Sramana Mitra: Even so, does it really make sense for all enterprises to design and architect the entire solution on their own? You are probably much more technology oriented than many other IT shops. I have to believe that there are many other IT shops outside the technology vertical that don’t want to do a lot of development and don’t want to do as much designing as we think. It should be at least somewhat ready, right?
Diane Bryant: I completely agree with you. What you are hitting on, though, is why it isn’t happening. I do believe that we will evolve to a state where there are standards that define how these cloud environments are secured and managed. When you have those standards, that is when you get all kinds of innovation and solutions, full-time solutions, that aren’t proprietary. That is why I say we are a relatively new era. We all want to go to a cloud because it provides great TCO on utilization and agility inside of IT. It provides great business value because when the business group says I want an app, I want a new solution, it takes us now minutes instead of months, which is a huge value to the business. We all want to go there, but you are right, if you are a private cloud and you are a large enterprise and you want to go there, you say, I will just do it myself. It is a big investment. It is a big industry.
Sramana: It also requires a tremendous amount of expertise. You have to figure out every single piece of this puzzle, including exactly what the security is going to be around all this.
Diane: If you are not as lucky as I am, I guess, I can recruit and put some of our people on it. All of us don’t have virtualization expertise or security virtualization expertise. What does it mean to be compliant in a virtual environment? All of that is new.
Sramana: Very few people can get world-class experts in each of those areas in their IT organizations.
Diane: Right. What I believe happens is the people who are going to the cloud don’t have that expertise and have a high enough cost structure internally. They haven’t done a good job in driving down the cost of running their own IT organizations and so it is a cost advantage back to privacy. The prior comment – about why people aregoing external – the problem is because there are not standards. You go to an external cloud provider. That external cloud provider is also, like us, learning and maturing, so they go down. I am sure you saw recently that Amazon crashed.
They are just like us. They are trying to figure this out, too. What you need to do, and what we need to do, and what Open Data Center Alliance, the 35 CIOs they are joining, need to do is to try to drive standards for the cloud. Once you have standards, you have standard interfaces. Then you can get the kind of innovation cycle going that we have seen in the computer industry for the past 60 years. Once there is a standard that everybody can develop against, that is when we get the innovation. I think what is lacking in public cloud today is security and a better cost model so that those of us who have a good IT environment are compelled to go there. Otherwise, it is just going back to the mainframe days where we all had that proprietary stack and we paid dearly, year after year, for that service.
Sramana: Let’s take that issue of reliability. What is your strategy, especially now that you and your peers have been alerted to “What if that happens to us?” What are you doing about reliability?
Diane: Well, I certainly think that it says a lot about private clouds until the public cloud matures. When I said 80% of our office and enterprise applications can be virtualized and put into the cloud, the 20% that can’t is going through every single app. There are certain apps we are not going to risk. I think everybody needs to go through that. If I was an Amazon customer, I would hope that I went through that in our offices and said, I am going to move this to the Amazon cloud, but this I am going to keep inside of my own firewall because I just can’t risk it.
I hope that they did that. The problem is if you did that, now you are dealing with a mixed environment, which is very hard, dealing with external cloud management of some of your apps data. An internal cloud management of your apps data is a complex world, but we’ve gone through everything that happened and said we are comfortable putting it on a shared environment. Any systems that have security function, the process through the firewall, that we’re not going to put in cloud — or private cloud — anything that has anything to do with enterprise authentication, like active directory, that is going to remain an undedicated hardware, anything that has high volume data, Intel’s highest top secret documentation, we are just going to be on stand alone. We are just not going to risk it leaking. You have to go through all of your apps and data associated with apps and say, “What am I just not willing to risk?” And then don’t put that in the cloud.