In my conversations with the #CIOChat over the last couple of years, it is clear that in the next three years, on-premises will become more the exception as SaaS and public cloud obtain a majority of computing workloads. Given this, I wanted to get these CIO’s take on what is needed for public cloud vendors to become “enterprise grade.” As you can imagine, the CIOs thinking here should probably impact public cloud vendor’s strategic plans.
What CIOs want from public cloud vendors in terms of performance and scalability?
CIOs want many things. What they want depends on the workloads that are considering putting in the public cloud. They want, in general, a well-articulated disaster recovery and business continuity plan. CIOs complained that some cloud providers answer, “Everything is fine. We’re in the cloud”. CIOs want instead single pane management for business continuity, disaster recovery, and security. As well, they want the performance and scalability provided to be predictable and manageable. They insist that when you enter the enterprise realm evaluating technology based on technical performance characteristics alone is not sufficient. They want to know whether storage includes capacity management. They want one-stop shopping for data tiering, archiving, and de-duplication. And they want you to have a willingness to put all of this in the contract.
How do you want to pay for a public cloud that is enterprise grade?
CIOs insist that an enterprise grade public cloud needs to be contractually predictable. Pricing increments shouldn’t be so small that they have to be constantly checking for growing costs. CIOs, at the same time, would like the flexibility to pay annually for some fixed amount of resource and to pay as they go for short term spin ups or quick trials. CIO are willing as well to pay extra for specific performance, CPU types, compliance, and design resiliency. Sharon Pitt, the CIO of the University of Delaware, suggests the devilish details should be worked out in the contract”. At the same time CIOs say the ability to grow user base and storage to meet performance requirements be protected by a contract, with predictable costs.
To move sensitive data, what type of certifications and standards do they expect from an enterprise grade public cloud?
We spent a lot of time discussing certifications and standards. CIOs feel that it is essential that public cloud providers be transparent about what they have and what they don’t have. They believe it is essential that public cloud providers do a better job of communicating.
And while certifications often depend on the organization and the regulations and standards it operates against, some CIOs suggest that having all of the certifications for their business will give them the confidence to move their sensitive data to the public cloud. A former AWS executive asserted here, if you are talking about certifications then you will find they have a worldwide team that is onboarding all the mainstream requirements. He said if AWS doesn’t have a certification, then it is on their radar.
CIOs agreed that big public cloud players have many certifications but they said there is a problem. They say vendors spend too little time educating regulators. Doing this would make customers approval processes easier. For these CIOs, they want some deep 3rd party audits, data residency requirements, and global and local compliance. CIOs interestingly said they would give a lot for these in a competitive situation. CIOs said, however, if a cloud vendor cannot even spell a compliance standard it is a really bad sign. They suggest that certifications are even more important for them than SLAs.
CIOs ask for data protection
CIOs complain there are some cloud providers out there that skip over some very basic security measures. For this reasons, CIOs say they look at cloud vendors carefully. They say data security can be a can of worms, but they insist they cannot afford front page news. For this reason, they need to know how their data is secured. They, also, want a shared commitment model with their vendors.
CIOs are candid that security concerns are still clouding perception. They stress it would be great if public cloud vendors could come into us with security approvals from local regulators, if you are in a regulated industry such as insurance.
CIOs say that some industries have even perfected cloud vendor assessment tools. An example given was the Higher Education Cloud Vendor Assessment Tool. These tools provide an essential set of questions for cloud vendors, as well as creates standardization as organizations adopt public cloud. CIOs say they are not just concerned about applications. They want to know what how cloud services vendors operate what one called the data pipeline. They want to know cloud vendors are protecting their data. They want to know the same standards apply to data on premises as in the public cloud and say these requirements should be in the contract. CIOs feel that it is important that new entrants actively mature their operations.
What type of support do CIOs want an enterprise grade public cloud vendor to provide?
CIOs believe that support should be structured so a line does not exist between on premises and public cloud. Services should be seamless crossing this border. And there should be no finger-pointing. Enterprise grade should imply effectively an outsourced complex solution. Defined communication and support structures should keep service looking like it’s internal. CIOs believe that ‘enterprise grade’ has to mean something related to quality. Training support would be nice as customers really need operations-centric training regarding a vendor’s cloud platform. CIOs want vendor support teams to back them up for the full-stack.
What SLA and KPIs do you expect an enterprise grade public cloud vendor to provide and how often?
CIOs want the same ones as they use internally at the same time intervals. This means cloud providers need to gather metrics into a ‘grab bag’ so each client can pick which ones they need. CIOs say, however, they want fairly straightforward things:
- Guaranteed availability
- Ease of management
- Uptime/performance commitment
- Contractually predictable
CIOs want a number of things from vendors they are willing to consider “enterprise grade.” Achieving this may require change from vendors. But it is my sense that it can dramatically accelerate the pace of moving compute loads to public cloud. Clearly, data centers will be in use for a long time, but the pace of movement is truly in the hands of cloud vendors.