There is a significant amount of nervousness surrounding the prospect of using cloud services. Part of this can be put down to unfamiliarity with using cloud-based capability, but some of it is goes much deeper than that. Companies may well be willing to try out the cloud with non-critical processing activity, but when it comes to mission critical applications there’s a natural nervousness. The question is: Do you really trust the service provider to ensure you get the level of service you need.

At its recent analyst conference,  CSC, the global systems integration company, was quick to emphasize this issue. It has invented the term “trusted cloud” to define the kind of environment that many organizations would want and will expect from a cloud service provider. It is now in the process of filling out the definition in detail.

There is an interesting process in play here, because CSC is well aware that the movement to the cloud will eventually diminish its revenues in some areas of activity. However it takes the view that the cloud also provides it with a very significant opportunity. The company is, after all, a Systems Integrator and it believes that the main problem with cloud adoption is going to be the integration of systems.

The Trusted Cloud

CSC defines “the trusted cloud” as consisting of cloud data centers that are able to provide services that are:

• Secure
• Transparent in respect of customer control and results of processing
• Include evidence-based confidence that systems within its environment operate as advertised.

This makes sense. There are many concerns that an organization might have in moving systems into, say, an Infrastructure as a Service (IaaS) environment, but the primary ones are simply whether the IaaS service is secure, whether it provides a full customer interface so that you can see how everything functions and whether it definitely meets the services levels it is supposed to be providing.

While companies clearly trust running their web sites to ISPs (who are cloud providers by another name) they are much less likely to trust their core  systems to the cloud unless they have a very high level of trust in the service provided. Nevertheless, it is a fact that highly secure cloud data centers exist.

CSC has several and in particular it has one in Culpeper, Virginia that is “military secure”, or to put it another way, as secure as it gets. In a way, a highly secure and well managed service is what outsourcing specialists and managed service providers offer. That’s there business. But they don’t normally offer a cloud customer interface that puts the customer directly in control. That’s what is being added by the move to cloud computing.

The Cloud Spectrum

It’s important to understand that there is a spectrum of services that will be offered from the cloud. At one end of the spectrum you will have the commodity services like email, office apps and cheap on-line back-up. At the other end of the spectrum we have outsourcing, which is moving to provide a versatile management interface to the customer so that it’s possible to outsource a portion of a data center without losing management control and retaining the ability to integrate effectively with what remains in-house.

CSC is right in emphasizing systems integration. It is clear that standards will emerge in time so that the customer will be able to select between cloud services without the necessity of making significant technical changes to either software or data. At the moment, there are no established standards so those organizations wishing to move systems into the cloud need to be concerned, not just about the points noted but also integration standards between what is in the cloud and what isn’t.

It seems as though the world of corporate IT will step into the cloud through the use of private clouds. They’ll prototype cloud environments and also to have a place to retreat to if any move into the cloud proves trickier than expected. But ultimately I doubt whether the problem of systems integration will be solved by standards. In a significant number of instances I suspect, the need to engineer system performance will override everything else. The concern will not be whether the service level delivered by system components in the cloud is adequate but whether the business service level of the end-to-end business process holds up.

The cloud customer needs to be able to integrate all systems and software running in the cloud with all other corporate systems and manage the whole as a single unit. This kind of orchestration of systems is a new challenge in many areas, and in the end, it goes by the name of systems integration.