Why is cloud computing the least considered technology among datacenter professionals?

There are other concerns - namely scale and security.

There is some level of scale where running the infrastructure yourself will be more cost efficient than using a cloud provider. What is that level ? 100 servers ? 500 servers ? 2000 servers ? Probably yes at 2000 servers, and probably no at 100 servers. So if you're running a large datacenter environment, you may have considered the cost of Cloud Computing and rejected it.

I don't think that the penalties associated with data loss or data compromise in a Cloud environment are particularly well defined yet. So if you have critical data, for example data that needs to be HIPPA compliant, perhaps you do not want to take on the risk of another provider getting your data compromised where you will be penalized for the breach. Perhaps the cloud provider is not willing or able to provide you with enough assurances that you won't be paying the penalty for a breach of their systems.

Fear...and Trust.

The "cloud" is perception of control, security or lack of either. The need to convince enterprise's about the risk Vs reward is not hard. It's the trust, long term capital investment and financial consideration the "cloud" poses, and the fear of making the wrong decision with the wrong partner.

Also note...Each model and provider is different, and the adjusted models for finacial consideration often misses the managerial and employee hard and soft costs in the financial equation or ROI model. Along with the lack of vendor trust and heightened fear of the wrong partnership.

That stated...the cloud is enevitable. Just need the right security and the proper redundant networks to make it a financial "hocky stick" perfoming reality.

Most, if not all, Fortune 500 companies have had the "cloud" for years. Basically, they have created their own virtual data center for disaster recovery or for centralized server management. These are considered virtual private data centers versus what the cloud is typically referred as a virtual public data center, like Amazon, where services, platforms or infrastructure is accessed via the Internet. Google,Sales force and otheres have been the “Software as a Service” (SaaS) model for years and is a way to access legal briefings and decisions for research. Lexis-Nexis® is probably the most notable provider of these types of services, they provide thousands of law firms worldwide with of content-enabled workflow solutions specifically tailored to professionals in the legal industry. Therefore, it essentially becomes a commodity type of service that you lease for as long as you need that information or service.

Another benefit of the "cloud" is its ability to be utilized as a disaster recovery facility to enhance backup and recovery requirements. Another benefit in leasing infrastructure is that the company doesn’t need to acquire resources or staff to manage the additional datacenter. Also, a company only needs to pay for what it uses. The Pay-as-you-go model may have one of the largest advantages of utilizing cloud services. So, rather than purchasing all the equipment needed for a data center with three years of storage, the cloud leases what you need and expands dynamically if more storage, processing or memory is required.

Only paying for the storage you need is what makes cloud providers like the Amazon EC2 an attractive backup and recovery option. Cloud computing can now provide a more readily available copy of data that can be recovered anytime and anywhere. It can also greatly reduce the recovery time objectives of using a tape archive solution. Company’s today are using cloud computing to enhance their existing backup solutions to reduce the amount of money spent on the tape, storage services and shipping but also reduce the amount of time it would take to recover. Tape has been around for a long time so I don’t see cloud computing replacing tape backup anytime soon. However, it will definitely be used to improve business critical servers that need a lower recovery time. Tape can still be used as an offsite archive solution to meet industry compliance regulations, such as when documents and data need to be available for upwards of 7 years before they can be destroyed.

The three functions that cloud computing can provide now to enterprise and SMB's alike is serve as a disaster recovery facility, a platform and infrastructure for enhanced backup procedures, as well as, the ability to lease software as needed versus trying to disrupt the company organization to implement yourself. This is only the tip of the iceberg regarding cloud computing, over the next few years this industry will rapidly grow. In fact, it forecasted by many analysts as being a 25 billion dollar business opportunity.

Not bad numbers when you look at them!

Scott asks a great question. Osterman Research recently released the results of a cloud computing survey of 100 IT executives. They found that among organizations that have implemented cloud computing, spending on cloud-based infrastructure averaged just $6,335, or $23.31 per employee, in 2010. Osterman reports 403 as the median number of employees at the organizations they surveyed. So if 400 employee firms are spending only $23 a year per employee on cloud services, the cloud is not a happening place yet...

I attribute this to several factors including that perhaps IT departments are threatened by their lack of knowledge of the cloud or specific cloud solutions they can put to work right now. Also that generally speaking, the IT staff has a protectionist stranglehold on the cloud conversation and will continue to do so as long as upper management remains ignorant of the cloud leverage or waits for IT to figure it out. The security boogie man has been mentioned too many times by IT people who feel comfortable using scare tactics instead of educating themselves or their managers.

And then there's the "hug-ability factor", where many people in IT don't trust things they can't wrap their arms around directly or touch on a rack in their datacenter. This issue is tied to job security, which was well mentioned by others here already. There is no rush to be wrong when making selections for cloud services and many people who are the controlling and influencing forces in IT, are waiting patiently for the shakeout to come before they bet their future without a hedge. Ignorance isn’t bliss if management wants honest answers about how to leverage the cloud. Maybe ignorance is just, well, ignorance.

According to McKendrick’s recap of the Osterman survey, a majority of respondents said they just started adoption of public cloud computing this past year, and about 40% say they just started their private cloud implementation in 2010. For a relatively new initiative, ROI has been sizable — the average return on investment was reported at 46%. However, ROI is still a mystery; 57% of respondents either did not know or could not quantify their ROI on cloud computing. Hmm. That doesn't help.

It's easy to spot the pioneers in every new push beyond the provincial thinking inside the city limits... they're the ones with the arrows in their backs. My company is realizing ARPU well beyond the annual dollars spent as quoted in the survey. We're regularly signing deals that greatly exceed the $525 of monthly cost that Osterman's annual $6300 spend averages out to. We're finding success by working with firms too small to have influential IT departments, and that makes all the difference. SMB's are the early adopters. They're always more willing to try new things, especially when it saves them money that they could otherwise keep in their pocket. And I'm watching shared cloud storage leading the service delivery demand.

Small firms with remote workers or branch offices are perfect for cloud computing and storage services. There's no "there there" at HQ and with iPhones and iPads taking off, those users are very comfortable getting services from the cloud already. As an example, they don't buy Exchange servers, they rent hosted Exchange mailboxes instead.

The big guys will catch up, but only after a wave of cultural adoption crests.... and that may be another couple years. Because beyond the cloud apprehension that exists in larger IT departments, many of today's leading cloud players would not even make the vendor list in larger firms. But cloud services will infiltrate departmentally, just the way the Mac and the original IBM PC did. And once you're in enough departments, you own the enterprise by default.

So, I’ve seen basically two schools of thought here –

1) People are not embracing Cloud Computing because it may threaten their job and/or empire of developers, architects, sys admins, and such.
2) People are not embracing Cloud Computing because of a general feeling of lack of control over the environment.

I’ve got to go with #2, although I thought long and hard about #1. As a healthcare SAASS provider, we are entrusted with extremely sensitive data. If security is breached and the data leaks out not only is it bad for the patients, but that is pretty much it for a company our size – there is no recovery. Further, sooner or later there will be a test case that looks to put jail time on a CIO/CTO for having a breach he/she could have/should have prevented. Firstly, if I’m going to be that test case I want full and complete control over the environment and anyone who has access to that environment. Secondly, as a secondary user of patient data who has signed all the applicable Business Associate agreements and such, trying to extend this to a third degree of separation from the hospital is a non-starter for us.

Al that being said, it will be interested to see how this evolves. When we first started working with healthcare data, the concept of moving data off-site onto our SAASS servers was a non-starter for some. Now, it’s become more common place.

It's interesting to read this conversation thread almost a year after it was kicked off and commented on. I'm curious if people's opinions have changed in a year where we (I work at a cloud provider - www.GoGrid.com) have seen tremendous growth and adoption across the business space.

There are some great points brought up here: security, fear of losing one's job, not being able to "touch" it/IT, lack of control, etc. I believe that the relevancy of those concerns are still important, however, cloud computing has evolved and while still relevant, I don't feel that they are as big of a hurdle as before.

From a "security" standpoint - IT is vulnerable whether it is cloudy or not. I view this more as fear and uncertainty than reality. Because of the whole concept of cloud being "insecure", cloud providers actually spend more time disproving this. I would say that clouds are more secure than traditional data center environments (or your sales person losing their corporate laptop on the road).

"Losing one's job" - well that is pretty much up to you. If you are a smart employee, you learn the latest and greatest technology or skillset to make yourself more valuable. If you put "cloud" in your warchest, you can become a "Cloud Consultant". If you think that technology never evolves, then you will be replaced.

"Can't Touch IT" - if you can touch your IT, you probably are watching hardware that is expensive, outdated and under-utilized. Why would you want to be a server-hugger in the first place? With the cloud, you use what you need and pay for what you use - No CapEx, it's more efficient, you can scale based on your demand...need I go on?

"Lack of control" - I would say that with the cloud, you have even MORE control than with traditional hardware. Try scaling programmatically with physical hardware in a data center. You either need some robust tools or racks of blade servers sitting around waiting for usage. Cloud gives you much more control.

Data center professionals need to start thinking outside of the physical box if they are going to succeed. The trend is that tradition IT is moving to the cloud and with test and dev, compute projects and full cloud implementations (replacing aging traditional infrastructure) being standard use cases now, data center professionals should really be rounding out their experience to embrace cloud computing. That's my 2 cents (plus change).

Interesting discussion. Great points. I suspect there is no universal right or wrong and our experiences might also vary substantially depending on what type, size, and structure of companies we all deal with. I am surprised by the ROI point. I can see and understand the point and suppose this is particularly the case where recent (5-10 year) investment in datacenter infrastructure has occurred, but anywhere that substantial replacement costs of infrastructure equipment begin to arrive from replacing or doing substantial work on A/C, power, or often even requirements to upgrade network infrastructure to ever increasing demands, the calculus has virtually always come down resoundingly on the side of using cloud and with several of the top tier providers offering protected cloud offerings that meet various health or government regulations at surprisingly low rates, traditional barriers to entry around data security have decreased.

That said, I do think this isn't necessarily an all or nothing game either. If you keep certain things in house and down scale your infrastructure while outsourcing things that aren't highly confidential data or have other reasons to keep onsite attached to them can still yield substantial savings. In most cases just the power savings from reducing spinning disk and running servers and the associated cooling makes the math work out beautifully, not to mention cost of replacement parts storage, support contracts, etc. on the hardware no longer needed or not in need of next replacement cycle.

- I agree with the HIPAA and other regulatory concerns.
- With a datacenter, not only is your 'data' in your own hands, so is your IT staff. If a server goes belly up or access to data is lost, YOU can call the individual(s) in on the carpet and scream at them. If someone else holds your data (you do not know where), you have to put up with a "we'll look into that. . ." You do not know whereyou are in the 'priority' queue. In your datacenter, YOU set the priority and they are only watching YOUR servers.
- WAN costs go up if everything you do is in the cloud.
- What happens if there is a regional or even local power outage? No access to the cloud - no data. Hospitals (and other organizations) have their own generators. On-site datacanters now have data and access.
- Hybrid solutions. If you are going to mix and match, inhouse for legacy apps and cloud for other, since you are keeping ihouse staff and atacenter, do you really save by using the cloud?
- Legacy data - how are you going to get that legacy data into the cloud? How much will it cost to put it there?

Could it be that people fear placing their data outside their direct control? Governments can demand data from a 3rd party hosting provider.....a 3rd party would have no choice but to give it up where the Owner of the data may have more legal (and perhaps illegal) options. See Wikileaks......

....I guess a hosted provider of floor space would have less access to data than a hosted provider of services....I just look at what happened to Wikileaks where 3rd parties were subpoenaed to turn over records....would Wikileaks give that data up if they held it themselves as fast as a hosted-3rd party would that's holding the same data? I don't know the answer - but I hear stuff like that from my clients....if I had a server in MY data center and law enforcement wanted access to it, I could delay them with my lawyers....but if that hardware was at someone else's site, could I do the same?

.....I guess it depends on your business John - my clients often don't consider cost as an issue but safety of their data as most important. I do much healthcare, financial, and government work and they've directly stated that the safety of their data is the number one reason they'll not join a cloud. It's not my opinion per say - just what I'm being told...and as you've said, cost is sometimes another reason....

Businesses (any size) know that outsourcing certain applications is stategic for them. First, cost of IT infrastructure costs are increasing at an alarming rate. Second, schools are not pumping out IT personnel like they use to. Third, current and old IT staffs are running razor thin and burnout rates are increasing. If I was a smart business owner, I would seriously consider initially some form of hybrid cloud technology to see what may or may not work. Test drive the technology. If security is tantamount then you should consult with your vendor or good consultant to map out your course of action. Good luck.

Before reading the answers, the first thing that came to my mind was - it can take away some of their jobs. And I still believe it's #1 reason in priority order.
#2 - but I'm not sure how many of them go that far in their thinking - to stay in the business, they'll need to change/update their expertise. Many of them are much tech focused and now they'll need to embrace a bit more. I believe that cloud computing is a great opportunity for service management professionals. Getting up to date in ISM (much beyond DC part) will be a big advantage. There will be other good opportunity areas as well, e.g. business process management, etc. ...and obviously compliance, risk management, etc. I believe that the most of the people try to resist the change, so that's why they try to "preserve their kingdom", rather than to move on.
#3 - security, compliance and all other things mentioned related to immature technologies.

Small and medium companies are definately considering cloud solutions. These companies only have meager IT resources that would be concerned about loosing their jobs, infact the IT resoources they have play a pivotal role in getting these companies to the cloud. The cloud ROI for these companies is definately very good.

Even security is now becoming less of an issue than say 2-3 years ago.

Short answer: Security Concerns

Long Answer: In applications where customer data, or even sensitive corporate information is stored, accessed and used, Cloud computing introduces a 3rd party influence on how that information is transmitted, stored, and ultimately secured. Unfortunately, by it's very nature, that information becomes vulnerable to external attacks because of too many unknown factors and variables. For instance, how am I, the customer, supposed to firmly believe that you, the provider, have taken all steps to secure my data? You may offer me guarantees and all of that fun stuff, but I will never really know for sure! I would rather store such information on my own private network where only I and people I trust can access, move, or manipulate it.

Cloud computing is awesome for stuff like Myspace and Facebook where nobody expects any real level of security. But when it comes to confidential and highly sensitive data like customer account information and trade secrets, I would never risk that on some outside source where I have no idea where my data is stored, how it is transmitted, or if it's even truly secured.

Dave, I agree on the fad/trend based scenario you produced. The truth about CLOUD computing is that it has been around for a very long time. Cloud computing had its real start in managed hosting solutions that were provided by Co-Location and General Purpose Data Centers back in the late 90s.

Just like HPC computing is a new name for an old idea, Cloud is a new name for an old idea.

Problem is an interesting word. Does problem refer to an intrinsic issue with the very foundation of cloud computing? Or does it refer to the issue of decision maker’s non-acceptance of security as it relates to cloud computing? Or does problem mean difficulty of a vendor to sell a solution based on a Cloud framework? For me, the problems are more issues 2 and 3 than 1 (although I’m still not comfortable even with #1)

Here is another problem – I would not place my company’s data on a cloud like Google because anytime Google is the victim of any kind of hack or hack attempt like here http://www.seroundtable.com/google-bangladesh-dns-hack-12773.html or here http://www.npr.org/blogs/thetwo-way/2011/01/05/132680127/in-interview-google-... my company would be under scrutiny from our clients. These are non-technical clients – trying to explain all the ways the Google Cloud is safe but Google in general still is vulnerable is a no win for me. Their data is too sensitive.

Further, there is a definite difference between co-location, SAAS, and cloud. Our servers are in a data center owned by Vericenter, we offer our application on a SAAS basis, but we are not cloud computing. We just have a data center from which we rent some space for our equipment and offer service through a web based application to achieve economies of scale.

Because it directly threatens their jobs.

I agree, unless you work in a data centre that is hosting a cloud based system then it is basically outsourcing a system you could be looking after

I concur with what has been said, but will add that there is also a lot of very wide ranging information floating around that even those who might be open minded to it have concerns over putting their job on the line in the current economic environment on what they see as a cutting edge technology. I am often astounded by the amount of mis-information that seasoned IT professionals spout on this subject.

Maybe to offer some "excuse", this has been a quickly and rapidly advancing area. Most top tier providers have been fairly quick to respond to feedback concerning limitations or needed features making accurate information inaccurate fairly quickly. Of course then that is the nature of the industry overall.

"The Cloud" relies on data centers, so isn't that like asking whether building a new national power grid will put power generation companies out of business?

It is nonsensical!

...but whether data is hosted by yourself or by a 3rd party, if the 3rd party just happens to be a data center, surely that does not extend special or additional legal rights to law enforcement/Government than if the data was held elsewhere that wasn't called a "data center"?

Timing and dollars. Biz is unwilling to take a small step towards innovation when they view Cloud as unnecessary at this point.

Sanjeev,
I agree security is becoming less of a concern. That is why Wikileaks has SO much material. NOW they are thinking, maybe we should hav better security. . . TJMaxx thaough the same thing. Yep a LOT of companies think security is of little concern.
But if you stop and think about it, the cloud providers also want the highest rate of return, so what makes you think THEY are really spending a lot on security or security aware administrators??? it is not even their data.

Because the cloud is opaque. If you are using 'the cloud' for your infrastructure you lose the ability to know what your infrastructure is. You just rely on your cloud provider and their SLA. At least with a real data center you can touch and feel the infrastructure, you know that it is actually there. I don't trust my data to sit on anyone else's infrastructure, especially an infrastructure that I cannot audit. The Cloud is useful for a few things, but not everything should be in the cloud just because it can be.

Well security is not the problem,
Electronic Medical Records for heath care should be implemented by 2014 so that has been done in cloud solution, all the providers I have spoken with they offer three locations to backup data and have a fall over if something happen to the location #1 you have access to location #2 or #3.
With respect to HIPPA the cloud provider should be compliance to provide the service as if it was internal in any hospital.
Either way the fact that data centers need professionals to maintain in house security and all the bells and whistles, I don't think that is ROI or Security IT is that cloud is not there for all solutions as Gregory mentioned it even though Hospitals are using it for Medical records.

As a datacenter professional and consultant to more than 30 non-profit organizations, I have to make recommendations on a case by case basis. ROI and TCO are the primary factors in making recommendations about cloud services but not the only factors. Since there will always be a server somewhere to host Active Directory, and that server will need to be replaced every 5 years, ROI and TCO calculations need to cover a 5 year period and take into consideration the cost of server migrations.

Other considerations are organizational culture, compliance requirements, granularity of control, business processes and documentation of infrastructure and services. All of these factors need to be weighed in addition to TCO and ROI.

On a personal note, after 20 years as an IT professional I’ve seen trends come and go and think the IT world is tends to be a bit trendy. I for one, prefer to maintain tried, tested and true business decision making processes and am not going to jump on the next bandwagon just because there’s a bunch of cheerleaders in that wagon waving palm palms.

Gregory, I am aware of the history of cloud computing. I've been supporting users who utilize SalesForce since '98 and belive that is an example of a great clould based solution. That said, and as I'd indicated before, I make my recommendations on a case by case basis and consider all of the factors.

Business and their IT leaders need to evaluate how they want to move forward with their IT resources. I think security is of utmost importance and cannot be overlooked. Costs have to be legitimate and in-line with business goals. It these things are not met then business will continue as is. However, technology does not stand still. Companies are always looking for ways in innovate or go belly-up. If I was a Cxx and asked the question of my Cxx as to what to do I would recommend a pilot project. I believe some very large companies already have these projects in the mix. Once their is critical mass, then the technology will be widely adopted. Not until then.

Excellent expose on the current state of Cloud Computing. Good job Chris.

I think there is a lot of misconception regarding security of data in a cloud environment. Another misconception prevailing among data center professionals is that they feel lack of control over the data in a cloud environment. In the last few years, there has been a lot of improvement regarding security in cloud, and the cloud is now much secure and ripe to be adopted by the industry. Issue of lack of control over the data in a cloud environment is of no value in case of private cloud.
For more information, visit –
http://www.myrealdata.com/cloud-computing.html

Read a recent article about CIO fears about the cloud. One is the term Cloud itself. It scares most of them and the definition of the Cloud is not clear in their minds. Two their current application structure is not amenable to the Cloud if one they understand what the Cloud is. And three, high-end storage is too expensive.

Until these issues are clearly spelled out and understood by management, Cloud hosting will continue but at a much slower pace.

I believe Cloud computing or remote hosting is where things are going long term. A smart device is all you will need with a brower or gadget to access your stuff from the Cloud or Remote Hosting cluster.

Cloud computing has benefits, such as quick and simple scalability as data needs change and evolve, but there area number of hurdles to overcome before I believe it can be seen as a mainstream data center solution. First of all, there is the ethical question of data security and data ownership. It is no secret that many data breaches are accomplished via third party access, and this is a liability you must contend with. In addition, although service levels are high, you have little or no control over them, case in point Netflix's much publicized service downtime with the Amazon Cloud. So basically, you are putting your brand and your customer entrusted data in the hands of a third party.

Before I`ve used Cloud-based software, I had the same question and quit to use it. After sometimes I was hired for an IT company and was sure that the company information will be safe.

http://www.kpi.com

I find no disagreement with anything Mr. Furey has outlined about the Cloud.

We are still missing alot of picese that takes to make the cloud work for enterprise aka networking.