[qi:gigaom_icon_cloud-computing] When I spoke with U.S. CIO Vivek Kundra last month, he outlined a pragmatic approach to the federal technology infrastructure that involved wanting to adopt a hybrid model of data centers and cloud computing solutions. Buying infrastructure as a service instead of banking solely on energy-guzzling data centers is a good way to stretch tax dollars, he argued. Kundra’s colleague, Aneesh Chopra, Chief Technology Officer of the United States, shares his approach.
And while cloud computing is all the rage in Washington D.C., it seems the state of Washington doesn’t much care for cloud computing. Instead of buying cloud computing services from home-grown cloud computing giant Amazon (s amzn), (or newly emergent cloud player, Microsoft (s msft)), the state has opted to build a brand-new, $180 million data center, despite reservations from some state representatives. Microsoft is moving the data center that houses its Azure cloud services to San Antonio, Texas, from Quincy, Wash. — mostly because of unfavorable tax policies. Apparently, the data centers are no longer covered by sales tax rebates — a costly proposition for Microsoft, which plans to spend many millions on new hardware for the Azure-focused data center.
By the way, Washington is the second state that has decided to build its own data center. In June, Massachusetts decided that it was going to build a $100 million data center. The Sox Nation is home to Nick Carr, author of “The Big Switch,” arguably the most influential book on cloud computing and its revolutionary capabilities.
These aforementioned states are examples of a bigger trend: Most large organizations are still hesitant to go all in when it comes to cloud computing. That’s partly because the cloud revolution still has a long way to go. But much of it is fear of the unknown. In a blog post on the web site of the Los Angeles Police Protective League, a group representing LA police officers, its members raise doubts about the city’s decision to use Google’s cloud-based services.
The League is very concerned about records being housed on computer networks outside of the city. Our concerns are well-founded and understandable, given that government and corporate computer network breaches have become more prevalent over the past several years. This is a complex technological issue that demands careful study and planning by the city. Before the city introduces an outside entity into the chain of custody, sufficient safeguards need to be in place to secure confidential information.
They are being reasonable in their protest, especially when it comes to sensitive information. Like many technologies before it, cloud computing will have to overcome doubts and challenges before becoming business-as-usual.
(Related from GigaOM Pro, subscription required: If We Compute in the Cloud, We Need a Network Fabric.)
This article also appeared on BusinessWeek.com.
I conducted a 3 day interview and panel with 5 senior underwriters from big insurance. One of them said, “why are managed services for typical Mainframe and hosted AS400 type systems in financial, banking, govt services etc. under-writable, and newer data centers touted as “cloud”, and used for Web Applications not?”
Answer, agreed by consensus in the group, “Ability to audit, verifiable liquidity, and proven procedures for continuity audited by an industry standard group”.
One guy said, and I never forgot this, “Some of the new PAAS and Web App providers don’t have operating funds for the second half of the year! And some of the more well known VC funded? They wont become insurable either the way they are run at max burn”.
What does a company do if their cloud provider comes under DDoS attack from Georgia or Russia? Send everyone home for the day?
Om, I think this has a lot more with politics than technology. Large capital projects are something politicians can brag about come reelection time. They are “investments”. Going the cloud route is an “expense”. While the later may actually save the taxpayers’ money, financial analysis doesn’t play well with the electorate. It is much easier to point to a big facility and talk about all the jobs created (especially counting construction). Hard to do a public ribbon-cutting or ground-breaking ceremony with a contract for cloud services . . .
The IT risk managers needs to advice the business of the risks (legal and IT related) of the cloud weighed against the financial benefits (capability and cost savings). Then let the business decide. If the business decides to proceed then the IT managers must be prepared to develop a system of controls and processes for surviving an unwanted event (data breach, service disruption etc).