Successful cloud service provider: Requirements (Part 2 of 2)

Share this post:

In Part 1 of this blog entry, we covered the first five requirements (self-service portal, service catalog, automated provisioning, complex topology creation and deployment, and Platform-Virtualization management). So, let’s continue with short description of the next five requirements, which are as important for cloud providers as the first five.

6. Usage metering and accounting

The usage metering and accounting part of the management stack understands cost and can track, allocate, and invoice the users based on usage and cost of used shared resources by users. Detailed information and reports of shared resources usage are defined by service providers, and service providers decide how finely to grade data collection. Based on the collected information and delivered reports, service providers are able to bill users.

7. Multi-tenancy: Assuring “service” and tenant isolation

The goal of isolation is to control and enforce separation between the applications, services, and management of various tenants in the virtual space even though tenants might share the same physical management infrastructure, network infrastructure, storage infrastructure, and run-time infrastructure, or span physical devices.

The provider of the cloud environment should be multi-tenant-enabled, providing secure logical separation between clients, and allowing them to have access only to their compute resources. Isolation should address access control, virtual LANs (VLANs), virtual machines, and storage.

8. Security and privacy

Security and privacy are one of the key prohibitory factors for organizations moving their business to the public cloud. Currently, organizations are responsible to define, maintain, and enforce security procedures within the organization. Moving workloads to a public cloud environment can raise security questions within the organization because security becomes a shared responsibility between an organization and the cloud service provider. To some extent, security remains in the organization domain, but mostly becomes the responsibility of the cloud service provider. To move their business to public cloud, organizations should be ensured of security procedures and how those procedures are enforced in the cloud service provider environment.

Recommended security measures that represent best practice implementations for cloud security are as follows:

  • Implement and maintain a security program.
  • Build and maintain a secure cloud infrastructure.
  • Ensure confidential data protection.
  • Implement strong access and identity management.
  • Establish application and environment provisioning.
  • Implement governance and audit management program.
  • Implement a vulnerability and intrusion management program.
  • Maintain environment testing and validation.

9. Connect, manage, and secure hybrid clouds

Why is this element important for cloud service providers? What about connecting customer’s private cloud environment with cloud provider environment, or between cloud service provider’s environments? When customers consider moving their workloads to a cloud service provider environment, they also consider how to securely connect workloads between cloud service provider (or multiple providers), and the remaining workloads within the customer environments. Cloud service providers have to able to connect and manage various cloud environments in a secure way. I suggest reading the “Service management for hybrid clouds” blog entry, posted by colleague Sebastian Rzepka.

10. Open standards

Standards address inhibitors to cloud adoption by including security, vendor lock-in, and portability. Cloud service providers should ensure that standards used for cloud are open so that customer fears are decreased.

These requirements for success are focused specifically on the provider’s operational capabilities, and cloud environment. Of course, these requirements are not all that is required to become successful – we can consider for example,  market condition, market segmentation, and approach.

More stories

Why we added new map tools to Netcool

I had the opportunity to visit a number of telecommunications clients using IBM Netcool over the last year. We frequently discussed the benefits of have a geographically mapped view of topology. Not just because it was nice “eye candy” in the Network Operations Center (NOC), but because it gives an important geographically-based view of network […]

Continue reading

How to streamline continuous delivery through better auditing

IT managers, does this sound familiar? Just when everything is running smoothly, you encounter the release management process in place for upgrading business applications in the production environment. You get an error notification in one of the workflows running the release management process. It can be especially frustrating when the error is coming from the […]

Continue reading

Want to see the latest from WebSphere Liberty? Join our webcast

We just released the latest release of WebSphere Liberty, It includes many new enhancements to its security, database management and overall performance. Interested in what’s new? Join our webcast on January 11, 2017. Why? Read on. I used to take time to reflect on the year behind me as the calendar year closed out, […]

Continue reading