Posts Tagged cloud
The revelations late last week and over the weekend have been raising some interesting questions about expectations of privacy and the extent to which Internet-based services are being monitored without individual’s knowledge. The Washington Post and the UK’s Guardian newspapers broke the story and continue to led with stories about ‘Prism’, an apparently top secret covert programme to allegedly capture and filter digital data. The allegations appear to implicate a number of leading Internet-based companies in terms of “directly” providing access to user data under Prism. Links to the programme and to any such access was denied by those companies but discussion has raged in terms of what is and is not happening and what the legal safeguards are for users of such services.
You’d be naive to think that monitoring doesn’t happen – the issues are about whether monitoring takes account of legal protections of individual rights and that such monitoring is proportionate to the perceived benefit from it. Routine everyday mass monitoring without a specific legal order seems to run counter to that and the degree of secrecy about it even happening means people are nervous about how the information might be used. I’m not sure also that assurances that no data for American subjects is being used helps those of us outside the USA using those services but not getting the same reassurances.
An interesting poll in the Washington Post suggests that amongst the American public there is support for monitoring of phone calls and possibly more if it helps the investigation of possible terrorist threats, even if it is at the cost of infringing some personal privacy.
However, as more than one observer has already mentioned, what does this potentially mean for the Cloud computing model? If people lose trust in those providers to protect their privacy will they be as willing to embrace that model? Will corporates be as comfortable with their data potentially being accessed in some way by the Government of another country?
On a passing note, it is perhaps ironic that the Guardian, as the paper that broke the story in the UK, is a oft-quoted corporate customer of one of the named programme participants.
This week marked the successful ticking off of stage 2 needed to agree our implementation plan for the new datacentre strategy. However, there’s a third stage still to go, given the value level of the entire project and associated works.
There had been a helpful discussion at the Capital Expenditure Board which led to some re-writes on the paper before it then went to the University Executive. At the Executive, there was a good discussion about the different options and also about what we might need to address around security, privacy and data management to take forward some of the options for the future. It was useful to have that set out clearly as we will need to return to it well before 2015.
So, the paper had another re-write (to recognise the different audience) and off it goes. Hopefully, assuming it is agreed, we are then in a position to start actively planning for implementation in detail, ahead of the key date of summer 2015.
The Hefce announcement on the HE cloud projects was unsurprising (I wouldn’t count myself as particularly well connected and I knew many of the names in the frame) but welcome all the same http://www.hefce.ac.uk/news/hefce/2011/hecloud.htm
With an excellent history to build on, when the sector works together it can achieve so much more than any of us acting alone might hope to. It’s going to be fascinating to see how the various strands progress.
Back after the half term break and putting the finishing touches to a presentation I’m giving tomorrow at a Blackboard EMEA Exec event in London on Mobile Strategy.
Amusing therefore that I needed to email the presentation and carry a copy on a usb memory stick ‘just in case’. Given it was created in GoogleDocs I could have shared and presented straight from the internet, or even from my mobile phone.
Should be interesting tomorrow, quite a range of speakers.
Back to work today and some typically varied discussions, starting first thing at Hallamshire Business Park.
First up a 1st meeting of the project board looking at our information security project. The meeting really concentrated on agreeing scope, deliverables, and reporting.
Then the IS&T Senior Mangement Team meeting, where unsurprisingly the recent consultation on structures dominated discussions. We’ve a lot to do this month and it was a chance to set out what we’ve to do this next couple of weeks at least.
Then on to lunch with Chris Sexton. We meet regularly and share updates on what we’re doing. Very interested to hear Chris talking about the response to their decision to move staff onto Google Apps, after they (like us) went Google for students about 18 months ago.
It is something I’ve thought about on the basis of the benefits of having all staff and students on one system, and some potential opportunities to reduce costs (pretty much entirely from savings in cyclic Capital expenditure). However, we currently have a strong and robust service, so there are not the same performance issues we need to address as there were with our student service at the time. Also, we need to take account of what we might lose in terms of some of the interoperability between our email service and other systems. Not something we need to rush to do, although we do need to have a sense of the future direction before we make more investment in our existing service, in case it proves to be not needed.
Chris and I also talked about how IT services are provided in the two universities, particularly relating to help desk support. It’s been interesting in the consultation on our service standards that people say it is unthinkable that we would have fewer physical helpdesks but that’s precisely what other places have and it works for them. It’s hard to see why it wouldn’t therefore work for us.
Back to City campus, and a meeting to discuss tracking the finances for the new IT structure so we can ensure we’ve a grip on costing. Some very helpful and supportive suggestions and some more work needed over the next couple of weeks.
Finally, a phone conversation with a colleague in another university in the south of England, interested in our experiences of Blackboard Mobile Learn and Central. Always interesting to hear another take on what services are provided and why and what the perceived barriers might be to adopting something new.
Two snippets today, from different sources but raising similar points - that some universities do not allow people to use the university wifi service except for previously-assessed and authorised devices (and smarthones and iPads wouldn’t be authorised), and that some universities have a policy that all mobile devices are blocked from using the university wifi service. I find that very surprising, if not incomprehensible.
To High Wycombe today for a meeting of the HP Education Advisory Board, hosted at Bucks New University. These are my notes, taken during the meeting, and include my opinion and thoughts not just the comments from presenters and attendee discussions.
Attendees included colleagues from Janet UK, Imperial, DMU, Bucks New, Middlesex, and invitees from a range of other institutions. The meetings are held several times a year and membership of the board is by invitation. Sadly, I’ve had to miss the last two due to other commitments.
The meetings are a mix of presentation and round-table discussion. The theme of today’s meeting was Convergence of Infrastructure, and of Desktop.
“Why is infrastructure converging” – Andrew Watson, HP. As well as a significant role within HP, Andrew runs the Office of the CTO service for two HP clients. As a result, Andrew gets a ‘customer’ view of HP as well as an internal one. Previous worked at a similar level for Microsoft.
Presentation is an Industries perspective not an HP one.
CIO’s are being asked/expected to ‘deliver today – reposition tomorrow’. Working with yesteryear’s rigid infrastructure, application and information complexity, and inadequate business processes. The role of the CIO is to manage this.
Another view – aren’t things getting simpler – isn’t it just about price and no real challenges for IT to solve any more?
Data growth – in sensors the data that they collect/report is outgrowing current examples of exponential data growth (e.g. YouTube).150M sensors in Haldron, read many times per second, generating around 1Mb of data per sensor capture. If Moore’s Law will eventually reach a natural limit, is that simply about the limitations of current physics and therefore new technological developments may continue that growth curve and may even speed it up?
Demand to do more, do it faster. ‘Agile’ development as close to business and fast/responsive. Able to show fast results, test specifications. Agile becoming embedded.
Expectations on enterprise IT to provide the same flexibility, speed, as consumer IT – turned it on its head, from work-led to individual-led.
How do we support innovation when times are tight…? Innovation lifespan getting shorter? The benefits peak quickly, a challenge for business cases.
Managing the “IT sprawl” – virtualisation helped to get more from the hardware but hard to unlock capacity in an agile manner (quickly enough, responsive/anticipate). Example of EasyJet having variable policy on use of data centres – not everything automatically mirrored to 2nd centre.
Challenge around people, processes – different way to deliver. Do the existing business parameters act as barriers to agile and alternative ways to deliver in a fleet manner?
Likely we won’t be buying everything from one vendor – buy from ‘best’ and manage a mixed portfolio (multiple clouds, links to Vint Cerf’s plea for cloud standards at Google Atmosphere, see previous post).
Suppliers looking to add to their portfolios so they can provide end-to-end convergence. If suppliers move to services, what’s the impact on their ‘on-premises’ income?
Convergence a natural progression? Sharing pools: on-demand capacity, on-the-fly resource switching. (Google’s work on this in their data centres?).
Are ‘appliances’ converged-infrastructure-in-a-box? How flexible and reusable are they? Not particularly – many/most for single purposes. Offers simplification as all the integration done for you, so quicker. Servers & infrastructure – appliance or mix of traditional and appliance – cloud/service provision?
Choices – but – need to be clear about where you want to go and where you’re starting from.
Not magic, a lot of planning and preparation in place – but do you have to do that, or use a service to simply provision what you need as and when you need it. Push the preparation onto someone who can achieve economies of scale as a result. Pooled, standardised, minimise bespoke requirements. (Standardised in terms of being an item someone can ‘buy’ the service catalogue.)
What are the responsibilities on manufacturers in terms of standards, interoperability and lifespan? Is the challenge not technical but contractual – knowing that the suppliers have thought through the service as well as the technology. The processes need to be defined and mature. “Cloud Stewardship Economics” is a challenge. Customer ends up integrating service provision from a portfolio of vendors.
“Deploying the Adaptive Client” – Craig Partridge
Taking the discussion from the data centre to the desktop.
Client virtualisation. A paradigm shift from ‘rich’ clients. Will everything move to virtual (no, probably not everything)? Benefits of deployment, standardisation, reduced costs, speed/agility. (Are the savings really there if there is a strong mixed economy of different technologies? Is it not an “on top” service i.e. additional not a replacement?)
Is virtualisation back to the data centre act simply as an interim before moving to apps delivered by the ‘cloud’? (Other than the requirement for a stable Internet connection, what’s the downside?).
Licensing is a major stumbling block to make virtualisation of the desktop truly attractive (can see real analogies with the film/music business and their attempt to deal with digital and subscription service models).
How prepared are we to drop the apps that don’t virtualise, or to have a mixed economy’ and to have the cost of not having one standard.
This second presentation led to such a discussion that the presenter managed only to get to slide 3. There were some quite polarized opinions. Some very interesting points made by Craig about performance issues if service components are delivered from physically different locations. This is really interesting in considering whether something like Google Chrome OS could be the ‘next big thing’ as there the (thin) OS is still local and the data and apps are in the cloud – exactly what Craig described as sub-optimal.
Will Microsoft and others make the move to subscription services, and if so when, given that their income is based on a different model they would (?) have to junk in the process?
A very interesting discussion that neatly sums up how hard it is to forecast the future for IT.
Another ‘stream of consciousness’ live blog of events.
(Given we’ve not even started yet and I have to leave at 1200 for the airport, I may not get to cover the full remainder of the event.)
So, scheduled – opening remarks and then a couple of workshops. Am particularly looking forward to the session on security and privacy.
Chrome OS with Jeff Keltner – overview and demo
Extreme videos Chrome Browser versus various speedy things. Probably on YouTube if you want to find it.
Converging trends – cloud/Internet services, ubiquitous connectivity, mobile/richer/portable devices. Benefits of an OS as a web browser – about connecting devices to web/cloud services. Reduced TCO for hardware reduced (if that’s going to be all you use it for – usual ‘thin client’ issues apply?).
Always on the latest version, as updates as you boot. Unable to install anything on the platform (so yes, the usual thin client issues do apply). This means that there is improved security as a modified version won’t boot, and will be updated/replaced on boot if needed. Auto updates in background. If web is primary platform, this may be an ideal platform.
Demo – built on Friday (!)
(Can download and compile at home) Boot time was around 10s, visible 6s. If remove post time can be even quicker. Cached data is encrypted to highest legal level.
(It wouldn’t be a live demo if there wasn’t a part that didn’t work as expected!). Allows user personalisation/profiles on any hardware.
Six workshops – in 2 hours. I’m interested in security and privacy, and collaboration using GoogleApps.
Workshop One – Trust: Cloud Security and Privacy
Can’t blog some of this apparently, so will not blog any just so I don’t accidentally reveal something I shouldn’t! Interesting discussion with the usual “myths” in evidence.
Workshop Two – Collaboration using Google Apps
Nothing much I’ve not seen before as a consumer user but the first time I’ve really seen the point of GoogleSites. Some lovely integration. Also some things we aren’t supposed to repeat, so I won’t.
Many clouds make light work – Amazon, SuccessFactors, panel discussion led by Tom Standage.
Werner Vogel from Amazon, talking about clouds of cloud. Mixing and matching providers for best flexibility.
Security – what security is actually required, based on business need, more possible in cloud than enterprise IT?
What’s stopping cloud – it is happening, big names are already using it.
What happens if the cloud provider goes bust? You own the data, always, can migrate off/out quickly (if agreement allows – not all providers guarantee this in consumer space?).
What’s to stop cloud simply becoming the new legacy? Service model not infrastructure model – pay as you go now.
Are private clouds really clouds at all? No, biggest competitor to cloud is continuing paradigm of servers on site, with usual cost, inflexibility, lack of agility. Disagreement – may be some business case for some of the collaboration benefits whilst retaining control on some applications.
Only move those apps into cloud at the time it makes sense to.
Today, Mike Manisty from Gartner was presenting a workshop on Cloud Computing. Gartner provide several workshops for my management team and when there’s a topic of broader interest, such as this one, I invite the senior IT leads from the four Faculties and FD.
I’d asked Gartner to do a a non-technical session on cloud because it’s clearly something of a ‘fashion’ right now but also because there’s a lot of nonsense talked about it. We’ve already effectively dipped a toe in cloud services by moving to GoogleApps for student email but there’s more we could do. However, it’s important to understand what ‘Cloud’ does and doesn’t offer us, and what we need to bear in mind when thinking about ‘Cloud’ as an alternative means to provision services.
So, the workshop focused on what do we mean by “Cloud Computing” – what it is and is not. What some of the benefits may be, including some example case studies, and what we need to bear in mind when thinking about Cloud Computing and, importantly, our potential role in that as brokers, customers/consumers, or as providers.
The part that’s sometimes hard to get your head around is that ‘Cloud’ isn’t the same as outsourcing, though clearly in both the actual service is provided by a 3rd party. Also, ‘Cloud’ doesn’t mean just anything provided ‘out there’. Here’s a Gartner webinar (PDF) that contains much of the information from today’s workshop. There’s some really thought-provoking points in there, not least whether “everything will be in the cloud”, which I doubt personally, and if not, what things would it be sensible to put in the cloud.
I’m typically very positive about what ‘Cloud’ might do for Sheffield Hallam – although, I’m unusually pro-cloud it seems from sessions I’ve attended elsewhere, such as at Educause. My vision would be to have as much of the “commodity” IT we currently provide moved into the cloud as possible, allowing us to focus our resources, time, efforts, into those activities that actually make us distinctive, improve what we provide for students and staff, and help the University have an edge over its competition. So, whilst I’m keen to explore wherever and whatever we can put in the cloud, I also know there are some things that, whilst it may be possible to put in the cloud, we simply wouldn’t wish to do so as that specific service or function may be too important to us. Which brings me to what is I believe the 1st important question we need to discuss in relation to cloud computing – what would we not source from a cloud provider?
People who are perhaps less positive or who have concerns about cloud computing point to the emergent nature of cloud provision and the general ‘lawlessness’ of some of it. And they are quite right to raise those concerns. However, there does need to be some understanding that in a sense, it is the inherent nature of ‘cloud’ (hence the fluffy, shapeless name) that some of this is grey. Some of the greyness matters very much – issues of data security in particular, which if not resolved properly will create breaches of trust for cloud providers that will largely kill their service. Some perhaps less so – particularly around control. By sourcing a service from a cloud provider, we cease to need to know how the service is provided simply that it is provided. This model is often compared to the way we source power – we consume power but don’t wish to know all about how the power is generated and transported to us to use. However, if we are seriously going to look at cloud computing, then we need to address the second important question in relation to any service we consider provision from a cloud provider – what assurances do we need about this service, that may prevent us from utilising a cloud computing service? That may include issues about where and how data is stored, who owns the data (this isn’t always as obvious as it sounds), and what levels of service quality can I expect/be guaranteed.
Cloud computing potentially offers us real benefits around speed of provisioning, cost (on a pay as you use basis), and releasing resource to do other things. However, it needs care in terms of decisions on what to provision, and in maintaining the relationship with the cloud provider. Over the coming years I’d expect us to to be using more and more cloud provision, and we’ll undoubtedly make mistakes along the way as we learn. The key will be to make sure that those mistakes are ones we can bear and that we’re clear in advance about any risks we take.
The first steps though are in opening up that discussion on the two questions above:
- Which services are too important to put in the cloud?
- Where we do consider cloud provisioning as an option, what specific things matter about those services that will need to be considered?
What’s your view on cloud computing – are you optimistic about its potential Â or concerned that it’s all too wooly to be seriously considering it right now?
Some key discussions today around how we best support applicants looking to come to the University, how we manage data and records, and planning for a stand-still revenue budget.
Met with Helen Williamson to discuss the records retention policy and how that will link to any implementation of the Information Management Strategy, assuming it is agreed in its final form. Very useful discussion on how various parts of any implementation of the strategyÂ need to work in a non-linear fashion – that is, that they need to develop alongside and aligned to one another.
Then on to the Applicant Portal Project Board – the 1st time I’ve attended. It was a really interesting meeting, even though I’m coming in well into the life of theÂ project. It was refreshing to be in a meeting talking about something so positive and that appears to be making such a difference to how we support people making that transition between being applicants to having a firm place and then becoming a student.
Another refreshing meeting in the afternoon – the IS&T Management Team discussing options for managing expenditure next year against a stand-still revenue budget. Refreshing because despite the difficult topic, the team all arrived with options to either contain or reduce costs to ensure that we can live within the constrained budget. We’ve still to finalise the various thinking but it was very positive and I feel more confident that we’ll be in an OK position now.
Final meeting of the day will be dinner with two Gartner people who are coming to Sheffield to facilitate a workshop tomorrow. I’m looking forward to the workshop as a challenging topic – the risks and benefits of ‘Cloud’ provisioned IT.