Tuesday, June 15, 2010

McKesson Shows Bringing Testing Tools on the Road Improves Speed to Market and Customer Satisfaction

Transcript of a BriefingsDirect podcast from the HP Software Universe 2010 Conference in Washington, DC on field-testing software installations using HP Performance Center products.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: HP.

Dana Gardner: Hello, and welcome to a special BriefingsDirect podcast series, coming to you from the HP Software Universe 2010 Conference in Washington, D.C. We're here the week of June 14, 2010, to explore some major enterprise software and solutions trends and innovations making news across HP’s ecosystem of customers, partners, and developers.

I'm Dana Gardner, Principal Analyst at Interarbor Solutions, and I'll be your host throughout this series of HP sponsored Software Universe Live discussions.

Our customer case-study today focuses on McKesson Corp., a provider of certified healthcare information technology, including electronic health records, medical billing, and claims management software. McKesson is a user of HP’s project-based performance testing products used to make sure that applications perform in the field as intended throughout their lifecycle.

To learn more about McKesson’s innovative use of quality assurance software, please join me in welcoming Todd Eaton, Director of Application Lifecycle Management Tools in the CTO’s office at McKesson. Welcome to the show, Todd.

Todd Eaton: Thank you.

Gardner: Todd, tell me a little bit about what's going on in the market that is making the performance-based testing, particularly onsite, such an important issue for you.

Eaton: Well, looking at McKesson’s businesses, one of the things that we do is provide software for sale for various healthcare providers. With the current federal government regulations that are coming out and some of these newer initiatives that are planned by the federal government, these providers are looking for tools to help them do better healthcare throughout their enterprises.

With that in mind, they're looking to add functionality, they're looking to add systems, and they look to McKesson, as the leader in healthcare, to provide those solutions for them. With that in mind, our group works with the various R&D organizations within McKesson, to help them develop software for the needs of those customers.

Gardner: And what is it about performance-based testing that is so important now. We've certainly had lots of opportunity to trial things in labs and create testbeds. What is it about the real-world delivery that's important?

Eaton: It's one thing that we can test within McKesson. It's another thing when you test out at the customer site, and that's a main driver of this new innovation that we’re partnering up with HP.

When we build an application and sell that to our customers, they can take that application, bring it into their own ecosystem, into their own data center and install it onto their own hardware.

Controlled testing

The testing that we do in our labs is a little more controlled. We have access to HP and other vendors with their state-of-the-art equipment. We come up with our own set of standards, but when they go out to the site and get put in to those hospitals, we want to ensure that our applications act at the same speed and same performance at their site that we experience in our controlled environment. So, being able to test on their equipment is very important for us.

Gardner: And it's I suppose difficult for you to anticipate exactly what you're going to encounter, until you're actually in that data center?

Eaton: Exactly. Just knowing how many different healthcare providers there are out there, you could imagine all the different hardware platforms, different infrastructures, and the needs or infrastructure items that they may have in their data centers.

Gardner: This isn’t just a function of getting set up, but there's a whole life-cycle of updates, patches, improvements, and increased functionality across the application set. Is this something that you can do over a period of time?

Eaton: Yes, and another very important thing is using their data. The hospitals themselves will have copies of their production data sets that they keep control of. There are strict regulations. That kind of data cannot leave their premises. Being able to test using the large amount of data or the large volume of data that they will have onsite is very crucial to testing our applications.

Gardner: Todd, tell me the story behind gaining this capability of that performance-based testing onsite -- how did you approach it, how long has it been in the making, and maybe a little bit about what you’re encountering?

Eaton: When we started out, we had some discussion with some of the R&D groups internally about our performance testing. My group actually provides a performance-testing service. We go out to the various groups, and we’re doing the testing.

We always look to find out what we can do better. We’re always doing lesson learns and things like that and talking with these various groups. We found that, even though we did a very good job of doing performance testings internally, we were still finding defects and performance issues out at the site, when we brought that software out and installed it in the customer’s data center.

After further investigation, it became apparent to us that we weren’t able to replicate all those different environments in our data center. It’s just too big of a task.

The next logical thing to do was to take the testing capabilities that we had and bring it all out on the road. We have these different services teams that go out to install software. We could go along with them and bring the powerful tools that we use with HP into those data centers and do the exact same testing that we did, and make sure that our applications were running as expected on their environments.

Gardner: Getting it right the first time is always one of the most important things for any business activity. Any kind of failure along the way is always going to cost more and perhaps even jeopardize the relationship with the customer.

Speed to market

Eaton: Yeah, it jeopardizes the relationship with the customer, but one of the things that we also drive is speed to market. We want to make sure that our solutions get out there as fast as possible, so that we can help those providers and those healthcare entities in giving the best patient care that they can.

Gardner: What was the biggest hurdle in being able to, as you say, bring the testing capability out to the field. What were some of the hang-ups in order to accomplish that?

Eaton: Well, the tool that we use primarily within McKesson is Performance Center, and Performance Center is an enterprise-based application. It’s usually kept where we have multiple controllers, and we have multiple groups using those, but it resides within our network.

So, the biggest hurdle was how to take that powerful tool and bring it out to these sites? So, we went back to our HP rep, and said, "Here’s our challenge. This is what we’ve got. We don’t really see anything where you have an offering in that space. What can you do for us?"

Gardner: How far and wide have you been able to accomplish this? Are you doing it in terms of numbers of facilities, in what kind of organizations?

Eaton: Right now we have it across the board in multiple applications. McKesson develops numerous applications in the healthcare space, and we’ve used those across the board. Currently, we have two engagements going on simultaneously with two different hospitals, testing two different groups of applications, and even the application themselves.

I’ve got one site that’s using it for 26 different applications and other that’s using it for five. We’ve got two teams going out there, one from my group and one from one of the internal R&D groups that are assisting the customer and testing the applications on their equipment.

Gardner: From these experiences so far, are there metrics of success, paybacks, not only for you and McKesson, but also for the providers that you service?

Eaton: The first couple of times we did this, we found that we were able to reduce the performance defects dramatically. We’re talking something like 40-50 percent right off the bat. Some of the timing that we had experienced internally seemed to be fine, well within SLAs. But as soon as I got out to a site and onto different hardware configurations, it took some application tuning to get it down. We were finding 90 percent increases with our help of continual testing and performance tweaks.

Items like that are just so powerful, when you are bringing that out to the various customer, and can say, "If you engage us, and we can do this testing for you, we can make sure that those applications will run in the way that you want them to."

Gardner: How about for your development efficiency? Are you learning some lessons on the road that you wouldn’t have had before that you can now bring into the next rep. Is there a feedback loop of sorts?

Powerful feedback

Eaton: Yes. It’s a pretty powerful one back to our R&D groups, because getting back to that data scenario, the volume and types of data that the customers have can be unexpected. The way customers use systems, while it works perfectly fine, is not one of the use cases that is normally found in some applications, and you get different results.

So, finding them out in the field and then being able to bring those back to our R&D groups and say, "This is what we’re seeing out in the field and this is how people are using it," gives them a better insight and makes them able to modify their code to fit those use cases better.

Gardner: Todd, is there any advice that you would give to those considering doing this, that is to say, taking their performance testing out on the road, closer to the actual site where these applications are going to reside?

Eaton: The main one is to work with your HP rep on what they have available for this. We took a product that everybody is familiar with, LoadRunner, and tweaked it so it became portable. The HP reps know a lot more about how they packaged that up and what’s best for different customers based on their needs. Working with a rep would be a big help in trying to roll this out to various groups.

Gardner: Okay, great. We’ve been learning about how McKesson is bringing performance-based testing products out to their customers’ locations and gaining a feedback capability as well as reducing time to market and making the quality of those applications near 100 percent right from the start.

I want to thank our guest. We’ve been joined by Todd Eaton, Director of Application Lifecycle Management Tools in the CTO’s office at McKesson. Thank you so much Todd.

Eaton: You’re welcome. Nice talking to you.

Gardner: And, thanks to our audience for joining us for this special BriefingsDirect podcast, coming to you from the HP Software Universe 2010 Conference in Washington, DC.

Look for other podcasts from this HP event on the hp.com website under HP Software Universe Live podcast, as well as through the BriefingsDirect Network.

I’m Dana Gardner, Principal Analyst at Interarbor Solutions, your host and moderator for this series of HP-sponsored Software Universe Live Discussions. Thanks for listening, and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: HP.


Transcript of a BriefingsDirect podcast from the HP Software Universe 2010 Conference in Washington, DC on field-testing software installations using HP Performance Center products. Copyright Interarbor Solutions, LLC, 2005-2010. All rights reserved.

You may also be interested in:

Monday, June 14, 2010

Top Reasons and Paybacks for Adopting Cloud Computing Sooner Rather Than Later

Transcript of a BriefingsDirect podcast on how adopting cloud computing models can lead enterprises to gain business and technology benefits.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: HP.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to BriefingsDirect. Welcome to a sponsored podcast discussion on identifying the top reasons and paybacks for adopting cloud computing.

Like any other big change affecting business and IT, if cloud, in its many forms, gains traction, then adopters will require a lot of rationales, incentives, and measurable returns to keep progressing successfully. But, just as the definition of cloud computing itself can elicit myriad responses, the same is true for why an organization should encourage cloud computing.

The major paybacks are not clearly agreed upon, for sure. Are the paybacks purely in economic terms? Is cloud a route to IT efficiency primarily? Are the business agility benefits paramount? Or, does cloud transform business and markets in ways not yet fully understood?

We'll seek a list of the top reasons why exploiting cloud computing models make sense, and why at least experimenting with cloud should be done sooner rather than later. We have assembled a panel of cloud experts to put some serious wood behind the arrow leading to the cloud.

Please join me now in welcoming Archie Reed, HP's Chief Technologist for Cloud Security and the author of several publications including The Definitive Guide to Identity Management and a new book, The Concise Guide to Cloud Computing. Welcome back to the show, Archie.

Archie Reed: Thanks very much, Dana.

Gardner: We're also here with Jim Reavis, executive director of the Cloud Security Alliance (CSA) and president of Reavis Consulting Group. Welcome back to you too, Jim.

Jim Reavis: Pleasure to be here, Dana.

Gardner: And we are also here with Dave Linthicum, Chief Technology Officer of Bick Group and also a prolific cloud blogger and author. Welcome back to you as well, Dave.

Dave Linthicum: Thanks for having me, Dana.

Gardner: Let me go first to you, Jim, and then to Archie. At the RSA Conference, the CSA and HP announced some findings around "Seven Deadly Sins" for cloud adoption. Tell us a little bit about those Seven Deadly Sins, some of the negative issues, before we delve into some of the positive, some of the perhaps heavenly delights of cloud, if you will.

Foregone conclusion

Reavis: Thanks, Dana. The reason we produce these threat listings and do everything we are doing at CSA is that we believe that adopting cloud is a foregone conclusion. We're going to be spending a lot of time on this webcast talking about the benefits. So, it’s to help people do it in the most appropriate and secure way.

You can find the full listing of the Seven Deadly Sins at cloudsecurityalliance.org website, under "Top Threats." I'm not going to list them all in detail. We found that, when you think about going to the cloud, it’s not just security issues that enterprises are concerned about, but rather compliance. A lot of the transparency issues on what your provider is doing becomes something that we want to think about and be really concerned about.

Data is something that we identified as a key threat issue. You want to know where your data is. You want to know how it’s being controlled. You want to prevent it from being leaked or lost completely. Obviously, that goes with any type of computing, but it's certainly something, as we move to this new model, that you want to understand and be concerned about.

We certainly don’t think what we produced was alarmist, but rather to help people adopt cloud.



Then, there's just a variety of things where we want to understand how bad guys will start using the cloud, what new specific issues there are, and when we have the shared infrastructure, how bad people might be able to get in in some way or another and use some form of privilege escalation through virtualization or other sorts of techniques to be able to move into areas where they aren’t allowed.

It’s definitely food for thought. It’s part of your whole risk-management process, when you think about how to take a certain business initiative and use a certain cloud system to accomplish that goal. That’s the whole point of it, and we've gotten pretty good feedback. We certainly don’t think what we produced was alarmist, but rather to help people adopt cloud.

Gardner: Archie Reed, a lot of companies that I've talked to are trying to do this cost-benefit analysis about cloud and what they should be doing. In order to understand that, you have to look at what you need to do to prevent the risks from getting out of hand, but you also need to know about what you get in return for doing it well.

Let’s look at this cost-benefit analysis. We have a good sense of some of the negatives, what you need to do, and some of the investments. What are some of the high-level potentials? What are the paybacks that would balance out some of those risks and investments?

Reed: Thanks, Dana. Just to reiterate what Jim said previously around the Seven Deadly Sins, in order to understand what the cost benefits are, what the impact to an organization is going to be, you have to be aware of the risk analysis you are going to undertake that feeds into a cost-benefit analysis.

I just want to make a couple of points about the top threats, as we lead into these things. First off, it was all about awareness or enlightenment. Given the tone of our discussion today, the key was, as Jim said, not to be alarmist, but to create awareness.

If you don’t understand what’s going on inside the cloud environment that you're using, be it public or private, or some hybrid of those things, then you can't really get the benefits that you're looking for, because you haven’t taken into account the overall risks that are associated with that.

The same risks

I
nterestingly, when we look at this list, if we received any criticism for it at all, it was that it presents the same risks that any large, outsourced business service might encounter. Fundamentally, you need to follow good security practices.

So, when we go into all of this discussion around what is the benefit, we need to do our standard risk analysis. There’s nothing too much that's new here, but what we do see is that when you get to the cloud and you're doing that assessment, it comes down to agility.

Agility, in this sense, has the dimensions of speed at scale. For businesses, that can be quite compelling in terms of economic return and business agility, which is another variation on the theme. But, we gain this through the attributes we ascribe to cloud -- things like instant on/off, huge scale, per-use billing, all the things we tried to achieve previously but finally seem to be able to get with a cloud-computing architectural model.

The risks may go down, if it’s a private environment.



If we're going to do the cost-benefit analysis, it does come down to the fact that, through that per-use billing, we're able to do this in a much more fine-grain manner and then compare to the risks that we are going to encounter as a result of using this type of environment. Again, that's regardless of whether it’s public or private. The risks may go down, if it’s a private environment.

Factoring all those things in together, there's not too much of a new model in how we try to achieve this justification and gain those benefits.

Gardner: Dave Linthicum, we've talked about this a bit in the past and one of things that was memorable in talking with you is that you seem to think that we shouldn’t look at cloud computing through a cost savings lens. It may not even be cheaper or more cost efficient, but you had other, more pressing reasons for moving into the cloud.

First, if I'm correct, explain your rationale on the cost issue and then also what you think are some of the top motivators?

Linthicum: The mistake that a lot of people make is that they go directly for the OPEX versus CAPEX cost. In other words, they're sick of buying waves and waves of servers for their data centers and sick of paying co-los and all those sorts of things. They really want to get into a "pay per drink" cost model in how they consume compute cycles, storage, and all the other things that are kind of innate to the data center.

One of the issues is that public cloud computing providers typically -- and sometimes private cloud computing infrastructure that you set up -- are going to be more expensive than a lot of existing infrastructures. That’s misunderstood out there, unless you are like me and for the last two years have done the analysis over and over again.

However, the notion of business agility, which I heard mentioned, is really where the money is made. It's the ability to scale up and scale down, the ability to allocate compute resources around business opportunities, and the ability to align the business to new markets quickly and efficiently, without doing waves and waves of software acquisitions, setups, installs, and all the risks around doing that. That's really where the core benefit is.

If you look at that and you look at the strategic value of agility within your enterprise, it’s always different. In other words, your value of agility is going to vary greatly between a high tech company, a finance company, and a manufacturing company. You can come up with the business benefit and the reason for moving into cloud computing, and people have a tendency not to think that way.

Innate risks

The point I already made -- and I agree with the guests -- is that you have to weigh that benefit in line with the innate risks in moving to these platforms. Whether or not you are moving from on-premises to off-premises, on-premies to cloud, or traditional on-premises to private cloud computing, there’s always risk involved in terms of how you do security, governance, latency, and those things.

Once you factor those things in and you understand what the value drivers are in both OPEX and CAPEX cost and the trade-offs there, as well as business agility, and weigh in the risk, then you have your equation, and it comes down to a business decision. Nine times out of ten, the cloud computing provider is going to provide a more strategic IT value than traditional computing platforms.

Gardner: Going back to you, Jim, when we think about the benefits of cloud in general, it seems that most people gravitate to this as a way in which we can recast IT processes and functions. But, in a lot of ways, I think there’s just as much interest around using the cloud as a way of reaching audiences, providing services, linking up partners in an ecosystem or process marketplace in ways that hadn’t been possible before.

Do you think it’s a good idea for us to not just think about cloud as a benefit to efficiency and transformation at the IT level, but that in gaining cloud expertise, there's the opportunity to do things vis-à-vis supplying your customers, finding your customers, and even in joining with suppliers in a new way?

Reavis: I'd agree with that, and it echoes a little bit of what Dave has said. When you think about economics, what’s the core of economics? It's supply and demand. Cloud gives you that ability to more efficiently serve your customers. It becomes a customer-service issue, where you can provide a supply of whatever your service is that really fits with their demand.

Their business would not have been able to exist in the earlier era of the Internet. It’s just not possible.



Ten years ago I started a little minor success in the Internet dot-com days. It was called Securityportal.com. You all remember something called the "Slashdot effect," where a story would get posted on Slashdot and it would basically take your business out. You would have an outage, because so much traffic would go your way.

We would, on the one hand, love those sorts of things, and we would live in fear of when that would happen, when we would get recognition, because we didn’t have cloud-based models for servicing our customers. So, when good things would happen, it would sometimes be a bad thing for us.

I had a chance to spend a lot of time with an online gaming company, and the way they've been able to scale up would only be possible in the cloud. Their business would not have been able to exist in the earlier era of the Internet. It’s just not possible.

So, yeah, it provides us this whole new platform. I've maintained all along that we're not just going to migrate IT into the cloud, but we're going to reinvent new businesses, new business processes, and new ways of having an intermediary relationship with other suppliers and our customers as well. So it’s going to be very, very transformational.

Gardner: Similar question to you, Archie. When HP looks at the potential for cloud in its own right as a company, I should think that there is a lot of interest and efficiency for delivering services and providing a cloud capability for that. You've already got a lot of software-as-a-service (SaaS)-based services for application lifecycle management, and test and dev, and so forth. How do you see the difference between cloud as it affects IT and then cloud as it affects business?

Outcomes are core

Reed: At HP, when we talk to customers and even try to evaluate internally, we talk about this thing called business outcomes being core to how IT and business align. Whether they're small companies or large companies, it's providing services that support the business outcomes and understanding that ultimately you want to deliver.

In business terms, it's more processing of loan requests and financial transactions. Then, if that’s the measure that people are looking at what the business outcomes need to be, then IT can align with that and they become the service provider for that capability.

We've talked to a lot of customers, particularly in the financial industry, for example, where IT wasn’t measured in how they cut costs or how much staff they had. They were measured in incremental improvements on how many advances could be made in delivering more business capability.

In that example, one particular business metric was, "We can process more loans in a day, when necessary." The way they achieved that was by re-architecting things in a more cloud or service-centric way, wherein they could essentially ramp up, on what they called a private cloud, the ability to process things much more quickly.

Now, many in IT realize -- perhaps not enough, but we're seeing the change -- that they need to make this toward the service oriented architecture (SOA) approach and delivery, such that they are becoming experts in brokering the right solution to deliver the most significant business outcomes.

That becomes the latency that drives the lateness of the business process changes that need to occur within the enterprise.



The source of those services is less about how much hardware and software you need to buy and integrate and all that sort of thing, and more about the most economical and secure way that they can deliver the majority of desired outcomes. You don’t just want to build one service to provide a capability. You want to build an environment and an architecture that achieves the bulk of the desired outcomes. Does that make sense?

Gardner: Sure. Dave Linthicum, we talked about agility, let’s see if we can unpack that a little bit and get a little bit more detail. That’s kind of a general umbrella topic or a moniker.

When we think about business process, if you're focused at the business process level, and I think that’s what Archie was alluding to, rather than the supporting infrastructure or the applications, if we start composing business processes from services, rather than discrete applications, it seems to me we gain an opportunity to be responsive. That is to say, a business process can be examined and then perhaps some data analysis can be applied. Then, we can ask how do we do that better.

Does cloud computing allow us to then adjust a business process or even come up with innovations built upon existing processes in ways that traditional IT simply can’t or just can’t within the necessary time frame?

Linthicum: Yes. The latency that people are running into in traditional IT is not really aligning the business processes, because usually they have the ability to do that in one way or form, either in composites or a true business process layer, which already exists. It’s the ability to stand up the services that they need in terms of storage, compute, different things like risk analytics in the financial market, and how all those things basically tie together. That becomes the latency that drives the lateness of the business process changes that need to occur within the enterprise.

Additional capabilities

Cloud computing will provide us with some additional capabilities. It's not necessarily nirvana, but you can get at compute and you can get at even some of these pretty big services. For example, the Predictive API that Google just announced at Google I/O recently is an amazing piece of data-mining stuff that you can get for free, for now.

The ability to tie that into your existing processes and perhaps make some predictions in terms of inventory control things, means you could save potentially a million dollars a month, supporting just-in-time inventory processes within your enterprise. Those sorts of things really need to come into the mix in order to provide the additional value.

Sometimes we can drive processes out of the cloud, but I think processes are really going to be driven on-premises and they are going to include cloud resources. The ability to on-board those cloud resources is needed to support the changes in the processes and is really going to be the value of cloud computing.

That the area that’s probably the most exciting thing. I just came back from Gluecon in Denver. That is, in a sense, a cloud developers’ conference, and they're all talking about application programming interfaces (APIs) and building the next infrastructure.

When those things come online, become available, and we don’t have to build those things in-house, we can actually leverage them into a "pay per drink" basis through some kind of provider, buying those into our processes. We'll perhaps have thousands of APIs that exist all over the place, and perhaps even not even local data within these APIs.

That’s where the value of cloud computing is going to appear, and we haven’t seen anything yet. There are huge amounts of value being built right now.



They just produce behavior, and we bring them together to form these core business processes. More importantly, we bring them together to recreate these core business processes around new needs of the business.

Reed: It's the same for me. I was also at Gluecon this week, and there were several threads going on. Certainly the API thread was fascinating in terms of the sheer number of APIs that were being created and the various approaches being used in those things.

At the same time, one of the other tracks was on a whole set of concerns around the legal and security risks associated with piecing all this together. As it was the developers’ conference, the legal thread was less attended than the API thread. But, there is obvious concern about how all these things piece together, how we put the controls in place, and where we get those services from.

I definitely agree with Dave that some of the core processes, especially for larger and more security-sensitive organizations that consider their core IT to be their business processes, are going to be maintained internal to the organization. Some may be willing to put them out, but in majority of cases, we find people want to retain the IT internally.

But being able to reach out through those APIs in a safe and secure way, controlled way, to get data, analysis, and capabilities from within the cloud is definitely where we are headed. That Google analytics stuff is one example.

Internal or external

We've already seen in terms of analysis tools, the GIS stuff, geographical information, where people are just putting maps up and overlaying stuff. The data may be internal to them, but the capability of drawing a map and getting the geographical data comes from outside, and that’s created incredible types of what we call mashups, such that we expect and have seen in some cases.

Businesses are now doing their own mashups and they only get there by understanding how all these APIs, these security tenants, these legal requirements, come together. In some cases, they're ignoring those for expediency today, but ultimately the management of those things is going to be key here.

Linthicum: Just a short comment on that. One of the things that was not a message that was well received at Gluecon, being a bunch of developers, was that you need to do your stuff in the context of a good security strategy and a good governance strategy. So, how you are going to leverage these systems and policies and usage you put around it? That really becomes the core problem to solve before you go off and make this happen.

I don't know if you saw my keynote presentation I did the first day of the conference, but I went into a lot of those things. When I talked to some of the attendees, I noticed that really wasn’t well understood or even well received.

That’s a tad scary, because they're driving out in the market, creating and leveraging these APIs. In many instances, they're ungoverned. They're insecure. We don’t know exactly what they're doing, and they actually can create some vulnerabilities, which will open the risk that costs way more than any kind of benefits we're getting from cloud computing.

I think it requires them to translate their governance concepts and their controls into a new environment. It's going to take some real thinking to do that.



Gardner: Jim Reavis, let’s look into governance a bit. When companies start exploring more business process and agility efficiencies around cloud, they get exposed in ways that they wouldn’t if they were locked down inside their four walls.

But, becoming exposed, sharing data, exploring and using APIs from other parties, doesn’t this, in a sense, force these companies to adopt better methods and policies and start thinking about things that they probably should have been doing anyway? The question is, does cloud, by its nature, force organizations to become better at things like governance, policies, and best practices?

Reavis: I think it requires them to translate their governance concepts and their controls into a new environment. It's going to take some real thinking to do that.

I was one of the three, I guess, who didn’t go to Gluecon. So, thanks Dave and Archie for not inviting me. I guess it's because they're authors and I just read cartoons all the time, but I think the points there are very well made.

We're going to see the market provide the SOA governance and brokering tools that allow you to control a lot of these things and give the customer the ability to put in XAML, for example, and create some policies that they can embed and have some brokering involved, so that when the developers are out trying to create these mashups with a variety of different APIs, they can insert some sort of policy governance and have that look like another SOA-type service.

Frameworks and tools

We're not trying to dictate to the developers completely how they develop these new applications, but we are giving them some frameworks and tools that they can embed in the way they understand things, in the way they like to do business.

I want to quickly mention, though, that we've got a huge history behind us that tells us that internal networks are not locked down and secured. Having data on 100,000 machines, laptops, and every place else that has no controls over it, is a pretty perilous place to be.

Now, we understand that we're moving to a new platform. Let’s do our best to control that, but let’s try and deflate little bit that traditional IT is more secure than cloud. I'm really not ready to say that.

Reed: There are a couple of points I want to make, so that we're sure we're not just hand waving and all that. I think the incentives, the risks, and all those things change dependent on the type of business we're looking at.

Ultimately, it does require that you shore up a lot of your security and governance processes within organizations that probably don’t do security and governance processes as well as they think they do.



Certainly, when we talk to smaller organizations and mid-sized organizations as well, they're looking for the edge that they can gain in terms of cost and support and, in most cases, more security. In this case, they look for broader back-office solutions than perhaps some of the larger organizations, things such as email, account management, HR, and so forth, as well as front-end stuff, basic web hosting and more advanced versions of that.

We've implemented things like Microsoft Business Productivity Online Suite (BPOS) for many customers, especially in the mid range. They do find better support, better up time, better cost controls, and to Jim’s point, more security than they are able to provide for themselves.

When we get to talk to larger organizations, some are looking for this. We know, even in the financial industry, which you might consider to be one of the most security paranoid type environments there are outside of the three-letter agencies, they find that kind of thing appealing as well. Some of those have actually gone to use Salesforce.com for some of their services.

But, they're generally more concerned with the security stuff and they often find specific capabilities more appealing in a service model, such as data processing, data analysis, data retrieval, functional analysis, and things like that. The mashups are definitely more popular as a type of model or the service-oriented nature is more popular model with larger organizations that we talk to.

Gardner: What do you think Dave Linthicum? Is there an under-appreciated value to cloud in that, in moving to cloud models, you have to adopt the right processes around security, governance, and other risk mitigating activities that makes you a stronger, better company overall. That is to say, cloud is like New York -- if you can make it there, you can make it anywhere?

Linthicum: Ultimately, it does require that you shore up a lot of your security and governance processes within organizations that probably don’t do security and governance processes as well as they think they do.

Huge exposures

In some of the audits that I do, I often find huge exposures in how they do the on-prem systems. As they're moving into cloud, they push back on the security aspects of it all the time, and people are walking off on a daily basis with laptops full of customer data, critical data, and their IT. They just don’t understand it, because they don’t have the audits, the best practices, and the security mechanisms around that.

Moving into cloud is going to make people think in a very healthy, paranoid state. In other words, they are going to think twice about what information goes out there, how that information is secured and modeled, what APIs they are leveraging, and service level agreements (SLAs). They're going to consider encryption and identity management systems that they haven’t done in the past.

In most of the instances that I am seeing deploying cloud computing systems, they are as secure, if not more secure, than the existing on-premise systems. I would trust those cloud computing systems more than I would the existing on-premise systems.

That comes with some work, some discipline, some governance, some security, and a lot of things that we just haven’t thought about a lot, or haven’t thought about enough with the traditional on-premise systems. So, that’s going to be a side benefit. In two years, we're going to have better security and better understanding of security because of cloud.

Gardner: So, as we're now looking for even more benefits, paybacks, and improvements to your overall business by being a cloud adopter, how about at the competitive level? It seems to me that there are benefits to first movers.

In terms of first mover, late to market, or fast follower, there’s always a potential risk and benefit to any of those things.



It's been established by some of the best management consultants and business schools in the world that being the first to a market gives you very powerful benefits. Does cloud offer the opportunity for those who are willing to do the work and be aggressive and innovative an opportunity to enter markets in new ways?

One example is Apple computer. Apple has been aggressive. They don’t talk about cloud, but when you look at MobileMe, iTunes downloads, and the App Store, these to me are cloud-based services that have allowed Apple to grow mightily in the past few years, not just based on their devices, but based on their use of cloud.

So, there’s a first-mover advantage. Do you all agree -- and we will go around the panel -- that there’s a competitive benefit, at least for the foreseeable future, in your own markets, as enterprises have exploited cloud as a competitive cudgel. How about that, Archie?

Reed: In terms of first-mover, late-to-market, or fast-follower, there’s always a potential risk and benefit to any of those things. I agree that perhaps Apple has benefited, but I wouldn’t call them first movers in this space. I would say that they have been fast followers.

By that, I mean that even if you look at iTunes or the iPod itself, those things came after existing services already were in place. What they were able to do, if we take that as an example, was tie those together into an ecosystem that basically created their momentum to move forward.

Scaling really fast

The reality is not that the advantage is being able to be the first mover in cloud computing, but the fact that cloud allows you to scale and go big really fast. It allows you to sit in the fast-follower position and gain just as much as any first mover, because the gap between seeing a business opportunity and being able to deliver on that requirement or business opportunity is so much less than what it was previously.

You don’t have to ramp up huge amounts of services that take months. You can scale up in a matter of hours or days. As long as the wave isn’t so huge, and it rarely ever is, you can always get into that market space using this type of model.

Gardner: I'd like to pick up on one of the points you made about being able to establish an ecosystem. If you're exploiting cloud effectively, does that give you an advantage in how you can carve out an ecosystem, become a hub, and therefore be in a very profitable position within that ecosystem?

Reed: I'll take a quick stab at that. I think there's going to be a window for a number of years where that is the case. There will be businesses that are willing and able and can manage cloud-type environments to their benefit. But, eventually, the gaps become so small and the availability of these services online becomes so ubiquitous that I'm not sure how long this window goes for.

I don’t want to say that, in a few years, everybody will be able to deliver the same thing just as quickly. But for the moment, I think there’s a few forward thinking organizations that will be able to achieve that to great success.

There are going to be a lot of new capabilities that will only be accessible in this platform, and they're going to come a lot quicker.



Gardner: Jim Reavis, same to you. What about the competitive benefits that businesses should consider when evaluating cloud in terms of that cost benefit analysis?

Reavis: Businesses are so dependent on technology now and into the future, and we always try to stay innovative and competitive. If you just look at this from a developer standpoint, you don’t see a lot of new applications for the Commodore 64 anymore.

The organizations that are developing what they think is state-of-the-art, but it’s not cloud, are going to be struggling, because all of the neat, interesting new developments. It’s hard to even put your head around all of implications of compute-as-a-utility and all the innovation we are going to see, but we know it’s going to be on that platform.

If you think of this as the new development platform, then yeah, it’s going to be a real competitive issue. There are going to be a lot of new capabilities that will only be accessible in this platform, and they're going to come a lot quicker.

Five years from now

So, in terms of the first movers and the environment now, it’s going to look very different. Anybody who carved out some space right now and some lead in the market in cloud shouldn't feel too comfortable about their position, because there are companies we don't even know about at this point, that are going to be fairly pervasive and have a lot to say about IT five years from now.

Reed: I just want to make a point there, Jim. You can actually get a Commodore 64 emulator for the iPhone. So, there may be some new stuff coming up. I'm not sure, but it is possible.

Gardner: Yeah, there is the long tail in reverse. It’s backward-compatibility from the cloud.

Dave Linthicum, same question to you, the competitive benefits of being aggressive in cloud computing at some of the highest business issue levels.

Linthicum: We already talked about the business agility aspect of it, but ultimately, even as these younger companies who are leveraging more cloud than a lot of the older companies out there start to grow up, they are going to find that their IT CAPEX costs are, in many instances, nonexistent.

They are going to have some on-premise systems, but they are used to putting things in the cloud. They are Salesforce.com adopters early on. They're using Amazon now. They've figured out security and governance and ultimately they are going to have these very agile business systems that are able to run rings around their competition.

Some of the things we always talk about around enterprise architecture are going to kill the company, because they can’t do the acquisitions and they can’t move into market spaces.



I don’t think we're going to see this anytime soon, but I definitely think that by 2015 or 2016, you're going to see some businesses suffering from IT bloat. They're very static, monolithic systems, very difficult to change, and very fragile. Some of the things we always talk about around enterprise architecture are going to kill the company, because they can’t do the acquisitions and they can’t move into market spaces.

By the way, their new competitors that came out of nowhere get cloud computing because they've used it from the get-go. They're going to be able to leverage that as the strategic value that’s going to allow them to dominate the market. We're seeing some of this today in some of the smaller spaces, but it’s not very pronounced.

But, it’s going to be very pronounced to the point that business journals are going to talk about it, and a lot of companies are going to go out, because some of the folks are able to leverage technology for strategic IT advantage to beat them into the ground. Look at Wal-Mart. They leveraged IT for a huge strategic advantage to beat their competitors into the ground to lower their prices. We're going to see that a hundred times over in five years.

Reed: I'd agree. I can give you an example, Dana. I spoke to a very small group of individuals, fewer than 50. They're designers and architects, and they've come together to form this company. Their claim was that they didn’t need any IT anywhere, because they were using cloud services for everything.

Even the provisioning system, the controls about who had access to what, was all done in the cloud. All they needed was their big old Macs, the 27-inch Macs, and their huge HP screens. As long as they could get online, they were in business.

This small company's claim, when I was talking to them, was that they had just beaten out the largest established architectural firm in Ireland for a bid in Dublin. They had done that by being able to work round the clock, online, at all times, and deliver it to the customer in a much shorter time than anyone else was able to. They did it all through cloud services.

So, it’s quite compelling to see small businesses compete with the larger businesses, and unless big businesses understand what’s going on, we're going to see a few start to lose business in this sense.

Gardner: Well, I'm afraid we'll have to leave it there. Suffice it to say that we've clearly identified in the market, over the past several years, some significant hurdles and risks to cloud computing. But, some of these benefits also sound extremely compelling and almost not an option, when you consider the competitive issues. That cost-benefit analysis can easily come down on the side of a must-do, even if the risks are substantial.

We've been talking about identifying some of the top reasons and paybacks for adopting cloud computing and why you should perhaps do those sooner rather than later.

I want to thank our panel. We've been joined by Archie Reed, HP’s Chief Technologist for Cloud Security and the author of several publications including "The Definitive Guide to Identity Management" and "The Concise Guide to Cloud Computing." Thank you so much, Archie.

Reed: Thank you.

Gardner: We've also been joined by Jim Reavis, executive director, Cloud Security Alliance and president of Reavis Consulting Group. Thank you Jim.

Reavis: Thanks, Dana.

Gardner: Lastly, I also want to thank Dave Linthicum, CTO of Bick Group and a prolific cloud blogger, podcaster, and you said that you did your 100th cloud podcast recently Dave?

Linthicum: Just filed a 100th podcast, after two years.

Gardner: Congratulations. And also the author of several notable books. Thanks to you.

This is Dana Gardner, Principal Analyst at Interarbor Solutions. You've been listening to a sponsored BriefingsDirect podcast. Thanks for listening and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Sponsor: HP.

Transcript of a BriefingsDirect podcast on how adopting cloud computing models can lead enterprises to gain business and technology benefits. Copyright Interarbor Solutions, LLC, 2005-2009. All rights reserved.

You may also be interested in:

Thursday, June 10, 2010

Shoemaker on How HP CSA Aids Total Visibility into Services Management Lifecycle for Cloud Computing

Transcript of a BriefingsDirect podcast on overcoming higher levels of complexity in cloud computing through improved management and automation.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: HP.

Dana Gardner: Hi, this is Dana Gardner, principal analyst at Interarbor Solutions, and you’re listening to BriefingsDirect. Today, we present a sponsored podcast discussion on gaining total visibility into the IT services management lifecycle.

As cloud computing in its many forms gains traction, higher levels of management complexity are inevitable for large enterprises, managed service providers (MSPs), and small-to-medium sized businesses (SMBs). Gaining and keeping control becomes even more critical for all these organizations, as applications are virtualized and as services and data sourcing options proliferate, both inside and outside of enterprise boundaries.

More than just retaining visibility, however, IT departments and business leaders need the means to fine-tune and govern services use, business processes, and the participants accessing them across the entire services lifecycle. The problem is how to move beyond traditional manual management methods, while being inclusive of legacy systems to automate, standardize, and control the way services are used.

We're here with an executive from HP to examine an expanding set of Cloud Service Automation (CSA) products, services, and methods to help enterprises exploit cloud and services values, while reducing risks and working toward total management of all systems and services.

Please join me now in welcoming Mark Shoemaker, Executive Program Manager, BTO Software for Cloud at HP. Welcome to BriefingsDirect, Mark.

Mark Shoemaker: Hi, Dana. How are you today? I'm really excited about being able to join you.

Gardner: Mark, tell me how we got here. How did complexity become something now spanning servers, virtualization, cloud, and sourcing options? It seems like we’ve been on a long journey and we haven’t necessarily kept up.

Shoemaker: It’s simple. Up until a few years ago, everything in the data center and infrastructure had a physical home, for the most part. Then, virtualization came along. While we still have all the physical elements, now we have a virtual and a cloud strata that actually require the same level of diligence in management and monitoring, but it moves around.

Where we're used to having things connected to physical switches, servers, and storage, those things are actually virtualized and moved into the cloud or virtualization layer, which makes the services more critical to manage and monitor.

Gardner: How are clouds different? Do you need to manage them in entirely different way, or is there a way to do both -- manage both the cloud and your legacy system?

All the physical things

Shoemaker: Enterprises have to do both. Cloud doesn’t get rid of all the physical things that still sit in data centers and are plugged in and run. It actually runs on top of that. It actually adds a layer, and companies want to be able to manage the public and private side of that, as well as the physical and virtual. It just improves productivity and gets better utilization out of the whole infrastructure footprint.

Gardner: And what is it about moving toward automation, perhaps using standards increasingly, that becomes more critical than ever?

Shoemaker: Well, it’s funny. A lot of IT people will tell you we’ve always been talking about standards. It’s always been about standards, but they've not always had the choice.

A lot of times, the business definition of what it took to be successful and what business applications they needed to run that, dictated a lot of the infrastructure that sits in our data centers today. With cloud computing -- and the automation and virtualization that goes along with that -- standardization is key.

You can’t automate a repetitive task, if it’s changing all the time. The good thing about cloud and virtualization is that they're absolutely driving standards, and IT is going to benefit from that. The challenge is that now it's more fluid and we’ve got to do a better job than we’ve ever had to of managing, monitoring, and keeping up.

The businesses are going to be more productive, the people are going to be happier, and the services are going to run better.



Gardner: What is it about the human management, the sort of manual approach, that doesn’t scale in this regard?

Shoemaker: IT has been under the gun for a few years now. I don’t know many IT shops that have added people and resources to keep up with the amount of technology they have deployed over the last few years. Now, we're making that more complex.

They aren't going to get more heads. There has to be a system to manage it. Plus, even the best people, when it’s in the middle of the night, you're tired and you’ve been up a long time trying to get something done, you're always at the risk of making a mistake on a keyboard or downloading the wrong file or somebody missing a message that they need to see.

Any time we can take the mundane and the routine up to let our high-value assets really focus on the business critical functions, that’s going to be a good thing. The businesses are going to be more productive, the people are going to be happier, and the services are going to run better.

Gardner: I suppose too that organizations have had in the past the opportunity to control what goes on in their organization, but as you start acquiring services, you don’t really have control as to what’s going on behind the support of those services. So, we need to have management that elevates to a higher abstraction.

Shoemaker: That’s a great point and that’s one of the things we’ve looked at as well. Certainly, there is no silver bullet for either one of these areas. We're looking at a more holistic and integrated approach in the way we manage. A lot of the things we're bringing to bear -- CSA, for example -- are built on years of expertise around managing infrastructures, because it’s the same task and functions.

Ensuring the service level

Then, we’ve expanded those as well to take into account the public cloud need of being a consumer of the service, but still being concerned with the service levels, and been able to point those same tools back into a public cloud to see what’s going on and making sure you are getting what you are paying for and what the business expects.

Gardner: You have a pretty good understanding of the problem set. What about the solution from a high level? How do you start managing to gain the full visibility and also be able to control to turn those dials and govern throughout this ecosystem?

Shoemaker: You’ve hit on my two favorite words. When we talk about management, it starts with visibility and control. You have to be able to see everything. Whether it’s physical or virtual or in a cloud, you have to be able to see it and, at some point, you have to be able to control its behavior to really benefit.

Once you marry that with standards and automation, you start reaping the benefits of what cloud and virtualization promise us. To get to the new levels of management, we’ve got to do a better job.

Gardner: We’ve looked at the scale of the problem. Lets look at the scale of the solution. This isn’t something that you can buy out of a box. Tell me what HP brings in terms of its breadth and scope that have a direct relationship to the scope and breadth of the solution itself.

Nobody does that. There’s not one product and there’s not going to be one product for any period of time.



Shoemaker: Again, there is no silver bullet here. There is no one application. It’s going to take you all the way from the planning phase, to development, to testing and load testing, to infrastructure as a service (IaaS). You stand at the hardware and start building the management pieces and the platform that provide the underlying application that you develop on and then run and assure that service for whoever your consumer is.

Nobody does that. There’s not one product and there’s not going to be one product for any period of time. We'd love to get there and certainly we're going to do everything we can to make it easier.

The great thing about what HP brings to the table is that in every one of those areas I mentioned, there is an industry-leading solution that we're integrating to give you that control across your entire breadth of management that you need to be successful in today’s new infrastructure, which is cloud and virtualization on top of physical.

Gardner: Back on May 11, HP had a fairly large set of news releases, the delivery of some new products, as well as some vision, and the CSA products and services. Perhaps you could give us a little bit of an idea of the philosophy behind CSA and how that fits into this larger set of announcements.

Listened to customers

Shoemaker: CSA is the product of several years of actually delivering cloud. Some of the largest cloud installations out there run on HP software right now. We listened to what our customers would tell us and took a hard look at the reference architecture that we created over those years that encompassed all these different elements that you could bring to bear in a cloud and started looking, how to bring that to market and bring it to a point where the customer can gain benefit from it quicker.

We want to be able to come in, understand the need, plug in the solution, and get the customer up and running and managing the cloud or virtualization inside that cloud as quickly as possible, so they can focus on the business value of the application.

The great thing is that we’ve got the experience. We’ve got the expertise. We’ve got the portfolio. And, we’ve got the ability to manage all kinds of clouds, whether, as I said, it’s IaaS or platform as a service (PaaS), that your software's developed on, or even a hybrid solution, where you are using a private cloud along with a public cloud that actually bursts up, if you don’t want to outlay capital to buy new hardware.

We have the ability, at this point, to tap into Amazon’s cloud and actually let you extend your data center to provide additional capacity and then pull it back in on a per-use basis, connected with the rest of your infrastructure that we manage today.

The other cloud that we are talking about is a combination of physical and virtual. Think about a solution that maybe didn’t fit well in a virtual or a cloud environment -- databases, for example, high IO databases. We would be able to bridge the physical and the virtual, because we manage, maintain, and build with the same tool sets on the physical and virtual side.

A lot of customers that we talk to today are already engaged in a virtualization play and in bringing virtualization into their data centers and putting on top of the physical.



Gardner: I mentioned earlier that these are the same problems that large enterprises, managed service providers, even SMBs that are looking toward outsourcing services are all facing. Is there like a low-lying fruit here, a place to start across these different types of organizations or maybe specific to them? Where do you start applying the management in this sort of total sense?

Shoemaker: Again, it goes back to visibility and control. A lot of customers that we talk to today are already engaged in a virtualization play and in bringing virtualization into their data centers and putting on top of the physical. They have a very large physical presence as well. Most of them are using a disparate set of tools to try to manage all those different silos of data.

The first thing is to gain that visibility and control by bringing in one solution that can help you manage all of your servers, network, and storage as one unit, whether physical or virtual. Then, move all of your day-to-day task via automation into that system to take the burden off of your IT up schemes.

Gardner: If we make this approach either through standards or standard methodologies and implementations or references as both the service provider and the enterprise, does that give us some sort of a whole greater than the sum of the parts when it comes to management?

Shoemaker: Yeah, I think so. Certainly, from a scale and utilization perspective, we definitely have more synergies, if we are acting as one. So the ability to move things around, the ability to make sure all of the standards are being upheld, things that are being built or being built in the standards, and having that assurance of being able to see all of these different compliance issues for them become problems.

Gardner: Okay, so should enterprises be asking their managed service providers (MSPs) about the management they are using?

Shoemaker: Absolutely. If you are looking at an MSP, that MSP should be able to give you the same visibility and control that you have internally.

Gardner: From the May 11 news, give us a little recap about what you came to the market with in CSA. Is this product and services or just products? How does the mix fit?

Best in class

Shoemaker: We announced CSA on May 11, and we're really excited about what it brings to our customers. What we are able to do is bring our best-in-class, industry-leading products together and build a solution that allows you to control, build, and manage a cloud.

We’ve taken the core elements. If you think about a cloud and all the different pieces, there is that engine in the middle, resource management, system management, and provisioning. All those things that make up the central pieces are what we're starting with in CSA.

Then, depending on what the customer needs, we bolt on everything around that. We can even use the customers’ investments in their own third-party applications, if necessary and if desired.

Gardner: Let’s look at some examples. I'm interested in understanding this concept of total management, the visibility to control across physical, virtual, and various cloud permutations. Give me an idea of how this physical to virtual scenario works and how different types of applications, maybe transactional and web services based ones, can benefit.

Shoemaker: As I mentioned before, one of the examples we use is a database, a high IO database with lot of reads and writes. That may not be best suited for a cloud or virtual environment, where the web service front-end and the middle layer may be fine.

So, it goes back to singular visibility and that singular control point to manage your cloud and your physical.



Because we use the same management suite to manage the physical and the virtual, we were able to mesh those two systems to create a singular system that’s managed and looks like one system, but actually sits in the physical in the virtual realm. The customer doesn’t have to bring all of the applications back into a physical element and not get deficiencies that cloud has for the pieces that don’t need it, just to satisfy the database need.

Gardner: Is there a second use case or environment in which this total management benefit also fits in?

Shoemaker: Let’s say it's a customer, an MSP customer in this case or a customer that’s turning up new physical cloud elements. The VMWare ESX server still has to be built on a physical server. With our solution, we are able to actually build that ESX server, based on a pre-defined set of criteria, image that server onto the physical hardware, and bring it into the environment, with the same suite of tools. So, it goes back to singular visibility and that singular control point to manage your cloud and your physical.

Gardner: And is that important perhaps for regulatory or compliance issues?

Shoemaker: Absolutely. Virtual and physical have the same compliance with regulatory requirements. Virtual and cloud probably have a little bit more difficult time just based on the shared environment that’s naturally occurring. A lot of emphasis is being put on the security elements in cloud today. So, the compliance piece of what we offer actually reduces that risk for our customers.

Gardner: How about the deployment choices movement? As organizations experiment with cloud, perhaps they start moving development, and ultimately workloads, out to a third-party cloud. How do you manage that transition? I guess this is the hybrid cloud management problem.

As cloud takes off

Shoemaker: We talked a little bit earlier about some of the work we’ve done around some of the Cloud Assure products, where we can help expand cloud infrastructure into a public environment. We see that becoming more prevalent as cloud takes off.

Right now, a lot of people experiment with development and test, much like they did in the virtual initial start-up period. We see that relationship becoming more of a broker relationship, where you may pick where you put your application to run in that public cloud. Build it in-house in the private and move it out into that public realm.

Think about this: A lot of countries have different regulatory controls, laws, and regulations around where data can be stored. If you're doing business in some European countries, they want you to have the actual service running inside the country, so the data stays in there.

In the past, they'd find an MSP in that country, building all the infrastructure, and managing everything that goes along with that. So, as the country of record, the data has to be there. Now, we have the ability to actually create that image in the cloud, push that image to a cloud provider in that country, and have that application run holistically on premise inside of the borders of the country, but still report back to the larger piece. This gets us around a hurdle that’s been a challenge with physical infrastructure.

Gardner: Let’s take a look to the future. As companies will be approaching cloud from a variety of perspectives, there are different vertical industries involved, and different geographies. It's kind of a mess, a stew of different approaches. What do you think is going to happen in the future? I think cost and competitive issues are going to drive companies to try to do this. They're going to hit this speed bump about management. Where do you see HP’s offerings going in order to help them address that?

Also, we're looking at what’s going to be important next. What are going to be the technologies and the services that our customers are going to need to be successful in this new paradigm?



Shoemaker: In a lot of cases, HP’s offerings are already there and many are aspects of the functionality. Certainly, we're working hard to make sure we integrate the solutions, so they act together more cohesively and provide more value to our customers from day one.

As the landscape changes, we're looking at how to change our applications as well. We’ve got a very large footprint in the software-as-a-service (SaaS) arena right now where we actually provide a lot of our applications for management, monitoring, development, and test as SaaS. So, this becomes more prevalent as public cloud takes off.

Also, we're looking at what’s going to be important next. What are going to be the technologies and the services that our customers are going to need to be successful in this new paradigm.

Gardner: Are there ways of getting started? Are there resources, places online that folks can go to for gearing up for that future?

Shoemaker: There's a robust cloud community out there today, but HP also has a robust practice around helping our customers plan for those exact things. Our Services group provides workshops, learning engagements, and even planning and execution help for a lot of our largest customers today that are planning and positioning for tomorrow. So, we have that expertise and we're actually actively supporting our customers today.

Gardner: We’ve been talking about gaining total visibility into services management lifecycle. We're looking at this through the movement from virtualized to services and sourcing options. We’ve been talking with an HP executive about Cloud Service Automation products and services and how, in the future, total governance is going to become more the norm and more a necessity, as organizations try to avail themselves of more cloud and IT shared services opportunities.

I want to thank Mark Shoemaker, Executive Program Manager, BTO Software for Cloud at HP. Thanks for joining, Mark.

Shoemaker: Thanks so much, Dana. I appreciate you having us on.

Gardner: This is Dana Gardner, Principal Analyst at Interarbor Solutions. You’ve been listening to a sponsored BriefingsDirect podcast. Thanks for listening and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Download the transcript. Learn more. Sponsor: HP.

Transcript of a BriefingsDirect podcast on overcoming higher levels of complexity in cloud computing through improved management and automation. Copyright Interarbor Solutions, LLC, 2005-2010. All rights reserved.

You may also be interested in: