Cloud Lessons

The cloud is a panecea, an IT elixir that is the solution to virtually everything and everything virtual.
The cloud's powers are endless, literally without bound -- and replicating faster than you can upload new data.
Or is it? Read on. Caron Carlson of FierceCIO covered an article originally written by David Taber in CIO.
Talk to us at AIS if you want to harness the power of the cloud yet stay firmly grounded in reality and best practices.
Emphasis in red added by me.
Brian Wood, VP Marketing

Cloud lessons learned the hard way

It makes good theoretical sense for users to drive their own IT, and cloud applications and services make this easier every day. Too often, however, users lack the training, skills and discipline to roll out an organized technology strategy, cautions consultant David Taber in a post at CIO magazine. He spells out three cloud services lessons that have been learned the hard way.
With cloud customers cropping up all over the enterprise, there is effectively no system ownership once a service or application is up and running, writes Taber who says his "entire consulting firm is based on fixing cloud systems that have been put in quickly and managed haphazardly, if managed at all." Lack of staff dedicated to the service puts a company in a vulnerable position because of the potential cost of lost or compromised data.
The first lesson is that data tends not to be expunged from the cloud even when you delete it. Data back-up and replication in the cloud is optimized for high performance and fast failover, rather than for easy expunging. So even though a deleted file will no longer be in view, it will probably remain in one version or another.

"Why do you care?" Taber asks. "Next time you go through a legal discovery process, the smart opposing council will hire a forensic expert witness to look through all the files and records you thought had been deleted. Have fun with that."
The second lesson is that a cloud customer needs a "data steward," which is a business analyst who knows what data shouldn't be stored in the cloud, who can set up naming conventions and file trees, and who can keep data from becoming polluted and validate reports.
Finally, even though end users love the ease of procuring cloud services, they often end up looking for the leverage and efficiency of an IT system, Taber warns. However, this requires a system architect and a "general contractor" to manage cloud services and get the most out of them.


3 Deep, Dark Secrets of Cloud Computing

Everybody uses the cloud. How can there be any secrets? Many companies had to learn these three little lessons the hard way, but there's no reason your business can't learn from those mistakes.
The promise of cloud computing is that you, the customer, don't ever have to buy another server, back up another disk drive or worry about another software upgrade. All those promises are true—and now there are multimillion-dollar companies without a single server closet. Cool.
Unfortunately, too often cloud applications and services are bought by people who really shouldn't be buying. Sure, they may have the budget—did you hear Gartner's prediction that the CMO will spend more on tech than the CIO by 2017?—but that doesn't mean they necessarily have the training to make good IT decisions, let alone the discipline or skills in their underlings to actually execute a coordinated technology strategy.
I'm not criticizing user-driven IT. The users should be driving. But, to make IT really work and scale, projects have to be done with skill sets and a focus that are rare in user departments. My entire consulting firm is based on fixing cloud systems that have been put in quickly and managed haphazardly, if managed at all. (Not that I'm not trashing any one vendor here. This article applies to almost any serious cloud service.) This is a clear case of "Pay me now, or pay me (much more) later."
With too many customers, system ownership is effectively set to null almost immediately after a cloud service or application is turned. After all, there's no hardware or software to manage. The service just runs itself. Why dedicate any staff?
That might look like a reasonable economy, but it leads to huge costs soon enough. Why? The system isn't the critical asset. The data is. The data in almost any cloud system is worth far more than whatever you pay on a monthly or even yearly basis. If your data gets gunked up or made meaningless, that could cost you a lot of profits—or even get you in some trouble.
Let's look at three lessons too many companies have learned the hard way by making themselves vulnerable in the cloud.

Lesson #1: The Cloud Never Forgets

Since your data is valuable, you want it to be backed up and replicated for disaster recovery and failover. Any commercial-grade cloud service will be doing this for you. Fine.
Now, think about how the services do it. They have hundreds of thousands of users banging on the same server clusters. Their replication services that run on everybody's data have to constantly stream updates from the local disk array over to the remote disaster recovery site(s). As this happens continuously, their replication has to be optimized for high performance, low latency and quick failover time. But it's nearly impossible to simultaneously optimize that service for ease of file purging.
So when you delete a record, that deletion won't be propagated to each and every version that was ever stored on the system. The record or file will disappear from view, but that doesn't mean it's been expunged.
Why do you care? Next time you go through a legal discovery process, the smart opposing council will hire a forensic expert witness to look through all the files and records you thought had been deleted. Have fun with that.

Lesson #2: Data in the Cloud Needs a Steward

Since your data is always more valuable than the system that stores it, the data in the cloud needs a data steward. This isn't a system administrator; rather, it's a business analyst who can do the following:

  • Say what data should and, more importantly, should not be stored in the cloud. This will help you avoid a discovery problem, a PCI audit, a HIPAA or FERPA or (name your favorite acronym) compliance problem.
  • Be the custodian of the meaning of data. You know, little things such as "What's a customer?" or "What's the significance of an overdue Severity 1 Case?"
  • Establish naming conventions and trees for files, directories and other hierarchical relationships, such as "parent account" vs. "operating division."
  • Serve as the gatekeeper for imports and data that flows across systems, making sure that semantics don't get blurred and that pollution sources are filtered or corrected at the source.
  • Develop the right procedures for backups, record merges or the creation of parent-child relationships. You wouldn't believe how many ways there are to get this wrong—and how many weeks of wasted effort can occur due to a well-intentioned error.
  • Validate the results of reports, making sure the right variables have been used for filtering, grouping and rollups. Too often, different vice presidents base their decisions on totally different data, causing no end of confusion.

The good news is that data stewardship isn't a full-time job. The bad news is that the data steward has to have a pretty good range of political and technical savvy. Typically, this is a position you should recruit for inside, rather than outside. If you can't find one person to do it, have a pair of people who are rotated into and out of the position no more often than once a year.
But data stewardship is only half the battle.

Lesson 3: Since the Cloud Replaces Internal IT, It Must Be Managed Like IT

Users tend to think of a cloud purchase as a "solution." No more hard work until renewal time. What's going through their heads? "See, we skipped the need for IT and all that overhead!"
The moment they start to take a cloud system seriously, though, users want mash-ups, custom code and the capability to drag and drop items from the desktop. They want to integrate with other data sources inside and outside the company. Executives want reports and dashboards.
In other words, everyone will want the leverage and efficiency of an IT system. Those benefits only come when there's an architect and a "general contractor" working together, not just a "workman."
The irony is that the home turf for cloud vendors—small businesses and departments of larger companies—are the least likely to appreciate this. Large enterprises know that it takes time and discipline to properly exploit the cloud.
If all this comes as a surprise, let me comfort you with this. You're in good company. In my next article, I'll give you a quick self-assessment questionnaire to help you identify the first steps in your get-well program.

Would love your thoughts, please comment.x


Would love your thoughts, please comment.x