The cloud is at once touted by the industry as the greatest revolution in the delivery of IT services for a generation and an obscure concept by many prospective adopters. Whilst the former is not surprising, the latter is due to the lack of understanding about how to scope cloud services and how to integrate them within the wider IT strategy.
This uncertainty can be compounded by a lack of knowledge of who to trust in balancing an on-premise capability with an online one and has therefore made some IT managers and business leaders reluctant towards investing in cloud services. A credible and certifiable Code of Practice that can provide transparency of cloud service providers and their capabilities with clear guidelines of what is important, and why, is one sure step to advance adoption.
Cloud service providers need to provide information that relates to their business and operations in a standardised format to cut through pure marketing messages to the core of what and how they offer services. By providing answers to essential questions in a common form will enable end-users to make rational and informed decisions on how to progress with specific vendors. As such, a Code can encourage consumers to have clarity and confidence in their choice of provider.
Due to businesses’ uncertainty of how to embark upon a strategy that includes cloud computing, it is important to understand specifically what it is by definition, and, how it can benefit both businesses and end-users at a practical level.
Cloud computing at its most basic level enables someone to access computing power and applications ‘online’ via the internet on demand. To help cut costs for businesses, it is typically offered on a pay-as-you-use or subscription model and there are no capital costs to participate. Operating independently from hardware, it also provides resource and services to store data and run application, in any devices, anytime, anywhere, as a service.
A Code can help end-users to select the best practices and the service providers that are most suitable to their business. It takes into account three key points: transparency, capability and accountability to accurately define the services offered, standards of operation and security.
As it stands, cloud computing is so new and driven by specific vendor messaging that it lacks transparency, and for some that leads to a lack of credibility. A Code can highlight information that’s vital to making an informed business decision, such as stating the vendor’s real legal entity (behind the web presence), where their data centre operations are based, if they are owned by another company, what their operational practices are etc.
In terms of capability, organisations complying with a Code of Practice should have documented management systems, processes and resources in order to deliver services consistently for their customers 24/7 and enable service level information to be accessed by them.
Accountability involves educating the customer on the legitimacy of organisations. Service providers should be accountable for their operational practices and public website declarations, and in particular, they should actualise any public claims that they make about their service on their websites or promotional materials.
A Code of Practice is necessary to engender the trust required between businesses and cloud service providers to collaborate on the delivery of an IT strategy.
If cloud service providers follow the requirements within a Code of Practice and make the information needed to make an informed decision available they are able to place a certification mark on their websites that end users will be able to recognise as a public statement of their operational and ethical intent. What is not in doubt is that what we call cloud services will continue to grow in capability and adoption, what is not so clear is the pace at which that transformation will arrive.