I was going to write about how building a cloud is similar to moving, but the more I think about it, the more I think people are confusing an automated virtual environment with a cloud: IT as a Service is not just about cloud. Having automation does not imply your virtual environment is a cloud or visa versa. Granted, using IT as a Service is important for a cloud if you look at the NIST definition of a cloud, but it is not necessary for a cloud. Perhaps IT as a Service is just a stepping stone towards a cloud, perhaps it should start as a data center play? As company’s and vendors cloud wash all aspects of IT, as IT decision makers we need to step back and look at our data center and decide how we want to get to the cloud (if we want to get there at all).The more I think and talk about Cloud or IT as a Service, the more I think there is something missing. It seems that many have gone to calling their virtual environments clouds and some have added an IT as a Service portal and then called the environment a cloud. I think there is a step in the middle we are missing, one that would allow us to bridge the gap from a traditional datacenter to a cloud based environment. That bridge could be IT as a Service, but it is not the only factor.
In order to bridge from a data center to a cloud we need to move away from thoughts of bastions, networks, systems, and locations of assets, but instead turn our thoughts to just the data we are trying to access. We need to become more data centric because when we move to a cloud we are worried about our data, not necessarily the plumbing to access our data. We assume the plumbing works provides adequate controls, etc. If it does not provide adequate controls, we must provide those controls at our data not the networks, systems, etc. but with the data.
Being data centric implies our data protection, security, compliance, and identity is wrapped around our data and not the supporting systems per say. This is a mind shift required to bridge this gap, perhaps we can use IT as a Service to help make that shift but in smaller steps.
The first step to understanding the cloud is to understand your data, once you understand your data you can make intelligent decisions about where that data may reside, how it got there, and what to do about it (if it is in a wrong place). Classify your data, not the systems the data is accessed from or by, not by the users, but look at just the data. For example, an easy bit of data is personal identifiable information. PII is classified as in effect eyes only, no one should be able to see it but the owner of the data, the individual. So you start by asking a few questions:
- Where in your environment is such data?
- Who or what can currently access the data?
- What is currently being done to wrap controls around that data and at what level?
And your environment includes not only your systems and services but those you use regularly for sales, support, document handling, data sharing, calendars, etc. Which means you are looking not only at your own datacenter but which ever services your employees use such as Dropbox, Salesforce, Amazon, etc.
But that may be a big byte to chew upon, so start within your datacenter only. Now consider how best to get a handle on your data. The first step is automating processes that normal interact with the data, such as deploying new applications, updating old applications, growing your systems, etc. These are all under the purview of IT as a Service. We have not branched to the cloud, but added automation to our environment. Automation that either comes from scripting, employing Puppet or Chef, or even a Cloud portal such as Embotics, VMware vCloud Director, VirtuStream’s Xstream, or even Openstack. But realize that if you deploy a cloud portal you may not be a cloud, you are augmenting your datacenter to provide repeatable automated processing to manage your data.
The next steps are to determine where your data is proliferating to within your partner’s environments where your partners may just be SaaS based cloud service providers. In either case, you need to know where your data ends up, then you can augment your existing IT as a Service implementation to include those services as well. Once you do that, you have branched to being a hybrid cloud. But we need to start somewhere, start within your own datacenter. Gain back control, perhaps IT as a Service and cloud portal solutions may help you get there and be a stepping stone to the cloud and a data centric world.
Some sort of automation tool is definitely a step towards the Software Defined Data Center.