Future Build Up to the Cloud

With every passing day, moving to the public cloud seems increasingly inescapable for CIOs. It can be scary, what with everyone’s eyes fixed on you—your management, your business peers and, even users. As the custodian of IT strategy, a public cloud initiative gives you the opportunity to either earn your spurs—or open the door to flak.

Indian CIOs started their cloud journey years ago. Cloud discussions are no longer around ‘should I move to the public cloud or not’; but instead hover around more cloud-mature questions like what type of cloud, and which application should move first.

According to CIO research, today, private clouds continue to remain a priority. But in the last six month a number of factors—including increasing datacenter complexity, fewer IT hands, and shrinking business deadlines—has encouraged Indian IT leaders to move to more public and hybrid cloud models.

Plenty of factors indicate that enterprises are increasingly embracing a hybrid cloud model to fill in the gaps related to skill sets and timeliness. The most telling one is perhaps how the gap between opex IT budgets and capex ones is widening. According to CIO research, the opex-capex divide should be 57 percent to 43 percent this year. That’s compared to 51 percent and 49 percent about two years ago. More interestingly, a number of industries that were once outsourcing-friendly do not really seem to be increasing their outsourcing budgets. This could indicate that opex budgets are going towards the cloud.

According to State of the CIO 2014, 33 percent of Indian CIOs say they will take on some sort of a hybrid cloud project in this fiscal—compared to only 13 percent last year. While many organizations have taken a step toward the public cloud, a pure public cloud scenario is still a rarity among Indian enterprises. Why? Because while public clouds do introduce cost variability and agility, vendor lock-in, security, and audit issues remain unaddressed.

Why Move at All?

Cloud computing has certainly become an inevitable growth path, both for IT as well as the business. The reason to move to cloud are different for different enterprises, but a majority no longer need to be convinced of the move anymore.

At pharma firm Cipla, for instance, the business relies on a hybrid cloud to support its large base of remote workers. “The increase in the number of users outside connected offices or on the field demands high availability and Internet bandwidth to cater to peak load. With the cloud, this is not an issue. Besides, the public cloud provides scalability that can be delivered faster compared to an on-premise system. These are my prime reasons for moving to the cloud,” says Arun Gupta, CIO at Cipla. He adds that cost was certainly not a parameter.

For Vikram Dhanda, SVP, Aegis and head IT shared services for the Essar Group, agility was the goal. “Cloud gives us the ability to quickly lay our hands on compute resources and the ability to harness more compute resources as demands spike,” he says.

For Syntel, an IT services provider with over 24,000 employees, the top two drivers for adopting a hybrid cloud model was increased business agility and scalability. The company manages a ‘two cloud model’—one built on a proprietary platform, and the other on OpenStack.

The ‘two cloud’ strategy was put in place because company took a conscious decision to move away from being locked in with a single vendor. “We wanted to focus on a heterogeneous strategy. With the continuously changing trend in technology and the cloud, we wanted to experiment on different platforms and build capabilities across heterogeneous technologies,” says Muralidharan Ramachandran, CIO of Syntel.

A pragmatic approach, says Ramachandran, helped minimize risks. Though ‘two clouds’ might sound like significant capex investment, Ramachandran didn’t really have to spend incremental capex on building the cloud platform. And, the cloud brought additional benefits. Ramachandran was able to leverage the company’s internal skills sets more efficiently. Both the clouds are tested, he says, and proven to have the ability to burst into a public cloud.

The success of a hybrid cloud initiative depends largely on what CIOs decide to put on a public cloud platform. At this stage, many organizations are testing the waters by moving non-critical applications to a public or hybrid cloud. What they move first varies from industry to industry. Governance, regulatory policies, IT laws and privacy laws have a large say on what kind of data can be moved outside the boundaries of an organization.

As the cloud expert David Linthicum rightly said, “Moving to public cloud platforms can actually make poorly-designed apps run worse than before.” Ravish Jhala, corporate head IT, Leela Palaces Hotels and Resorts, started by moving small processes and applications on to a public cloud. He later moved six of the hotel’s services onto a hybrid model. The savings in terms of cost and manpower that he has seen is substantial, he says.

Chargeback: Good or bad?  

Whether it’s private, public or hybrid, cloud computing re-opens the discussion on chargebacks. Some Indian companies have made effective use of this model and have IT departments that have been converted into profit centers with the help of chargebacks. Whether the strategy generates profits or not, cloud computing and chargebacks certainly allow IT departments to track and measure IT usage.

Some CIOs have adopted a chargeback model based on actual usage by LoBs, while others follow a method wherein chargebacks are based on the estimated usage of IT.

A CIO from the finance sector, who requests anonymity, says chargebacks are an effective mechanism to monitor and reallocate services based on use. Though his IT department is not a profit center, it sends out invoices to LoBs on a quarterly basis. The beauty of this is that once an IT budget is allocated and fixed, he is able to track who is using what within the organization. Besides, allocation and usage is tracked on a monthly basis. This allows him to call back a service if it’s not being used effectively by a particular department and reallocate it to another business or department that might need it more. Shashi Kumar Ravulapaty, SVP and CTO of Reliance Commercial Finance, follows what’s called a ‘showback’ method. “Chargebacks are a good benchmark to track usage patterns. If a service comes free, people generally tend to take it for granted. We follow a notional pricing method, so I am able to track usage.

One can find out the impact of IT on the business, how it improves P&L, and helps rendering services,” he says.

Dhanda from Essar Aegis, on the other hand, raises invoices on which he pays service tax. He has different contracts signed with each LoB for services delivered.

From a highly ignored concept in 2012 (49 percent of respondents to CIO magazine’s Cloud Computing Survey in 2012 said they don’t have a process for chargebacks), chargebacks has come a long way. It is not a profit-making mechanism yet, but it helps improve an IT department’s efficiency.

At the same time, there are CIOs who believe that chargebacks often create a sense of tension between the business and IT. Sudhir Kanvinde, CIO of IL&FS Transportation Networks, says, “Chargebacks will create unnecessary conflict between business and IT. CIOs should focus more on technology and what business needs, rather than focusing on chargebacks.”

Audit Gaps

How do you audit your cloud provider? That’s a million dollar question. In markets like India, the concept is yet to find the attention it deserves. “We have seen that such procedures are a lot more stringent in matured markets like the US. Regulations similar to HIPAA or PCI need to be mandated on cloud providers in India to build industry confidence. Unfortunately, the overall awareness is quite low in India about compliance requirements for cloud service providers. For instance, many auditors here are clueless about requirements for auditing cloud hosted applications and infrastructure,” says the CIO of an ITeS company. “Guidelines similar to HIPAA or PCI need to evolve in India, with compliance to the local law.  

SLA management of public cloud services is more or less like going with the herd, believes V. Krishnan, SVP-IT, L&T Financial Services.

As a result, he feels less confident about moving critical data on to the public cloud. “The provider should have a critical mass of people so that he can ensure that nothing fails. I think it’s extremely risky to put mission-critical processes on a public cloud platform. Accountability is a big question mark. Functionality shifts across locations based on the load, if it’s a large global cloud provider. That applies to auditability too. The audit model for a cloud provider, who holds your data and security, is a multi-dimensional factor. We are not always in control of what technology is used by the provider. I think it is much safer to be in control of your data,” he says.

The Way Out

What if you want to break up with your cloud provider? That’s an important strategy question. And a tough one. Neeraj Vetkar, head IT infrastructure, Tata AIG General Insurance says, “Once you move to the cloud, users get used to certain SLAs. If you decide to move away from the cloud for some reason, the first thing users will have to accept are delays in getting things done. It would also call for very heavy investments in infrastructure, which in turn plays havoc with the overall capex/opex calculations of the organization,” he says.

A move to a more hybrid model cloud, it seems, requires thinking about an exit.  

Radhika Nallayam is assistant editor. Send feedback on this feature to radhika_n@idgindia.com