The cloud is the new bandwagon for IT, but like previous IT trends it has its advantages and drawbacks.

Cloud vendors and backers frequently focus on its benefits.

Yet not every user group agrees that the cloud offers the way forward.

Reed Recruitment’s head of IT services, Sean Whestone, argues that maintaining his own internal IT assets is, in his view, currently cheaper than outsourcing them to a cloud provider.

As with all strategic IT shifts, there needs to be some forethought into the relative costs and benefits of the private cloud, the public cloud and the hybrid cloud.

Peter Grant, CEO of cloud service provider CloudApps, says it’s wise to look at how much a CIO is investing in his organisation’s own datacentre before moving to the cloud.

“For a large corporate enterprise to build a datacentre the cost is around $100m, and if you have 100,000-300,000 employees you are going to take 10 years to pay it back,” he argues, before suggesting that the cloud offers a lower entry point for most organisations than if it were all managed in-house.

He also believes that the cloud allows organisations to know precisely what’s being used most, but there are hidden costs that need to be considered when a CIO is deciding about which model to adopt.

Maintaining control
Whetstone nevertheless thinks that three main issues arise when a CIO is thinking about public and private cloud strategies.

At this juncture it should be noted that he runs his own operations within a private cloud model, which allows him to maintain control over its day-to-day management.

He says that when you run your own datacentre you can put strict security around it, but this is lost when you outsource it to a cloud provider or outsourcing firm.

This situation becomes worse whenever subcontracts come into play.

“CIOs need to look at how those assurances are replicated legally and as an organisation, including legal assurances about data protection,” he says.

Whetstone recognises that the cloud allows organisations to shrink and grow their ICT infrastructure, but he also feels that you can lose control over its performance.

So he advises organisations to consider whether the cloud offers a better level of performance than if CIOs managed their own internal ICT assets.

The cloud, he says, doesn’t necessarily make life easier or better for its end users, because the delivery of the cloud is over the internet, and so it becomes more difficult to guarantee application performance.

He therefore says that CIOs must ask for strict service level agreements (SLAs) to ensure that a cloud provider can offer them some form of guarantee that application performance won’t be affected.

The trouble here is that the cloud providers themselves don’t have any actual control over the entire internet, and this makes them reluctant to provide some form of internet connectivity assurance.

Yet from a cloud client’s point of view, this kind of warranty is vital as a slow internet connection will always reduce the performance of cloud-based applications.

“I think this creates smoke and mirrors — we are going to release some capital expenditure and turn it into operational expenditure, but cloud providers are still going to have to buy hardware and software,” Whetstone explains.

Economies of scale might be in play, but he stresses that discounts in the software market are quite small and limited.

Start-up solutions

Whetstone adds that cloud providers also have to pay their own salespeople and other overheads. So there may be some cost savings in the cloud, but sometimes the comparative costs of the cloud and managing ICT assets in house balance themselves out.

Yet he suggests that the cloud still makes sense for companies that don’t already have an in-house ICT infrastructure.

Start-up companies and other SMEs, for example, could certainly benefit from it.

“We deliver everything in the private cloud, and work out what works and what it costs before outsourcing it, but at the moment it’s more cost-effective for me to run it in-house,” Whetstone says, before making a rough calculation that for him it’s 20 per cent cheaper for him to maintain his ICT in house.

Furthermore, he explains, the divestment of his ICT assets only occurs every five years as he buys what he calls “perpetual assets that we sweat out, and we don’t buy software maintenance”.

Jonathan Hallatt, VAR director of networking hardware manufacturer Netgear, thinks that most organisations are re-evaluating their costs in the face of the current economic climate.

“They are looking at cloud computing to help them save money and increase their IT agility,” he says, commenting that the market is demanding “bigger, better and more secure infrastructure to deal with virtualisation and cloud computing”.

Capgemini’s CEO of Infrastructure Services in the UK, David Fitzpatrick, thinks that government and financial services organisations may have to continue to maintain many aspects of their own software, hardware, security, data storage and ICT infrastructures due to their regulatory and legislative obligations.

Yet other CIOs might wish to take advantage of the opportunity to do things differently, a situation which he thinks is created by a combination of the nature of the cloud and a consideration for disaster recovery requirements.

By dispensing their own ICT assets, CIOs could be adding an increased level of risk.

This is because the cloud can add a certain amount of complexity, particularly if an organisation wishes to move its assets and architecture back in-house at a later date.

Yet Vishnu Bhat, head of cloud services at Infosys, argues that people are generally more comfortable with the cloud than they were even six months ago, and states that risk management is about transparency and good ICT governance.

“Yes, there is a managed risk,” agrees Geoff Connell, who works as joint head of ICT at the London borough councils of Newham and Havering and as the London chairperson for the Society of IT Managers.

To manage the risks he advises CIOs that putting mitigating actions in place “requires a balance between functionality and cost”.

The actions that Connell is talking about include more effective categorisation of data, which consider where it is stored and accessed; the devices used to access cloud or in-house ICT services and the security risks associated with them; and the undertaking of some stringent due diligence to reduce any risks associated with going to the cloud.

Connell adds that CIOs can make some basic calculations as part of their due diligence to compare the risks and costs of managing in-house systems and those that involve a move to the cloud.

He suggests that they use a whole life-costing basis, while pointing out that the cloud permits you to scale up or down your ICT expenditure.

However CIOs should be aware that these prices could actually increase if you become locked into an agreement with a cloud provider or an outsourcer of another kind, and while most would argue that this is unlikely to happen due the utility nature of the cloud, it should still be a consideration.

Yet the cloud permits Connell to offer shared services amongst the London boroughs he works for, and as a result the London Borough of Newham is expected to make cost savings of £1m.

Avoid ‘cloud creep’
Reed Recruitment’s Whetstone nevertheless says that CIOs should prevent cloud creep — the desire by bosses to shift everything to the cloud — which leads to pressure being placed on CIOs to permit disparate and improperly thought-out cloud adoptions that create an increasing number of organisational silos.

Cloud solutions should only be adopted for the right reasons and not just because it’s the latest thing.

The focus should therefore only be on the measures of actual comparative business case benefits, security, performance and costs.