Discover PerformanceHP Software's community for IT leaders // April 2012
The cloud in context: Shaping the future of IT
In a preview of Discover Las Vegas 2012, HP Software VP/GM Jonathan Rende takes on a major theme of that event: The transformative power of cloud solutions.
In June, HP’s annual Discover Las Vegas conference will offer cutting-edge thinking on the IT topics foremost in CIOs’ minds in 2012—among them mobility, application transformation and the rise of DevOps. One of the biggest topics is sure to be cloud, and given how much confusion about cloud technology we’ve seen in the IT community, Discover Performance asked Jonathan Rende, HP Software’s VP/GM-Applications, to sit down talk about how the cloud is affecting large enterprises this year.
Exploring the options and best practices around cloud adoption will be a major theme at Discover, running June 4-7. Rende gave his perspective to Discover Performance.
* * *
Q: People can’t seem to stop talking about the cloud. Is it the most important trend for CIOs to be aware of right now?
Rende: We’re seeing talk about a lot of big trends right now—DevOps, cloud, mobile, agile and continuous delivery—they’re all getting a lot of attention. The trick is not to get tunnel vision around one or two, but to understand how all of these things overlap and how, taken together, they’re about driving better, faster outcomes for the business. For example, cloud and DevOps are actually closely related in their aim of less environment provisioning and configuration time, and speedier application releases. Understood properly, each complements the other. Taken in silos, you could miss out on the major benefits. The businesses that differentiate themselves are the ones that understand how these trends converge and relate—and how to best take advantage of those convergences.
Q: So cloud needs to be viewed in a broader context. But isn’t cloud mainly an operations concern?
Rende: No. Cloud impacts so many activities within IT. So many, in fact, that as a catch-all term it’s a little dangerous. Clearly, cloud conversations often begin on the production infrastructure and operations side due to immediate provisioning and potential cost savings. But they certainly don’t end there. Development and quality teams are keenly interested in using cloud or hybrid environments for creating a better way to stand up lab environments. And then there’s the applications themselves, which if they’re to take true advantage of a cloud environment (whether public or private) must be optimized—often re-architected. Cloud-based apps are more like a shim, with many services behind the scenes supporting the overall business processes. This introduces all kinds of new challenges in terms of how you architect the app services, what are the dependencies of the services and different data sources, and how you measure end-to-end quality and performance. All this is to say nothing of how companies are now looking to change their application consumption models, via cloud-based SaaS and the like.
Q: Speaking of SaaS, how does a CIO weigh that option?
Rende: The first thing a CIO should do is classify the applications as either “core” or “context” apps. The core apps are the ones that differentiate you, so you must keep control of them, maximize their agility, and make them absolutely best in class. A core app for a commercial airline might be the one that books reservations or lets customers select seats via their mobile phones. Context apps, on the other hand, are necessary and important but tend not to differentiate your offerings. These need to be reliable and secure, but they are not what you want to spend a lot of internal resources on to optimize. What this means in terms of the cloud is that you might not even want to own these context apps. Things like payroll, sales force automation, or monitoring—these are services that a dedicated vendor might do better and deliver cheaper, so you’re better off using them as a cloud service.
Q: What is the Ops leader’s role in a world that includes cloud?
Rende: Gartner says 25 percent of IT spend will be out of IT’s hands and in the hands of SaaS providers by 2014. So while Ops leaders continue to oversee the delivery of in-house applications and services, they also become brokers of a hybrid portfolio of services. They’re already finding that the business unit often doesn’t care where the services come from, but the Ops team has to care—and they have to manage that broader portfolio to ensure the best value and quality to serve the enterprise’s objectives. I look at it this way: In the past, Ops leaders needed to tightly govern processes and practices in support of the operating data centers, along with the new delivery of systems from the development organizations. This was highly controlled and regulated with practices like ITSM. In the new world of continuous change and delivery, VP-Ops leaders will need to maintain control while not handing over the keys to the lines of business. I think it’s going to be a world of loose governance, where apps teams have more freedom to deploy and manage their deployment within the best interest of the company and IT. The VP-Ops has the opportunity to define this new reality.
Q: What are some of the security challenges around consuming and delivering apps via the cloud?
Rende: Cloud and SaaS offer compelling benefits, yet to take full advantage of them, security is often a primary consideration. For example, how do you protect applications and underlying infrastructures when only some or part of this is owned and directly controlled from the company? How do you manage user access such as shutting down a user’s account and other cloud-based privileges when the user leaves the company? There are automated solutions and single-sign-on solutions, but all of this becomes a challenge for the CIO and the CISO to consider when managing risk. It’s also important to protect against attacks and protect against the most important vulnerabilities. HP has market-leading solutions in this important area, because we want to help the CISO to stay ahead of the game not by building perimeter strategies but by understanding the internal risks and managing them to acceptable levels.
And, of course, leaders have to consider security when delivering apps as well. If your app relies on components or data in the cloud, the transfer of this data must be secure. How do you secure the app and its connection with components outside your firewall? We have products that allow developer to automatically and transparently scan source code as the application is in development to identify security vulnerabilities, and we think that’s a major component of cloud security: built-in security from the first line of code. Developers are not security experts so they need to know where the most critical vulnerabilities lie and how to fix them. That is what we can provide to them.
Q: At the rate cloud solutions are evolving, do you see them eventually centering on a core set of benefits or concerns?
Rende: No. I don’t believe so. Our Grounded in the Cloud blog recently noted Forrester’s report on rapid cloud adoption in Europe. In Germany, the principal attraction is cost control, while the French mainly cite the heightened agility. At the same time, each country had a different primary concern when investigating cloud options. Cloud is going to be integral in enterprises worldwide, and part of the reason for that is the incredible range of options and benefits it presents.
The fast-growing world of cloud computing will be one of the key tracks at HP Discover Las Vegas 2012. Learn more about the event and its wide-ranging session agenda—and register—at the main Discover 2012 page.
Register for HP’s premier event for inspiration from industry leaders, the HP inside scoop, and a deep dive into tomorrow’s enterprise IT trends.
HP Software VP Paul Muller brings in HP and industry-wide experts each week for challenging discussions about trends in Big Data, mobility, IT security and more.
HP is transforming itself using cloud technology. Get real-world insight from HP IT on delivering IaaS, PaaS, and SaaS.