Plan Cloud Migrations Carefully to Avoid Finger Pointing Later: Expert

Although the cloud-computing market is growing rapidly, organizations should take a measured and deliberate approach to how they adopt the cloud.

That was the key takeaway from Jim Reavis’ opening keynote on megatrends in cloud computing at "Cloud Computing: Securely Moving From the Fringes to the Mainstream," a Ziff Davis Enterprise Digital University presentation on June 22. Reavis, the executive director of the Cloud Security Alliance, addressed why enterprises are moving applications to the cloud and discussed the importance of properly planning the migration.

Cloud computing empowers people within an organization, Reavis said, noting that anyone with a credit card can now get the computing resources they need. With the cloud, IT and line-of-business departments can be agile and open up more opportunities.

"This is a revolution. We need to think about it that way, not as the death of IT," Reavis said.

Organizations are attracted to the cloud’s promise of greater efficiency. Regardless of what is being moved, such as migrating email operations to the cloud, it’s "not unusual" to hear companies claim metrics of "six to 10 times more efficient," when discussing the cloud, according to Reavis.

There are also significant cost savings, as high as 75 percent, among organizations. The federal government recently claimed cost savings of as much as 90 percent, Reavis said, noting that the amount included time saved, benefits from getting to the market quickly and reduced development costs.

Many organizations think about moving applications to the cloud and take the outsourcing mindset, and don’t think about the underlying architecture. There are a lot of nuances about the cloud, and organizations have to do proper assessment and think through their responsibilities, Reavis said.

The Cloud Security Alliance, a "social network and professional organization" of people interested in the cloud, offers various best-practices documents and a "pretty good primer on things to think through," Reavis said. Organizations can take advantage of the guidance tools on the site to make sure they are addressing their specific concerns and needs, such as application security, virtualization and operations. Otherwise, there will be issues, "and lots of fingerpointing," Reavis said.

There are trust issues, and transparency is one of them. Organizations have compliance concerns and questions about making sure their data is protected. For small and midsize businesses, the cloud will always provide more security than they could ever manage on their own, Reavis said. For larger enterprises, they need to request the provider do specific security tasks to fit their requirements.

There has been some downtime with cloud providers, but it "hasn’t been that bad," Reavis said. Most of the problems have been the result of people not doing their due diligence in planning for business continuity and disaster recovery. Organizations are beginning to realize that, and there has been a "lot of learning" as they go back to ask those questions, figure out how to get redundancy and look at their contracts, according to Reavis.

There’s a learning curve, but it’s one that is reasonable, Reavis said.

There is a sense that the cloud will result in IT professionals getting laid off. Reavis said the cloud actually has a greater need for skilled IT folks, and provides an opportunity for professionals to update and enhance their existing skill sets. Moving to the cloud will hit people with primarily operations skills the hardest, such as desktop management, as those jobs will be pushed out to the cloud provider. However, IT departments will continue to need analysts and people with a strong understanding of how to optimize the cloud, Reavis said.