Written by: Jonathan Sharp
This is the second post summarizing the major lessons of the new eBook, “How to Take Advantage of the Cloud: Your Guide to Achieving Value and Performance,” by HP and Latisys. Previously, we addressed “Cloud basics” using the phrase “how to harness the cloud as part of your IT strategy”. In this post I wanted to get a little more hands-on, looking at some specific solutions, such as:
1. Disaster recovery
Disaster recovery (DR) is often a great place to start when seeking to take advantage of the cloud. Rather than buying additional on-premise hardware to back up a mission-critical solution, you can back it up in the cloud. You gain flexibility and options and most importantly, you pay only for what you consume. The cloud backup is, by definition, in a different location, so you’re protected against physical disasters in your datacenter. Your cloud DR is there waiting for when disaster strikes, but at minimal cost.
There are engineering concerns. That’s why your company needs an IT department rather than simply giving every employee a Dropbox account. Your DR must be appropriately architected, we like to use the phrase converged infrastructure, which involves integrated failover and fault tolerance. You also want to structure the contract with your cloud service provider so that you can spin up resources as you need them (during the disaster) but only pay for them when you need to. A good cloud service provider will work with you on this. With these concerns met, DR can go a long way toward meeting your cost containment objectives.
One common IT challenge is the growing role of large files, whether they’re used to shoot and edit promotional videos or to harness Big Data for business intelligence. To meet that storage demand, you could build a new datacenter or two, since you probably need a secondary site. But now you’re talking significant capital investments in power, cooling and hardware. You’re also talking software licenses, staff, and perhaps specialized equipment. The cloud can provide an enticing alternative.
Storage is one of the most confusing forms of cloud computing. This is because when most people think about storage they think about it as a destination, like the attic where you put your Halloween decorations. When Halloween is over, you box everything up, seal the lid, pull down the attic stairs, climb up and put the box back in the far corner next to your skis, the old desk and your grandfather’s stamp collection. You know where it is, you know it’s safe and you don’t care if it’s not readily accessible. Some cloud storage is just like the attic. It’s used for caching or for backup…for files that you don’t need to be readily accessible. “Destination” cloud storage is relatively inexpensive. But there are some items you would never store in the attic - your coffee maker, your grill, your television. Why? Because you need real-time, conditional access to them and there’s a level of performance and quality that you need from these appliances that will degrade if you leave them in the back of the attic. A production database can only be run on a “Conditional” SAN storage platform, where speed and IOPS (Input/Output Operations per Second) matter, especially if it is delivered via the cloud. All cloud storage is highly scalable and on-demand. But your need for “destination” vs. “conditional” cloud storage will drive a trade-off between price and performance.
Obviously, thinking about cloud storage has some overlap with thinking about disaster recovery and as with disaster recovery you must ensure that your storage is appropriately architected for production workloads. Which leads us to…
3. Security and compliance
The problem with dumping entire IT infrastructures into the public cloud is that it abandons security. Maintaining the security of your company’s intellectual property and other sensitive materials has always been the number 1 priority of the IT department, and rightly so. After all, depending on your industry, your company may even face legal compliance requirements designed to demonstrate the security of your data.
The best way to address security and compliance is to work with a cloud service provider that understands these issues. Perhaps it’s a provider who has worked in your industry and knows the ins and outs of your particular flavor of alphabet soup (for example, HIPAA, FedRAMP, or PCI data security). Perhaps it’s a provider who deals with many different types of compliance regimes across many customers and industries, thus giving a “macro” view of compliance issues. Perhaps it’s a provider with an architecture that allows for simpler compliance testing. Perhaps it’s a provider who can even sit down with your auditors and confirm that you’re following best practices.
This is where talking about “the cloud” can get dangerous because there are so many types of clouds. Many public cloud service providers will give you a resource in a single pool with many other customers. Depending on your security and compliance needs, that may not be a problem. However, you may need a private cloud service provider with a three-tier architecture that meets the SOC 2 reporting framework.
Obviously no cloud service provider can assume responsibility for your compliance. But you may find that some providers understand what it takes, and can organize themselves to support your efforts to achieve that compliance. If providers lack these skills, that puts more of a burden on your IT department and isn’t reducing that burden the whole point of moving to the cloud?
For our expanded thoughts on these and other topics, please see the eBook here. Look out of the next post which in this series, where I will look into performance, optimization, and integration of the cloud into your IT portfolio.
Keep an eye out for the last installment coming out shortly.
For more information on HP Converged Cloud visit www.hp.com/go/cloud
Follow me in Twitter @HPCloudSystem
Join the Cloud Advisors discussions on LinkedIn