Study: Factor In Risk With Cloud Computing Strategy

"The IT industry is working to woo enterprise buyers to the cloud, and many suppliers are positioned to deliver on most of the cloud's benefits," Ross Tisnovsky, vice president of research at IT consultant Everest, said in a statement about the report, titled "Everest ITO Study: Cloud Computing Can Benefit Traditional Enterprise Setups."

"However, the cloud conundrum lies in the fact that IT demand best served by the cloud is also the most challenging to serve from the cloud. While cloud services offer a strong business case over a traditional enterprise setup, the buyer's cloud adoption strategy should not be based on cost savings alone," Tisnovsky said. "Buyers also must factor in associated risks, which need to be understood in the early stages while evaluating long-term strategies and approaches to cloud computing."

Those challenges include fragmented application portfolios, lack of cloud standards, security, system performance and management control. In addition, security breaches, downtime, business disruption, and regulatory non-compliance issues pose significant concerns to buyers, and Everest predicts broad-based standards won't come for 18 months or longer. In response, vendors are responding to buyers' concerns by focusing on robust management toolsets to manage risks.

Cloud computing brings incremental risks to a data center, Everest found. For example, suppliers may use some customers as test-beds for innovations, thereby affecting those clients' systems' performance. In addition, customers may not know the exact location of their data, and backup and restore in a multi-client facility are complex.

The study found that the common view of cloud computing seems to ignore Operations-as-a-Service (OaaS), which avoids data privacy and security issues. The report recommends leveraging OaaS and building around a modular approach, including services such as back-up, server monitoring, and license management, which can be standardized and encapsulated into self-contained units of IT operations services. Those independent modules could then be combined into customized customer solutions, particularly to cloud early adopters.