Enterprise-class clouds, part 1: Security and performance

The following is the first in a series of upcoming posts on establishing and working with enterprise-class clouds

The intent of the blogs is to provide the thought leadership for readers seeking to create a sound strategy for exploiting cloud computing for the enterprise.

Foundational principles of enterprise-class clouds

• To create a real-time enterprise, firms must assemble an IT operation that executes as the business behaves: on demand, ad-hoc and predictable calendar events
• The IT delivery model must accommodate an as-needed/when-needed set of capabilities that deliver information, processing, and collaboration in an on-demand manner
• Operational risk cannot be sacrificed in pursuit of this on-demand IT delivery
• IT is a supply chain of applications, information, content, infrastructure, and facilities
• Sourcing of the IT supply chain can be multidimensional: acquisition, management, and component-level sourcing. For example,
  
  1. Management level: Built internal, bought external/hosted internal, bought external/hosted external
  2. Component level: Infrastructure can be supplemented externally, the development platform can be provided externally, the application and infrastructure can be provided externally
  3. Acquisition: Can be capitalized, opex funded, variable usage expensed, or fixed contract expensed

[ Get the no-nonsense explanations and advice you need to take real advantage of cloud computing in InfoWorld editors' 21-page Cloud Computing Deep Dive PDF special report. | Stay up on the cloud with InfoWorld's Cloud Computing Report newsletter. ]

Part 1: Security and performance
Lessons from Wall Street IT should be incorporated into your enterprise cloud strategy plans. Security and performance in a cloudlike delivery model have been hardened into best practices on Wall Street for some time. The insatiable demand for instantaneous data, rapid decision support, and microsecond latency all happening in the intermediary cloud trading exchanges provides a reference framework that can be repeated in any firm across any industry -- today!

Based on this, we can take from Wall Street three fundamental building blocks for enterprise class security in the cloud as:

• Access/trust acceptance/policy enforcement
• Data transfer security
• Data protection across multitenancy environments

In these terms, two companies (Cisco and Unisys) are providing these capabilities out of the box today.