Monthly Archives: December 2011

Adventures in Cloudwashing: Are You the Cloud Or in the Cloud?

Anyone who is working intimately with cloud computing and having critical conversations regarding this medium will eventually be party to the “cloudwashing” conversation.

Cloudwashing: the activity of associating all your products with cloud computing even though it doesn’t meet core attributes that define cloud computing as created either by de jure or de facto processes.

Depending upon your role in information technology cloudwashing is either a major concern or a significant benefit. If you are a product vendor looking to gain attention for your product, then cloudwashing is very useful. It opens up interest in your product to an entirely new audience that may see benefit in your offering even if it really doesn’t align fully with cloud computing goals and values. If it attracts eyeballs without significant additional costs, then it’s positive.

If you are an IT manager, director, vice president, CIO or other, and your goal is to say that you’ve successfully delivered a cloud computing initiative, then cloudwashing is good. After all even if it’s traditional managed services, if you can label it cloud, the pure confusion and lack of agreement on what is cloud will work in your favor. That is, who can argue with you that your initiative isn’t cloud computing if they cannot define cloud computing in a concrete and definitive manner.

If you are a security officer concerned with privacy and security of your businesses’ data and access, then cloudwashing may work in your favor as well. Most cloudwashing is typically managed services repackaged, which means it doesn’t really incorporate key attributes of cloud computing that concern security professionals, such as multitenancy and shared hardware platforms. So, the security professional who cares less what the business wants to say they’ve accomplished as long as they’ve done their job securing information and access may be better served by a cloudwashed product or service than a real cloud computing product or service.

So, why should we care if a business wants to cloudwash their offering? For one, its disingenuous, and anyone that’s willing to sell you something in a disingenuous manner should trigger you to question that company’s values and ethics. Ultimately, it could mean the difference of them being their when you need them and you out on the street with your briefcase in hand looking for your next job.

Secondly, it damages the entire industry. While you can technically argue that there’s no one single globally-accepted definition of cloud computing, NIST and Cloud Security Alliance are two very credible organizations that have settled on a common definition. There may be others also promoting this definition as well. So, to imply that there’s no standard undermines the work of these organizations in attempting to help businesses and individuals understand cloud computing. Moreover, without a common agreement, there is no means to develop agreed upon metrics for comparing offerings from different vendors.

Finally, there should be delineation for vendors that are in the cloud and those that are the cloud. This differentiation is unclear when vendors cloudwash their offerings. Being ‘in the cloud’ means that you are selling a service that relies upon yet another provider’s cloud computing service. This is important for businesses to know that are signing up for a service. In the same way that you would want to know that FedEx or UPS uses a third party delivery agent in a foreign country and that they are not handling your package from start to finish, you should want to know who ultimately is touching your data and applications. Cloudwashing makes it difficult to distinguish those who are “in the cloud” from those that “are the cloud”.

Of note, I know there are those that will argue that you’re buying a service and you shouldn’t care, but that’s a naïve opinion that demonstrates a lack of understanding for the business requirements for audit and compliance. Maybe some startup in Bumpuck, Nowheresville that’s hosting a free service can get away with this approach, but real businesses that hire professional accounting and auditing services are responsible for understanding the implications for using that service; this often means knowing what software and services is being used to provide a service.

Start Building Your Next Generation IT Department Now

David Johnson’s Blog piece really got my goat. In this piece, “Meet Jamie – A HERO With The Power To Force Change,” Johnson paints a sales representative that has rejected his IT department’s choices for device support in favor of an unsanctioned Bring Your Own Device (BYOD) strategy as a hero. Frankly, I believe Johnson does a major disservice to the IT industry with this piece, once again painting them as inept and unable to keep pace with the speed of business.

As someone who has consistently been advocating for pushing the envelope within IT, my goal has been to help business establish a framework for operating in a rapidly changing industry and meeting the expectations of its users. And, like a good mentor, I can push my students to reach their potential, but don’t you come bash them for not being able to rise to the challenge.

How many of you out there believe your IT department is a hindrance or a hurdle to you getting your work done? Okay, let’s put that feeling to the side for one minute. It’s a valid concern, but let’s look across the table at the challenge from ITs perspective.

  1. Operational costs are continuing to rise and continually consuming a greater portion of the annual IT budget
  2. Technological shifts are coming faster and are more disruptive with each shift
  3. In many businesses, the same IT group is responsible for desktop support, mobile device support, application management, operations management and telecommunications
  4. The IT department is supporting many different businesses, not one. From the IT perspective, marketing, accounting, executive, sales, distribution, warehousing, supply-chain & logistics are all different businesses
  5. Enterprise class software and hardware generally sucks

Now, let look at prioritization of efforts in the environment I just described. Who should get the most attention? In the realm of this, does it seem reasonable that they may not be organized in a way to support your desire to bring in the latest mobile device or tablet?

All this aside, let’s turn back to the answer we put aside earlier regarding your concern that IT is a hurdle or hindrance to getting your job done. The reality is that you should expect that the business provide the appropriate levels of support to ensure you operate with maximum productivity. It’s in their best interest and yours. This is not a question of “should we”, but “how can we?”

Frankly, I believe IT departments have no choice but to innovate with regard to how they staff, organize and deliver service. The old world nature of silos of expertise are toast. Lack of cross-domain understanding of IT-related issues accounts for 90% of slowdowns, lack of response and service disruptions. This type of change cannot occur overnight. It must be an evolution unless the business is also willing to accept service disruption as a possibility in order to speed the change within their own organization. I am not stating this facetiously either; it is a risk management decision that may be viable and worthwhile if it will enable the organization to triple their efforts and operate more effectively.

It’s time to put away the pitchforks and torches with regard to the IT department. The best thing you can do to help yourself is not become a rogue BYOD agent, but convince your management to contribute to innovation investment within IT to support your needs for greater productivity.