When I interview folks about technology implementations, one of my go-to questions is whether their biggest challenges involved technical problems or cultural issues. Guess what? It's always culture.
Cloud computing is no exception. When I wrote a story about cloud computing back in April, one of the folks I interviewed was Bernard Golden, CEO of HyperStratus, a consulting company specializing in virtualization and cloud computing, and the author of "Virtualization for Dummies." He thought quite a few IT organizations would struggle with the process changes required to enjoy the benefits of cloud computing. For example, the cloud will call for shifts in processes as basic as budgeting, which will no longer involve submitting funding requests based upon relatively simple hardware and software cost calculations. He told me:
If IT organizations want to take advantage of cloud computing, they will have to modify or even jettison many of their existing processes.
I remembered Golden's remarks as I read a Computerworld article on the Central Intelligence Agency's adoption of cloud computing. Jill Tummler Singer, the CIA's deputy CIO, acknowledged the agency has "seen a significant amount of pushback, slow-rolling [and] big-process engineering efforts to try to build another human-intensive process on top of enterprise cloud computing."
As part of its effort to address such cultural resistance, Singer said the CIA would base its contract competitions on performance rather than headcount.
While the CIA and other government agencies are beginning to use cloud computing, security concerns are leading them to opt for internal clouds. According to a Network World article, the Defense Information Systems Agency (DISA), which offers a cloud computing platform called Rapid Access Computing Environment to military agencies, conducts a full SAS 70 audit for cloud-based applications and utilizes a specialized security accreditation process. It also employs a strict data cleansing process for applications removed from the RACE platform. Henry Sienkiewicz, technical program director of DISA's computing services and RACE team, said:
Security is one of the things we have to keep foremostwhich is significantly different than some of our contemporaries [in cloud computing.]
The CIA's Singer thinks cloud platforms are more secure than traditional computing environments because of their emphasis on standardization, which should simplfy tasks such as identity management and patch management.
I agree with IT Business Edge's Arthur Cole, who earlier this year said he thought most enterprises (and I think public agencies as well) will use a combination of internal, external and hybrid clouds. He wrote:
The key attribute to cloud computing is flexibility. It provides that ability to shift data, applications and resources on a global scale to suit the needs of the moment. To be most effective, however, enterprises will need to keep all their options on the table, whether they are their own cloud or someone else's.
Keeping all options on the table brings us back to culture, of course. It's something that will come naturally to some organizations, while others struggle mightily with it.