Articles Posted in Cloud Computing

Posted

The rise of cloud computing services and the privacy/security issues involved have been much discussed (see, for example, our prior blog posts here). But when customers procure cloud-based services, a critical “behind the scenes” issue is often overlooked: is the cloud provider itself relying on third party subcontractors to perform critical functions? When these subcontractors are added to the mix, things become a bit more complicated.

Cloud computing offers a wide variety of services:

  • IaaS: infrastructure as a service to replace a customer’s data center or testing environment;

Posted

I recently attended the UK Society for Computers and Law’s Annual Conference where Cloud Computing was one of the ‘IT Law Hot Topics’ under discussion. The others, in case you are interested, were Big Data, Apps and Mobile Payments. The event was sold out which goes to show how ‘hot’ these topics really are!

One of the speakers was Christopher Millard, Professor of Privacy and Information Law at Queen Mary, University of London where he leads the Cloud Legal Project – a three-year Microsoft funded academic project undertaken by the Queen Mary Centre for Commercial Law Studies. Started in October 2009, its mission is to reduce uncertainty regarding legal and regulatory status of essential aspects of cloud computing by “the production and dissemination of a series of scholarly yet practical research papers to address various legal and regulatory issues that will be fundamental to the successful development of cloud computing… [which will] demonstrate thought leadership in several complex and difficult areas of law and regulation that are of vital importance to governments and businesses globally.”

The Cloud Legal Project website contains a rich source of content and is recommended reading for IT law practitioners whether in house or in private practice. Topics covered include an analysis of Cloud service provider’s standard legal terms; data protection issues in cloud computing; law enforcement access in a cloud environment; and the role of competition law in the cloud; as well as a report on some of the differing legal issues in cloud computing as compared with conventional outsourcing or hosting contracts.

Posted

In April, we wrote about what we were seeing in the cloud space, including the impact of cloud computing on the CIO agenda. Since then, Savvis published an independent survey of 550 CIOs and Senior IT personnel from large global enterprises concerning their IT outsourcing strategies, including those around cloud computing. We decided to take a look at how some of our personal experiences with cloud computing compared with the survey’s results. Spoiler alert: we weren’t far off.

We’ve seen: Some amount of talk, but not a great deal of action.

Savvis Survey Says: The industry generally agrees.

Posted

Not too long ago a major supplier asked us what we are seeing in the cloud space. We thought the interchange might be of interest to readers of the blog — so here are some selected questions and our responses.

What impact have you seen or expect to see Cloud will have on the CIO Agenda?

We’ve seen:

Posted
By

With cloud services now obtaining as much press as the fallout from Kim Kardashian’s wedding, it seems safe to say that clouds are likely to be in the business forecast for the foreseeable future.

A strong answer to every IT infrastructure manager’s prayers, cloud computing can provide both a scalable on-demand combination of hardware, software and services, as well as helping fulfill corporate/social mandates for becoming greener.

The people over at Carbon Disclosure Project decided to commission a study into the potential impact of cloud computing on large US businesses. Released in July 2011, the report was independently produced by Verdantix and sponsored by AT&T.

By
Posted In:
Posted
Updated:

Posted
By

Given the great interest in “the cloud” from a business perspective, as well as Microsoft’s popularization of the concept with its “To the Cloud!” advertising campaign, it’s no wonder that many game providers are looking to the cloud as the next viable and profitable gaming platform. The cloud movement not only provides economic incentives through various subscription and pay-to-play models, but also helps defeat piracy by locking down game code and other intellectual property from potential thieves.

Cloud game providers have a lot to gain from virtualization, but moving to a cloud-based framework raises potential legal issues that should be considered.

LatencyThe first big issue for gaming providers considering moving to the cloud is both a practical one and a legal one – latency. Unlike digital downloads, streaming games require both down and upstream communications. Further, gaming often demands instant, real-time action, so any material latency will be noticed, especially for multi-player, FPS-type or other real-time games. Currently, some game providers have tried to satisfy gamers’ demand for real-time, low-latency play by operating in data centers that are physically close to the gamer. From a technical perspective, cloud gaming may present an issue because it could involve moving the game servers much farther away from the gamer, thus having the potential to lead to increased, or even significant latency. Another technical fix may be to use “tricks” similar to those used in non-cloud gaming to compensate for latency issues.

By
Posted In:
Posted
Updated:

Posted
By

On June 22, Pillsbury hosted the first annual Federal Cloud Security Summit, organized by the Washington, DC, chapter of the Cloud Security Alliance (CSA-DC). The keynote address was presented by Sonny Bhagowalia, former Deputy Associate Administrator with the GSA’s Office of Citizen Services and Innovative Technologies and current CIO of the State of Hawaii, and covered the GSA’s efforts and outreach to help drive Vivek Kundra’s 25-Point Plan and “Cloud First” initiative.

Among other things, Mr. Bhagowalia spoke extensively about the Federal Risk and Authorization Program (FedRAMP), its goals, its accomplishments and where it is headed. FedRAMP was created to support the government’s cloud computing initiative and is intended to provide a standard, cross-agency approach to providing the security assessment and authorization for agencies to use the services required under the Federal Information Security Management Act (FISMA). The idea is to facilitate the adoption of cloud computing services by federal agencies by evaluating services offered by vendors on behalf of the agencies. The evaluations are based on a unified risk management process that includes security requirements agreed upon by the federal departments and agencies. Because the services are vetted by the FedRAMP, theoretically each agency does not need to conduct its own risk management program – reducing duplication of effort, the time involved in acquiring services and costs.

A draft of FedRAMP requirements was released for comment in October 2010, and final release of the first version was expected by December 2010. Initially, the comment period was extended through January 2011 and the release delayed until the end of June, but according to this report, the requirements are now expected to be released sometime between August and October.

Posted

Cloud-based services give new meaning to the IT holy grail of “cheaper, better, faster” in the right circumstances. You might not even have to settle for just two. But it is important not to let the Cloud fog your thinking when it comes to configuring mission-critical IT-enabled services: adequate failover capabilities, and service levels that will support the operational imperatives of the business, are as important as ever.

It is typical, if not the norm, for Cloud service providers to offer only a single contractual service level – Availability – and then to define it in a way that wouldn’t pass the sniff test in a traditional IT services contract. For example, it is not unusual for a Cloud service’s Availability standard to be exceedingly low by customary data center standards – 98% or even 97% (versus 99.999% or even 99.9999%) – and then to make an already weak standard even weaker by contractual devices such as:

  • Excluding downtime during the provider’s weekly maintenance window -which may span 2 days or more during the weekend, with no limit on how long the service can be taken down during that period,

Posted

Providers are rushing head-first into the cloud revolution, marketing their latest cloud offerings and promoting the benefits of hosting data externally.

To The Cloud–Start-up–Windows 7 by windows-videos

But as customers analyze whether the cloud is the right fit for their technology and data, they need to carefully review whether the contract terms proposed by cloud providers truly work “in the cloud.” Customers may discover that cloud providers simply have taken their existing standard licensing agreements for software hosted at the customer site (or at least large parts of their existing agreements), slapped the word “cloud” on the document, and voilà! A new cloud contract!