The Need for Standardisation in Cloud Computing – Introduction
To many observers, cloud computing may appear to be spreading like wildfire with both enterprise and personal users jumping at the chance to take advantage of the cost effectiveness, scalability and flexibility that it offers. However, there is a strong debate amongst industry experts, and beyond, as to whether this uptake, however rapid, has been severely tempered by a lack of trust and understanding around cloud services from prospective clients.
The debate stems from the thought that there is a perceived lack of transparency caused by the multi-server approach to the creation of cloud platforms and the differing propositions put forward by individual cloud providers; and that this in turn is obscuring client understanding of what it is exactly that they are choosing to sign up to.
Moreover, it is argued that some of the markets that would benefit most from cloud adoption are made up of the same clients that are more predisposed to be reluctant to take on the perceived risk of signing up to cloud services. As a generalisation, large scale enterprises are perhaps more likely to possess the budgets to either host private cloud services internally or engage with third party providers to define exactly what they getting from their service, whilst private users perhaps only engage with the cloud at a lower level where they don’t have the inclination to analyse the performance and security issues at play. However, in between, SMEs (small to medium sized enterprises) are likely to be better informed as to both the benefits and risks of cloud computing platforms, but won’t necessarily have the budgets to bring IT functions in-house or employ dedicated professionals with the expertise themselves to procure the most suitable services. In other words, the likelihood is that SMEs are more reliant on third party suppliers, aware of the non-specific risks of each proposition but unable to control the specific vulnerabilities of the cloud.
Many propose that, as has been the case in many markets that have preceded cloud computing, the answer to client wariness is standardisation with the aim of delivering transparencies. In other words, create a market where a client can shop between multiple providers and judge their security levels, data handling, performance and service stability on comparable metrics.
One of the main driving forces behind standardisation in the European cloud computing market is the European Commission (the executive arm of the European Union) who are keen to implement a new set of standards across the 27 constituent members of the EU. The intention of these standards, alongside updated data protection rules, is to allow the consistent delivery of cloud services spanning national borders within the union – much like the commission has delivered with economic migration. Together they aim to build client trust that their data is handled and stored within the same legal frameworks whether it is physically hosted in Holland or the UK, for example. The policies would see the introduction of a certification scheme whereby cloud providers across the EU would be certified if they were shown to conform to the commission’s standards on data handling, interoperability and security.
Perhaps at the crux of what the commission’s policy would seek to clean up, however, is the topic of SLAs or Service Level Agreements. These are the documents that outline what it is exactly that the client is signing up for and what services they can expect from their cloud provider when they hand over their money. Standardising SLAs is key to building trust in the cloud computing market because it introduces the transparency for cloud clients when they are analysing their options. The subjects covered by SLAs are explored further in the second part of the article.
© Stuart Mitchell 2013
To find out more about accessing secure and transparent cloud based sevices across the EU you can check out this pan-European virtual data centre provider.