding eBusiness management positions at USWeb/CKS (later marchFIRST) and WaveBend Solutions (now Hitachi Consulting).

@CloudExpo Stories
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
@ThingsExpo has been named the Top 5 Most Influential Internet of Things Brand by Onalytica in the ‘The Internet of Things Landscape 2015: Top 100 Individuals and Brands.' Onalytica analyzed Twitter conversations around the #IoT debate to uncover the most influential brands and individuals driving the conversation. Onalytica captured data from 56,224 users. The PageRank based methodology they use to extract influencers on a particular topic (tweets mentioning #InternetofThings or #IoT in this ...
Virgil consists of an open-source encryption library, which implements Cryptographic Message Syntax (CMS) and Elliptic Curve Integrated Encryption Scheme (ECIES) (including RSA schema), a Key Management API, and a cloud-based Key Management Service (Virgil Keys). The Virgil Keys Service consists of a public key service and a private key escrow service. 

In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, will discuss how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team a...
OnProcess Technology has announced it will be a featured speaker at @ThingsExpo, taking place November 1 - 3, 2016, in Santa Clara, California. Dan Gettens, OnProcess’ Chief Analytics Officer, will discuss how Internet of Things (IoT) data can be leveraged to predict product failures, improve uptime and slash costly inventory stock. @ThingsExpo is an annual gathering of IoT and cloud developers, practitioners and thought-leaders who exchange ideas and insights on topics ranging from Big Data in...
SYS-CON Events announced today that Cemware will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Use MATLAB functions by just visiting website mathfreeon.com. MATLAB compatible, freely usable, online platform services. As of October 2016, 80,000 users from 180 countries are enjoying our platform service.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
SYS-CON Events announced today that StarNet Communications will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. StarNet Communications’ FastX is the industry first cloud-based remote X Windows emulator. Using standard Web browsers (FireFox, Chrome, Safari, etc.) users from around the world gain highly secure access to applications and data hosted on Linux-based servers in a central data center. ...
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and ...
SYS-CON Events announced today that eCube Systems, the leading provider of modern development tools and best practices for Continuous Integration on OpenVMS, will exhibit at SYS-CON's @DevOpsSummit at Cloud Expo New York, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. eCube Systems offers a family of middleware products and development tools that maximize return on technology investment by leveraging existing technical equity to meet evolving business needs. ...
More and more companies are looking to microservices as an architectural pattern for breaking apart applications into more manageable pieces so that agile teams can deliver new features quicker and more effectively. What this pattern has done more than anything to date is spark organizational transformations, setting the foundation for future application development. In practice, however, there are a number of considerations to make that go beyond simply “build, ship, and run,” which changes ho...
Digitization is driving a fundamental change in society that is transforming the way businesses work with their customers, their supply chains and their people. Digital transformation leverages DevOps best practices, such as Agile Parallel Development, Continuous Delivery and Agile Operations to capitalize on opportunities and create competitive differentiation in the application economy. However, information security has been notably absent from the DevOps movement. Speed doesn’t have to negat...
I'm a lonely sensor. I spend all day telling the world how I'm feeling, but none of the other sensors seem to care. I want to be connected. I want to build relationships with other sensors to be more useful for my human. I want my human to understand that when my friends next door are too hot for a while, I'll soon be flaming. And when all my friends go outside without me, I may be left behind. Don't just log my data; use the relationship graph. In his session at @ThingsExpo, Ryan Boyd, Engi...
There is growing need for data-driven applications and the need for digital platforms to build these apps. In his session at 19th Cloud Expo, Muddu Sudhakar, VP and GM of Security & IoT at Splunk, will cover different PaaS solutions and Big Data platforms that are available to build applications. In addition, AI and machine learning are creating new requirements that developers need in the building of next-gen apps. The next-generation digital platforms have some of the past platform needs a...
Join Impiger for their featured webinar: ‘Cloud Computing: A Roadmap to Modern Software Delivery’ on November 10, 2016, at 12:00 pm CST. Very few companies have not experienced some impact to their IT delivery due to the evolution of cloud computing. This webinar is not about deciding whether you should entertain moving some or all of your IT to the cloud, but rather, a detailed look under the hood to help IT professionals understand how cloud adoption has evolved and what trends will impact th...
Successful digital transformation requires new organizational competencies and capabilities. Research tells us that the biggest impediment to successful transformation is human; consequently, the biggest enabler is a properly skilled and empowered workforce. In the digital age, new individual and collective competencies are required. In his session at 19th Cloud Expo, Bob Newhouse, CEO and founder of Agilitiv, will draw together recent research and lessons learned from emerging and established ...
Effectively SMBs and government programs must address compounded regulatory compliance requirements. The most recent are Controlled Unclassified Information and the EU’s GDPR have Board Level implications. Managing sensitive data protection will likely result in acquisition criteria, demonstration requests and new requirements. Developers, as part of the pre-planning process and the associated supply chain, could benefit from updating their code libraries and design by incorporating changes.
Whether they’re located in a public, private, or hybrid cloud environment, cloud technologies are constantly evolving. While the innovation is exciting, the end mission of delivering business value and rapidly producing incremental product features is paramount. In his session at @DevOpsSummit at 19th Cloud Expo, Kiran Chitturi, CTO Architect at Sungard AS, will discuss DevOps culture, its evolution of frameworks and technologies, and how it is achieving maturity. He will also cover various st...
Enterprises have been using both Big Data and virtualization for years. Until recently, however, most enterprises have not combined the two. Big Data's demands for higher levels of performance, the ability to control quality-of-service (QoS), and the ability to adhere to SLAs have kept it on bare metal, apart from the modern data center cloud. With recent technology innovations, we've seen the advantages of bare metal erode to such a degree that the enhanced flexibility and reduced costs that ...
Qosmos, the market leader for IP traffic classification and network intelligence technology, has announced that it will launch the Launch L7 Viewer at CloudExpo | @ThingsExpo Silicon Valley, being held November 1 – 3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The L7 Viewer is a traffic analysis tool that provides complete visibility of all network traffic that crosses a virtualized infrastructure, up to Layer 7. It facilitates and accelerates common IT tasks such as VM migra...