IT Performance Improvement
Networking and Telecommunications
Share This Article
Integration: The Missing Link in the Cloud
Cloud computing or cloud-based solutions have been portrayed as a panacea for companies looking for the flexibility and scalability they need to grow their businesses, while keeping costs down. The cloud does bring incredible economic and technical benefits to any company, small to large, ranging from lower capital expenditures and ease of management to an easy extension of existing infrastructure and a faster time to market for new ideas or applications.
However, many companies are moving data and business processes to the cloud without the appropriate due diligence. And once in the cloud, many companies are having a "what did I do?" kind of moment, when they realize they now have information in multiple places or that the exact processes they were trying to improve are now disjointed. Integration and the ability to have one source of truth for data and easily share information across internal and external systems needs to be thought about proactively before the cloud migration, not afterwards.
Unfortunately for many businesses, data, application or business-to-business (B2B) integration is an afterthought when evaluating the cloud, and it becomes the stumbling block that prevents companies from realizing the cloud's true benefits.
Companies should absolutely look at how the cloud could improve their agility and business impact, but there are three key rules I recommend when evaluating a cloud migration or implementation:
- Start small and grow: Don't start with a huge rip and replace initiative. You would not do that in your on-premise network infrastructure, so why would the cloud be any different. Start with a single application, process or initiative, such as storage, test environment, or a new Web-based application for a non-business critical process, such as recruiting. Once you've proven the model works for your company and can show clear metrics of success, then move on to the next cloud project. This approach works for all companies, and in fact, at the recent Interop 2011 conference, Boeing's cloud strategy director talked about how they are not planning to move all 8,000 applications to the cloud at once, but take an incremental approach. They started by leveraging cloud-based integration and leveraging a cloud-based development and test environment by a company called Skytap.
- Extend and augment your existing infrastructure: One of the most powerful benefits of the cloud is that it can seamlessly extend what you are already doing. For example, one company I know used the cloud to improve its disaster recovery capability. Rather than building a new, expensive, physical data center, it leveraged a cloud-based DR platform to quickly enable improved failover operations with minimal expense. Note that the company did not move its primary data center to the cloud but its secondary. I believe that the majority of companies will always take a "hybrid" approach to the cloud, meaning there will always be on-premise and cloud-based elements to the infrastructure, and the key is ensuring they work together and complement each other.
- Understand what is behind the cloud platform:
While this may sound obvious, behind every cloud solution is a physical data center. You'd be amazed how often really smart people forget this fact, and therefore, do not undergo the analysis of that physical data center powering the cloud. Any cloud platform or vendor with which you work with should use industry best practices around network management and security. Also, make sure you understand the potential players behind your cloud solution. Some software-as-a-service (SaaS) solutions are built on another vendor's application platform-as-a-service (PaaS), which may be leveraging another cloud vendor's infrastructure-as-a-service (IaaS), meaning you need to understand each layer's strengths and potential weak links. Remember the recent Amazon cloud crash? This was exactly why it impacted so many companies. By the way, this is true whether you are leveraging a private or public cloud (a whole other issue that drives mass confusion that would take a separate conversation).
Figure 1. The cloud models (SaaS, PaaS, IaaS, etc.) are already blurring, so make sure you understand the capabilities at each layer.
Focus on the Information, Not the Delivery Model
The cloud conversation is not so different from how ten years ago we were talking about remote access to our networks. At that time, IT managers were faced with a growing mobile workforce, which demanded access to the network from anywhere, anytime and from any number of mobile devices. Network administrators quickly realized that the old "castle and moat" perimeter security model wasn't working, because there truly was no way to lock down the network and prevent holes in the firewall, while still enabling the business. And this was the start of the new world of business technology where IT had to show how it was enabling the business and helping it succeed, rather than just focusing on keeping it running.
With the so-called "deperimeterization" of the network, the focus was on access to and protection of the data. So, the perimeter moved inward and security was designed to protect applications and information those employees and others needed access to easily. The same is true for the cloud. See the cloud as an extension of your on-premise infrastructure and holistically architect your model to ensure data security and secure access to that information.
So, how do you do that? Start with the information. Where does the information reside today? For many companies, I recommend looking at how you are sharing and accessing data in your current on-premise world. If you don't have a way for people to easily access and share data, then fix this before you start moving data to the cloud and adding a layer of complexity. Also, make sure that your data is tied to an automated business process workflow. By both understanding where the information resides, how it aligns to the broader business process, and who is then touching that data or requiring access to it provides an end-to-end view, and in this process, you will most likely identify gaps that need filling.
Many companies utilize some form of master data management (MDM) process or solution. This can tie in nicely with a data integration process, where you enable the movement of data across applications, achieving data synchronization, data migration and data transformation if needed. Solutions leveraged for this include traditional middleware or enterprise service bus (ESB) technologies, MDM and integration suites, or new appliance or cloud-based integration products.
Other businesses achieve this central visibility and access to information via a collaboration portal, such as SharePoint. This is also a great example of how you can use the cloud to help your on-premise world, as most of these portals are Web-based solutions. Although I will warn you that many companies that deploy these portals don't always train their employees sufficiently or set up the rules appropriately, thereby creating a more disparate data environment rather than a centralized one. Tools are only as good as those that deploy, manage and use them.
Others leverage a service-oriented architecture (SOA) approach that enables a shared layer for information control and access. If you haven't looked into implementing SOA in your enterprise, I highly recommend this. Not only does it help solve the internal data management issue, it is an ideal way to extend your infrastructure to the cloud and ensure a central view of your information, whether on-premise or in the cloud. A great resource on this topic is David Linthicum's book, titled, "Cloud Computing and SOA Convergence in Your Enterprise."
SOA and integration work hand-in-hand in helping you manage your information, streamline work flows, and enable access to the data by everyone in a specified business process. What's more, a SOA approach can easily be extended to a multi-enterprise community, the other critical piece of integration. We have many customers that extend a SOA layer across a B2B cloud platform to exchange information with trading partners or buyers.
Once you've figured out the information piece, where the data lives and how you are managing the data, then you move to access. The key to secure access is to create a trusted relationship, and allow access based on levels of trust. I always ask these five simple questions:
- Who is trying to access the data? (Do we know them?)
- Can they prove it? (authentication)
- Is their endpoint secure? (endpoint interrogation)
- What are they allowed to access? (access control rules)
- Can I audit their access? (compliance and reporting)
The Future: Creating Trusted Cloud Networks
As we move toward the future, the idea of "trusted access" can be applied across clouds and infrastructure. The vision is to have the ability to move information and business processes seamlessly across areas of your environment that encompasses both on-premise and cloud; however, I believe in the future these terms will become increasingly obsolete as we focus on the information and secure access.
Think of this as taking the concept of SOA to the cloud, where you have a federated layer of information that is accessible by everyone in your "community", whether internal or external. With trusted cloud networks, you can:
- Connect and share information across clouds and users
- Create or leverage cloud connectivity brokers
- Create areas of federated services with controlled access
- Establish SOA in the cloud for inter-enterprise information exchange
Figure 2. In the future, cloud-based integration, federated services and an open API infrastructure will allow both the seamless movement and access to information.
The main elements of trusted cloud networks include:
- Master Data Management (MDM)
- Federated security with data segregation
- Centralized governance
- Cross-cloud compliance mandates; e.g., PCI DSS
- Secure "tunnels" of communication across clouds using secure protocols
- Role and rule-based access
- Transparency and auditing
- Consistent QoS and SLAs
This concept is not so different from the multi-tenant architecture approach you see in cloud solutions today, where the focus is on data segregation and security, but many types of data "owned" by many different businesses can co-exist in a single cloud environment. The data is separated by virtual boundaries and clear access control rules backed by security processes.
Gartner calls this approach cloud integration brokerage. A cloud service brokerage (CSB) is a model for conducting cloud service governance and integration. A CSB brokers a relationship between a service consumer and a service provider. In the diagram below, you can see how the consumers of cloud services (you and your partners) are accessing information via a centralized layer that involves multiple cloud service providers. However, we are not there yet, because as you can see, Gartner points out that the missing "link" are fully capable brokerage technologies. There are vendors moving in this direction quickly, with cloud integration providers farthest along this path, as much of what they do today is already providing this mediation or brokerage capability.
Bringing It All Together
We've covered a lot of ground, from moving to the cloud to data management to SOA and integration and the future vision of trusted cloud networks. But if you are like most companies, you are just starting on this cloud path and want a clear way to get started.
I recommend you take the following approach to start moving toward a strong cloud strategy that puts what we've discussed into action.
First set or refresh policies around users, security and access. Ideally, you already leverage Active Directory or some similar repository for users and associated rules. If your company has not established clear security policies and access control rules for your internal and external users, this is a great opportunity.
Second, implement a data management process. This should include a clear mapping of your data, information flow, and ideally a SOA approach, with centralized governance based on the policies you've established.
Next, review and update if necessary your business processes and related management. If you don't know how to collaborate with the business on refining business processes, you can always leverage one of the cloud-based BPM tools that provide easy-to-use work flow widgets. This is actually a great way to test the cloud in your enterprise and involve the business side of the house in your updated processes.
Finally, incorporate integration into those business processes across internal and external communities. Look at all areas of integration, from data to application to B2B.
The cloud is not a fad but rather a strong, new way to deliver and consume technology that provides benefits to both IT and end-users. To succeed in the cloud, don't bite off more than you can chew. Start with small steps that can be measured and expanded. And don't do your cloud strategy in a vacuum. Incorporate the cloud into your overall infrastructure and IT vision with the end goal of providing easy and secure access to critical information by both your employees and partners in order to help your business prosper and grow.
Cloud Security Challenges
Preventing Cloud Vendor Lock-inPreventing Cloud Vendor Lock-in
Key Cloud Strategies: First StepsKey Cloud Strategies: First Steps
Business Continuity Management in the Cloud
Privacy and Its Relation to Cloud-Based Information Systems
Margaret Dawson is Vice President of Product Management for Hubspan. She's responsible for the overall product vision and roadmap and works with key partners in delivering innovative solutions to the market. She has over 20 years of experience in the IT industry, working with leading companies in the network security, semiconductor, personal computer, software, and e-commerce markets, including Microsoft and Amazon.com. Dawson has worked and traveled extensively in Asia, Europe and North America, including ten years working in the Greater China region, consulting with many of the area's leading IT companies and serving as a BusinessWeek magazine foreign correspondent.