Glenn Weinstein, CTO, Appirio
Gartner’s Daryl Plummer led a panel discussion this morning at Gartner Symposium ITxpo 2010 in Orlando, reporting on the findings of its Global IT Council for cloud services. Specifically, the council surveyed over 300 cloud computing users and used those results to formulate a “bill of rights” consisting of 6 rights and 1 responsibility for organizations that consume cloud computing services. The panel joined 4 members of the Global IT Council itself – Daryl plus 3 CIOs, from Marathon Oil, MIT’s Lincoln Laboratory, and International Finance Corporation – along with representatives from 3 providers – Accenture, Microsoft, and salesforce.com.
The reports highlights a largely uncontroversial set of customer rights, including the notion that vendors should provide users rights to control their own data, be notified of service issues, be made aware of legal requirements and security provisions, and to expect certain service level agreements. The one customer responsibility, in return, was merely to respect licensing restrictions.
The group spent little time debating the rights themselves, and moved into what seemed to be a more general discussion on core issues around cloud computing adoption, organizational responsibility, and vendor relationships.
In that discussion, the group articulated a much richer set of responsibilities that cannot be fulfilled by vendors, and therefore must fall to the (smart) customer. These fall into two key themes:
- If it’s technology, the CIO owns it. Marathon Oil CIO Thom Sneed made this point amid a discussion on today’s multi-vendor scenario (more “multi” than ever with the advent of cloud computing) as other panelists debated whether it’s fair for companies to seek “one throat to choke.” Thom said the answer to that question was simple – “when they are looking for whose throat to choke when something goes wrong, that’s easy… the CIO’s.” More broadly, the CIO and the IT organization continue to own ultimate accountability for the application and adoption of technologies that further business aims, even in a world where the VP of sales can go directly to salesforce.com and purchase licenses. That’s even more true when the first calls come into the help desk. It’s great that vendors provide customer success managers, account managers, and the like, but in the end, it’s the customer that bears true responsibility for putting the technology to best use.
- SLAs and penalty enforcement clauses are great, but customers need to be realistic about risk assessment. It’s tempting for a purchaser to demand punitive SLA clauses not just for lost productivity, but even perhaps for damages that could be caused by significant outages or other data issues caused by cloud vendors. But let’s get real – IT isn’t perfect, even (or especially) when it’s in-house. Do you ever find bugs in your homegrown software? Does your data center provide 5 nines of uptime for every application? Are you really willing to pay the price to ensure against any negative possibilities (either self-insurance via over-investment in IT internally, or externally via paying much higher prices), rather than making a realistic assessment of risk vs. reward? The cloud model provides tremendous direct value and comes with a track record of solid reliability, but not perfection. At some point, you’ve got to make your own cold-blooded assessment of the true risks associated with on-premise vs. cloud models, and figure out how much risk you can accept in return for the rewards. Just because it’s hosted doesn’t mean it’s any more risky, and in fact, it may be significantly less risky.
As adoption of public cloud computing goes mainstream in the enterprise, I suspect we’ll see more of these “adult conversations” between vendors and customers, where both parties bear significant responsibilities towards making a successful outcome. We may even see this dynamic as the catalyst leading to the rise of the cloud services brokerage, as Plummer defines it, whereby the brokerage not only mediates services on behalf of the customer, but also helps the customer meet the obligations on their end of the bargain.