IMAGE: ANIMIND/FOTOLIA.COM Choosing a global cloud infrastructure provider
Top considerations for choosing a global cloud infrastructure provider A guide for enterprises considering IaaS services, by Lisa Kelly Organisations with a global presence considering a move to infrastructure as a service (IaaS) must match their needs with a service provider that can guarantee a high-quality service to all employees, wherever they are located and whichever device they use to access services. Companies are showing growing interest in IaaS, says Roy Illsley, principal analyst at Ovum, and many see it as a way of re-aligning their IT function more closely to business needs. Having a third party to manage all the organisation s infrastructure services frees up internal resources so IT can become more business-focused, he says. Chris Harding, director for interoperability at The Open Group, which brings together suppliers and users of IT, says choosing the right global provider involves many elements to ensure employees get access to applications that work, and are not slow. Having a third party to manage infrastructure services frees up internal resources so IT can become more businessfocused Roy Illsley, Ovum Set service level expectations It is vital to find a partner that can deliver, and to nail down a service level agreement (SLA) for contracted service levels. The choice of supplier is made by trading off the factors of cost, risk, ability to meet requirements, exit strategy and terms of contract, says Harding. FENTON/FOTOLIA.COM -2-
The CIO does not surrender accountability, so the right partner is essential to ensure the user receives an excellent service. Workloads should be categorised and segmented to see what should run where, and how it should be accessed, says Illsley. He says the organisation s crown jewels must be properly protected and the business must be consulted about how it values applications whether gold, silver or bronze in terms of key criteria such as speed or availability, so the IaaS provider knows what is required. The geographic location of physical infrastructure has to be an important consideration for any IaaS contract A global CIO will want a provider to contractually agree levels of service for speed and availability, irrespective of where employees work. A fully managed end-to-end system stands a better chance, says Clive Longbottom, founder of analyst group, Quocirca. Work with the provider as a partner not as a supplier. Source everything via one contract and make the main contractor responsible for the SLA. Get it to report to you on a regular basis on trends and overall performance. A global organisation may want to opt for a more robust private network to connect to its IaaS provider s datacentre servers, rather than an internet Case study: Komatsu Australia Ian Harvison, chief information officer at Komatsu Australia, a provider of earth-moving equipment with around 42 branches and 1,800 employees, says the company s move to Telstra s infrastructure as a service (IaaS) is saving IT spend and management time, as well as increasing flexibility. Harvison is alive to the pressures faced by many IT chiefs to do more with less continuing to keep the lights up and running, while focusing resources on innovation. There are more and more pressures coming from business about reducing your IT spend, but at the same time there s still a requirement to deliver a reliable, secure platform, he says. We re moving to a utility-based engagement, so we re paying for what we use, when we use it, with Telstra Ian Harvison, Komatsu Australia Under the IaaS contract with Telstra, Komatsu is moving 85 virtual servers, five physical servers, plus the mainframe, into Telstra s datacentre in Sydney, in a departure from having to pay hardware costs upfront, which may not be fully utilised. We re moving to a utility-based engagement, so we re paying for what we use, when we use it, with Telstra, says Harvison. But he points out than unlike an outsourcing model, the IaaS model means Komatsu is not letting go of the ownership, or management, of its core applications. The utility model means that, within hours, IT can efficiently meet business demands for more storage or service capacity. Previously, it would take us six to eight weeks to acquire the hardware, build it and have it available for the business. It makes us much more flexible, much more agile, says Harvison. Freeing up management time has allowed Komatsu to pursue technology projects previously put on hold. The IaaS contract has bolstered disaster recovery capabilities. The primary production environment in Sydney is enhanced by a disaster recovery environment in Melbourne, with mirroring between the two platforms which has mitigated risk and provided around-the-clock, stable and seamless IT for the business, which is agile and flexible regarding platforms and new technology capabilities. Harvison believes many other companies will be evaluating the lifecycle of technology platforms and adopting models such as IaaS. If you look at what s out there today, IaaS or cloud computing is cost compelling, he says. -3-
connection, to guarantee service levels. A private network connection makes sense, not only for lower latency, but also for manageability, security and SLA management. Bear in mind that a single connection is a weak link in the chain, and that an IaaS solution is only as good as the network on which it s delivered, says Longbottom. Evidently, cost is a major consideration and dedicated lines are more expensive than shared lines. If money is an issue, you may want to take a dedicated line as the main connection, with failover to a public line on the understanding that performance will be hit if the main line goes down. Work through what is a necessity and what is a nice to have drop the nice to haves and see what the cost is then, says Longbottom. Consider geographic location Organisations with a global presence want to ensure a consistent service for employees in each country, and may prefer a global service provider to ensure a consistent technology stack and service wrap in all regions. The location of physical infrastructure has to be an important consideration for any IaaS contract. End-to-end latency is what matters and the farther away the facility is, the more latency begins to bite, due to physical laws which are pretty hard to get around. For WAN traffic, network optimisation can help, but a datacentre 12,000 miles away will always be slower than one next door to you, says Longbottom. He advises asking about end-to-end SLAs, including user experience. With the wide choice of devices available today to do effective business in a mobile world, this is particularly important. Users want to access cloud services from their desktop, laptop, tablet or smartphone. Using an IaaS service is much less risky than establishing a datacentre for a new venture, and it requires much less management overhead Chris Harding, The Open Group Make sure that any performance figures both sides agree to are from the point of access to the point of service, i.e. from device to datacentre, says Longbottom. Beyond performance considerations is the issue of legality, which encompasses data sovereignty. A multinational company needs to ensure it has sound knowledge of how data protection laws and regulations differ from region to region, and will require a provider that has a strong presence in, and knowledge of, the different countries it is operating within. Ovum s Illsley points out that even within the EU, data protection laws vary. German data laws, for example, require that no customer details are stored outside the country, he says. On the other hand, standards of data privacy and data protection in other regions may not match the stringency of European and US standards. Standards in Asia vary widely, for example. Trust is a key word in conversations about cloud computing services in Asia, according to the Asia Cloud Computing Association. This includes trust in the service provider, government and the security of the data. A number of Asian markets are now implementing data protection and privacy laws or are updating and reforming existing laws to meet the challenges of the cloud, the association s Cloud Readiness Index (CRI) report reveals. -4-
But although work is being carried out, it is not uniformly spread throughout the region, and discrepancies remain in data protection and enforcement, consistency of laws and regional best practices. For example, Singapore fell in the CRI index in 2012 due to its relatively low score for data privacy protecting the confidentiality and integrity of personal data whereas Korea, Taiwan and New Zealand rose in the ranks due to progress in policies around data privacy. Other issues to consider are intellectual property protection, freedom of access to information and data sovereignty which determines how data s movement is allowed or restricted. All need looking at. This makes it paramount that these issues are thoroughly addressed before any IaaS contract is signed. The Open Group s Harding says CIOs must ask themselves the following questions when reviewing global cloud infrastructure requirements: Where will the data be located? What detail needs to be known about data location to comply with relevant regulations? What security systems and processes should be implemented? What jurisdiction applies to supplier contracts? What impact does the contract have on SLAs? At the heart of every decision is governance, risk and compliance. If you understand them, the contract will work Roy Illsley, Ovum The growth of cloud technology Cloud technologies are taking off and moving beyond the hype phase, according to the findings of a Computer Weekly/ TechTarget datacentre and virtualisation survey of European organisations. The vast majority (84%) of companies surveyed are keen on cloud, with 27% planning to expand their deployments of cloud, 12% deploying cloud for the first time, and 45% evaluating cloud technologies over the next 12 months. Over the next 12 months, 15% of companies will implement private cloud five times the 3% that plan to implement public cloud in the same period Cloud enthusiasts far outweigh cloud naysayers the 15% who will not deploy cloud computing at all, and the 1% who tried cloud but abandoned it. Different organisations favour different cloud models. Questioned about the status of their public or private cloud deployment over the next 12 months a quarter (25%) revealed they have implemented private cloud, while 9% have implemented a mixture of public and private cloud, and 3% have implemented public cloud. Over the next 12 months, 15% of companies will implement private cloud five times the 3% that plan to implement public cloud in the same period. The primary motivation for nearly a quarter of organisations (21%) considering private cloud computing is to leverage investment in existing infrastructure. Close behind, for a fifth (20%) of organisations, is the disaster recovery and business continuity benefits of the cloud, while 15% say they are turning to cloud to provide users with self-service and automation of computing resources. Many IT leaders are keen to avoid the outsourcing model by adopting cloud services instead. Some 14% said a primary motivation for cloud is to keep IT in-house, where it can be controlled, and to prevent the outsourcing of IT. Other compelling reasons for cloud include improving the quality and speed of product development (11%), to achieve the benefits of public cloud with increased security (7%), and to achieve better insight about resource use and cost recovery (5%). -5-
For multinational companies, trying to grow in regions such as Asia, the right IaaS partner can make all the difference. For any company, using an IaaS service is much less risky than establishing a datacentre for a new venture, and it requires much less management overhead. Choosing a local IaaS supplier, if there is a reliable one, may help in some situations. For example, with government contracts, says Harding. Ask the right questions The global CIO must ask the right questions to choose the right supplier. It often means a new role for the IT chief as someone who must federate and manage the supply of IT resources the buck stops with the organisation so due diligence is necessary before any contract is signed, says Illsley. He suggests developing a corporate governance policy which allows for local regulations within regions under the guidance of the corporate policy. Drill down and see what the regulations are for each region. Due diligence is essential. Global organisations want an IaaS partner that has the network and the datacentres, as well as the management service, so they can sort out the management and the billing side of the service, he says. He says finding the right partner can be a big learning curve for the organisation and will involve input from the business, IT and the legal department, but getting the governance in place is critical before the correct person signs up for and accepts the terms and conditions of any contract. At the heart of every decision is governance, risk and compliance. If you understand them, the contract will work, says Illsley. n About Telstra Global Cloud Infrastructure Telstra Global s Cloud Infrastructure offering is engineered for global businesses that need to consistently deploy applications, deliver business processes and deploy offshore disaster recovery solutions across multiple geographic locations. It provides customers with an exceptional experience, combining the flexibility of cloud computing with a world-class, highperformance, low-latency global network. CONSISTENT Create, replicate and deploy applications and deliver business processes across multiple geographic regions seamlessly. Streamline and simplify the way you manage your ICT with a consistent cloud infrastructure solution. GLOBAL Move data closer to your users. By hosting applications in our datacentres in Europe, Asia-Pacific and Australia you can help minimise the legal, technical and cultural challenges associated with keeping data offshore. CONNECTED Deliver your data over one of the world s most extensive telecommunications networks. Our cloud services are built on our own network which extends to more than 1,900 points-of-presence in 230 countries and territories to ensure your data gets there faster. FLEXIBLE Scale up, scale down. Build a cloud infrastructure solution that fits your business by choosing virtual or dedicated servers or combine them to create a hybrid hosting environment. Complete the solution by choosing add-ons such as secure private networks, backup and security. SECURE Rest assured. Our robust cloud platform is supported by industry-standard hardware and software-based firewalls and remote access security designed by our team of security experts. Your infrastructure is hosted in our accredited datacentres and monitored 24/7 by our cloud operations team. CONTROL Get greater visibility and control over your ICT. Our management console is the gateway to managing your cloud infrastructure solution. Benefit from real-time usage and data reporting and manage the configuration of your virtual and dedicated servers, network, backups and security. www.telstraglobal.com -6-