Cloud computing perspectives and questions
The World Economic Forum started a research project at Davos 2009 concerning cloud computing, which they broadly define to include all kinds of remote services, from Software as a Service and social networking to virtual machines.
Andy Oram was asked to provide some ideas for the implications of cloud computing on business as well as its future operating environment. This wiki is a discussion forum where anyone with relevant and valid ideas can suggest points for his reply.
- What degree of geographic distribution offers sufficient safety for:
- Individuals or small companies
- Major corporations and organizations with reliability requirements
- Defense and other sensitive government functions
- Benefits of automatically distributing files, perhaps among multiple vendors (example; Cleversafe)
- Potential targets for attack in war or by terror
- Should there be resilience standards?
- Related to #Portability
- Importance: Backups are recommended for persistent data to another system or service outside of the cloud.
- Feasibility: All APIs can be emulated, so in theory organizations can use the same scripts and procedures to replicate operations in multiple services
- Trends: There are calls for "open cloud computing," referring to standards that would facilitate portability.
- Standards could lead to automatic, instant migration between cloud vendors.
- As with all standardization, it's hard to:
- Get vendors to cooperate on advances that would reduce client lock-in
- Slow down innovation in an emerging technology enough to produce a standard
Benefits and drawbacks for potential clients
- Total reliance on a cloud service (virtual machine services or SaaS)
- May be valuable for start-ups and skunkworks
- For larger organizations, useful for some well-defined functions, particularly non-critical ones. (But note that many companies use services for customer relations management and for paying employees, which could be considered critical functions.)
- Requires a thorough understanding of the cloud service's operations, the risks involved, and management techniques to handle the service and its risks.
- Use of cloud to supplement in-house operations
- May be useful for:
- Handling peaks and spikes
- Planning growth that will eventually be moved in-house
- Requires skills in both domains (in-house and cloud) as well as strategies for migrating and replicating between them.
- Energy trade-offs between concentrated megaservers and smaller systems distributed around the world.
- Impacts on localities where huge server farms are built.
- Related to #Portability
- Cloud eviscerates software freedom:
- New software and patches can be built on free software while still being hidden behind the cloud (except free software under the rarely used Affero GPL).
- (Mostly in regard to Saas) Even releasing the source code would have little to no effect, because the real lock-in for cloud services is its role as central repository: storing the data and (for sites with community aspects) providing connections among different visitors.
- Open formats so clients can extract data and reuse it elsewhere
- Cost and time to develop new software has decreased so much that SaaS features are no longer such a big selling point (see article, Free software meets corporate needs, including Software as a Service
- As alternative to centralized services, promote radically distributed systems
- Individuals maintain control of their own data and data processing and peer with others to share data and processing.
- Requires heightened identity and validation technologies (see articles From P2P to Web Services: Addressing and Coordination and From P2P to Web Services: Trust
- Use of popular cloud services (such as Google Docs)
- Familiar to staff and public alike, and therefore easy to promote use
- Quick and cheap to set up
- Allows integration of government message and discussion with other popular forums
- Often have policies that run counter to government needs:
- Services may access visitor data in ways that treat privacy cavalierly.
- Services may force visitors to take on liability requirements that governments cannot do.
- Lack the reliability, and sometimes the security, that the public has a right to expect of government services.
- May not have features governments need.
- Should governments collaborate on producing public-domain or open-source social networks and cloud services tailored to their needs?