Last week I received a call from Comstock’s Sacramento Magazine requesting information about cloud computing for an article to be published this summer. I also fielded no less than five phone calls with local business owners/executives who are “cloud curious”.

Let’s just face the facts now and admit that the next major buzzword technology is here, is in full swing as an industry, and will be “Cloud Computing.” So, we must now understand how our businesses will benefit from its use and what pain and suffering we must endure to embrace it. Moreover, we must recognize that most of the technology solutions of yesterday were built to be installed for a single-author/user whereas cloud computing solutions are designed to work in real time as a living and breathing resource that can be called upon instantly to achieve immediate business value.

The reality is that many executives in charge of technology for major enterprises are talking about "cloud computing" and not necessarily ready to say they are going to completely embrace the idea… I have found that as of this posting, if you ask them how they are currently using the cloud, most will firmly say, “we’re looking into it but it’s too premature to say that we are there.” Some are brave enough to serve up an honorable mention of a recently licensed version of Salesforce.com or Google Apps. However, most have nightmares about giving up the control of critical parts of their technology to a vendor who can make or break their business.

So, how about we open the reality jar and figure out the real risks, see if we are just reacting with fear, and see if businesses really are using cloud computing. More importantly, I want to know if they truly understand what, and how important, it is to be in the cloud.

If you ask a technology professional what the cloud is, they will give you one of a few answers with buzzwords such as “subscription software,” or “servers by the slice,” and the famous, “virtual servers in a data center.” In reality, being in the cloud can be all of those things, but none of them really define what “the cloud” really is. Hopefully, my perspective on the matter will clear this up.

I have concluded that the true definition of the cloud can be found in the original vision behind the Internet Protocol when it was built.

Vint Cerf, one of the universally declared fathers of the internet, once said to me, “We designed TCP/IP (the Internet) to insure that we would have a network upon which all applications could run.” Accompanying his design were the standards and ports of different protocols (ie: HTTP, SMTP, etc), that would define how applications could communicate. However, a lack of Internet bandwidth limited our ability to share computing resources and forced users to work independently. Hence, software companies built their software for the single author where the software could be licensed, installed, and run by an individual user. Only when a user completed and needed to communicate their “work” did the Internet network become useful.

Enter stage left, the web browser, web-based interactivity, and more bandwidth. Suddenly, these applications became collaborative (see instant messaging, video chat, etc) and feature rich. Suddenly, delivering an application from a central location as a utility became an achievable reality.

This concept is not new, and if history proves future lessons, than everyone better start running to “the cloud”. A great read by Nicholas Carr that addresses this evolution, “The Big Switch” talks of the beginning of industry and how factories used to have to generate their own power. They would build next to a river, setup a water wheel, and create power for their industrial machinery. As the technology to move power eveolved, power companies were able to build bigger power plants and connect them to factories to deliver power. Eventually, almost all power could be purchased and delivered to the customer across the wires with the power company managing all aspects of power deliver for much less than the business owner could. Today, very few companies generate their own power unless it makes financial sense. Is this example starting to sound familiar?

In short, we are seeing the same evolution in the information age that we saw in the industrial age. The cloud is what represents that idea and we need to understand how to embrace it.

that what we are calling "cloud computing" is just the next natural evolution of additional education is needed to understand what security risks are really being taken

Before we can define the cloud, we must first discuss the basics of computing and networking. First, we need to understand that every computer is made of three basic parts: the hardware, the operating system, and the applications. Second, we must understand that individual computers must connect to each other across the Internet network to achieve business value. Third, we must understand that having some open standards on how the computers and networks talk to each other will allow us to achieve business value. Lastly, entrepreneurs who develop of technology like to protect their technology investments by closing parts of what they develop so they are unique and defendable in the market place. The balance is making sure the standards are open enough for complimentary technology companies to insure their technology works with other technology so the business user can obtain value from multi-vendor environments.

Cloud computing is becoming the catalyst behind the evolving standard of collaborative and open technology. Simply defined, to deliver a cloud solution, you are simply delivering as a service one of, or a combination of, the computer and/or the network via the Internet where the hardware, operating system, application, or network reside outside of the ownership and responsibilities of the business. Notably, many will argue that the resources must be delivered across a web browser although I would disagree (to be discussed in future blogs). More importantly, the resources must work regardless of end-user operating hardware and operating system.

Now for what us technology folks lamely refer to as “the catch.” You see, the trick is that businesses must figure out how to migrate from the old legacy non-cloud licensed or acquired hardware solution all while activating their “in the cloud” solution. Plus, they must figure out how to make sure the new cloud solution will talk to their existing legacy environment that they have decided to keep in house. Fortunately, this is where companies like Sacramento Technology Group come in. Figuring all those things out also takes time and money. More importantly, you still have to train and administer users and going it alone can give any veteran technologist a major headache if they have not traveled the path previously. Fortunately, the most prominent cloud computing solutions appear to be the application itself delivered through a web browser as SaaS (Software as a Service). These transitions are actually are much less painless than you may fear.

Finally, let’s get down to the most visible concern with cloud computing. Security!

What drives my curiosity (no pun intended on the curious George reference please) about the typical CIO’s hesitation and paranoia around the “secure” use of cloud computing is that they have been technically using a cloud service, whether they know it or not, since they first connected their business to the Internet in the early 1990s. DNS, the service that make your domain names work with the IP addressing systems that drive the Internet, is in the cloud. The public DNS root servers are partially managed by ICANN and we depend on them, and other trustworthy organizations to make sure the DNS names we use to resolve our websites, email, and other applications are securely linked to our IP addressed given to us by our service providers. We have to trust them to make sure the DNS servers let our customers get to our websites, so I am hoping we can trust cloud computing vendors, who’s reputation are at stake, can do the same.

Also, take a look at the antivirus community of security specialists tracking hackers and viruses. These are people protecting us from viruses and security breaches weekly on patch Tuesday. We trust them because it would be virtually impossible to hire a team of our own virus and hacker hunters to sit in a cube at our businesses and catch viruses. These security vendors have a reputation to uphold and you should expect that if you are going to work with cloud computing company that they should just as good, or better, team of security engineers feverishly updating and fixing security problems in their cloud. Speaking frankly, a security device is only as good as the people configuring it and I have much more confidence in a team of 300-plus security engineers at Google Apps more than a single network or systems engineer who has taken on the security role of configuring security policies on my company firewall.

Finally, what about cost? Well, try building your own power plant and see how you fare. Or, take my advice and look into the benefits I have experienced directly with my organization’s own cloud computing solutions: There is no need to worry about struggling with hardware upgrades, sleep well knowing you don’t have to deal with major software upgrades, and forget having to install another piece of server security software or assigning expensive staff to deal with annoying little compatibility issues around server operating systems security patches or service packs. With the cloud, the upgrades, software patches, and security are all done by the service provider and the subscription and support can cost much less.

So, stop reading my blog and ask yourself why we all are aren’t flocking to the cloud.