Cloud computing perspectives and questions
The World Economic Forum started a research project at Davos 2009 concerning cloud computing, which they broadly define to include all kinds of remote services, from Software as a Service to virtual machines.
Andy Oram was asked to provide some ideas on the implications of cloud computing on business as well as its future operating environment. This wiki is a discussion forum where anyone with relevant and valid ideas can suggest points for his reply.
- What degree of geographic distribution offers sufficient safety for:
- Individuals or small companies
- Major corporations and organizations with reliability requirements
- Defense and other sensitive government functions
- Benefits of automatically distributing files, perhaps among multiple vendors (example; Cleversafe)
- Potential targets for attack in war or by terror
- Should there be resilience standards?
- Related to #Portability
- Importance: Backups are recommended for persistent data to another system or service outside of the cloud.
- Feasibility: All APIs can be emulated, so in theory organizations can use the same scripts and procedures to replicate operations in multiple services
- Trends: There are calls for "open cloud computing," referring to standards that would facilitate portability.
- Standards could lead to automatic, instant migration between cloud vendors.
- As with all standardization, it's hard to:
- Get vendors to cooperate on advances that would reduce client lock-in
- Slow down innovation in an emerging technology enough to produce a standard
Benefits and drawbacks for potential clients
- Total reliance on a cloud service (virtual machine services or SaaS)
- May be valuable for start-ups and skunkworks
- For larger organizations, useful for some well-defined functions,
particularly non-critical ones. (But note that many companies use services for customer relations management and for paying employees, which could be considered critical functions.)
- Requires a thorough understanding of the cloud service's
operations, the risks involved, and management techniques to handle the service and its risks.
- Use of cloud to supplement in-house operations
- May be useful for:
- Handling peaks and spikes
- Planning growth that will eventually be moved in-house
- Requires skills in both domains (in-house and cloud) as well as
strategies for migrating and replicating between them.
- Energy trade-offs between concentrated megaservers and smaller systems distributed around the world.
- Impacts on localities where huge server farms are built.
- Related to #Portability
- Cloud eviscerates software freedom:
- New software and patches can be built on free software while still
being hidden behind the cloud (except free software under the rarely used Affero GPL).
- (Mostly in regard to Saas) Even releasing the source code would
have little to no effect, because the real lock-in for cloud services is its role as central repository: storing the data and (for sites with community aspects) providing connections among different visitors.
- Open formats so clients can extract data and reuse it elsewhere
- Cost and time to develop new software has decreased so much that
SaaS features are no longer such a big selling point (see article, Free software meets corporate needs, including Software as a Service
- As alternative to centralized services, promote radically
- Individuals maintain control of their own data and data processing
and peer with others to share data and processing.
- Requires heightened identity and validation technologies (see articles
- Use of popular cloud services (such as Google Docs)
- Familiar to staff and public alike, and therefore easy to promote use
- Quick and cheap to set up
- Allows integration of government message and discussion with other popular forums
- Often have policies that run counter to government needs:
- Services may access visitor data in ways that treat privacy
- Services may force visitors to take on liability requirements
that governments cannot do.
- Lack the reliability, and sometimes the security, that the public
has a right to expect of government services.
- May not have features governments need.
- Should governments collaborate on producing public-domain or open-source social networks and cloud services tailored to their needs?