MAKING THE MOVE
TO CLOUD COMPUTING
BY DR MARK I. WILLIAMS
business with CONFIDENCE
icaew.com/itfac
ICAEW’s IT Faculty provides products and services to help its members make the best
possible use of IT. It represents chartered accountants’ IT-related interests and expertise,
contributes to IT-related public affairs and helps those in business to keep up to date with
IT issues and developments. The faculty also works to further the study of the application
of IT to business and accountancy, including the development of thought leadership and
research. As an independent body, the IT Faculty is able to take a truly objective view
and get past the hype surrounding IT, leading and shaping debate, challenging common
assumptions and clarifying agreements.
For more information about the IT Faculty please visit icaew.com/itfac
Copyright © ICAEW 2012
All rights reserved. If you want to reproduce or redistribute any of the material in this publication,
you should first get ICAEW’s permission in writing.
ICAEW will not be liable for any reliance you place on the information in this material. You should seek
independent advice.
The views expressed in this publication are those of the author. ICAEW does not necessarily share their
views. ICAEW will not be liable for any reliance you place on information in this publication.
ISBN 978-0-85760-617-4
MAKING THE MOVE
TO CLOUD COMPUTING
BY DR MARK I. WILLIAMS
Contents
1 INTRODUCTION
03
1.1 Your business
03
1.2 Your data
04
1.3 Your planet
04
1.4 The cloud roadmap
04
1.5 Checklist
05
2 UNDERSTANDING THE OPTIONS
06
2.1 Service models
06
2.2 Deployment models
06
2.3 Adoption scenarios
07
2.4 Checklist
08
3
IDENTIFYING OPPORTUNITIES
09
3.1 Internal IT review
09
3.2 Internal business review
10
3.3 Legal checks
10
3.4 Opportunity selection
10
3.5 Requirements gathering
11
3.6 Checklist
11
4
CLOUDSOURCING
12
4.1 Multiple choice
12
4.2 Risk mitigation
12
4.3 Vendor selection
12
4.4 Costing clouds
14
4.5 Do it yourself – private clouds
14
4.6 Checklist
14
5
IMPLEMENTATION
16
5.1 Usability and performance
16
5.2 Deployment
17
5.3 Exit strategy
17
5.4 Monitoring
17
5.5 Checklist
17
Making the move to cloud computing
01
6
KEEPING YOUR HEAD IN THE CLOUDS
19
6.1 Summary
19
6.2 Concluding remarks
19
APPENDICES
20
APPENDIX A: GLOSSARY
20
APPENDIX B: FURTHER INFORMATION
22
ABOUT THE AUTHOR
24
02
Making the move to cloud computing
1 INTRODUCTION
Cloud computing in its purest form is pay-as-you-go IT, online and on demand. The IT
capabilities provided as a service to businesses include: single software applications
or software suites; online software development platforms; and virtual computing
infrastructure, ranging from data storage to computer grids. These services can be readily
procured from public cloud providers or supplied within larger organisations as private
clouds by internal IT departments.
In the UK there is now a growing awareness of cloud computing as a set of viable IT
service models, as well as an understanding of many of the benefits and risks inherent
in the adoption of cloud-based services by businesses. In 2011 two independent surveys
carried out by VMWare and the Cloud Industry Forum revealed that 48% of UK businesses
were already using some cloud-based services, while around two-thirds of the remainder
were evenly split between those considering and those definitely planning to use cloud
computing in 2012. Other European countries and the US have seen even higher adoption
rates.
At the time of writing, however, there remains a great deal of uncertainty and confusion
that prevents many businesses, particularly in the UK, from taking more than just baby
steps into the world of cloud computing. This practical guide is a follow-up to the IT
Faculty publication ‘Cloud computing: A guide for business managers’ published in 2010
which you are recommended to read as an introduction to the subject. This latest guide
aims to build on the initial guide by helping forward-looking executives select appropriate
IT problems and potential cloud computing solutions, and make the move to public,
private or hybrid clouds.
1.1 YOUR BUSINESS
The great promise of cloud computing for many organisations is cost reduction, coupled
with increased flexibility and fewer IT maintenance headaches. In an era of austerity and
global financial crises, pay-as-you-go IT, which typically requires less capital expenditure
and fewer overheads, is a particularly attractive proposition for smaller businesses with
limited resources and uncertain futures. Significant capital expenditure on computing
hardware and software licenses involves large up-front costs and also increases an
organisation’s tax burden in the short term, whereas purchases of cloud computing
services are considered as operational expenditure – because the resources are rented
and no assets are accumulated – so these costs can be deducted directly from profits.
As for larger, established organisations, the financial benefits of public clouds may not be
so clear-cut. Sharing computing resources with others on a multi-tenanted system may not
be a viable option for regulatory reasons, but the cloud computing service model can be
replicated internally so that disparate departments can benefit from a shared resource pool
and be charged for the on-demand services they use.
For organisations compiling a case for cloud computing adoption some of the most
commonly cited business reasons include:
• Less time spent administering non-core commodity IT systems internally.
• Faster development and deployment of differentiating, customer-centric applications.
• Data storage and compute resources scale seamlessly with your business.
•Faster entry to new markets using cloud-based software delivery and content
distribution services, and online application marketplaces.
• Fewer hardware assets and software licenses to track.
Making the move to cloud computing
03
• Instant access to the latest version of cloud-based software with no upgrade costs.
• Mobile services, online collaboration and remote access supported ‘out of the box’.
But every organisation is different and not every cloud has a silver lining. Surveys
consistently reveal that data security and data privacy in public clouds are the primary
concerns for businesses but other common concerns include:
• The inherent dependency upon internet access.
• Finding reliable and viable cloud providers.
• The potential for vendor lock-in.
• Unexpected cloud service charges and internal costs.
• Contractual liability for services if service level agreements (SLAs) are missed.
1.2 YOUR DATA
There may be convincing operational advantages and financial incentives for processing
and storing your data in public clouds, but it is important to remember that data protection
and data privacy are your organisation’s responsibility. A customer could take you to court
if a security breach in your cloud provider’s systems leads to some of their sensitive data
being stolen. In the UK you may also be prosecuted by the Information Commissioner’s
Office using existing laws such as the Data Protection Act 1998, which allows them to
take action against offending organisations if any security breaches are shown to be due
to inadequate controls. In January 2012, to address directly the legal challenges presented
by cloud computing, the European Commission published a proposal to reform the EU’s
1995 data protection rules and strengthen online privacy rights with a single law that will
be implemented consistently across the EU over the next two years. So be careful which
data is stored in a third-party provider’s data centre and if they are hosting sensitive data
for you then ensure they have appropriate controls that have been tested and verified by
independent third parties.
1.3 YOUR PLANET
Aside from any direct benefits to your business that may come with cloud computing there
may also be environmental benefits. Whether your organisation has a formal Corporate
Social Responsibility (CSR) policy, or you simply prefer to choose the green option where
possible, then cloud computing is worth considering. If your organisation is so large
that it is subject to the UK Government’s Carbon Reduction Commitment (CRC) Energy
Efficiency Scheme then there is a financial incentive for being environmentally friendly too.
Firstly, on the IT front, sharing a pool of computing resources with other organisations or
internal departments is generally more energy efficient overall than multiple independent
systems in disparate data centres all doing similar things, especially if you can make do
without a data centre of your own. Though, as mentioned in Cloud computing: A guide for
business managers, this only becomes a significant issue where the business is operating a
very large data centre and moving a substantial portion of its work into the cloud.
Secondly, if cloud computing adoption makes remote working easier for your employees
then you can encourage more home working and less business travel. If those same
workers can make use of their own laptops and mobile devices to access your cloud-based
systems you can avoid buying as much hardware for your staff and perhaps make more
use of contractors so that you need less office space and your workforce can scale up and
down just like your cloud computing systems.
1.4 THE CLOUD ROADMAP
In the next four chapters this guide presents the following key stages in a journey to the
clouds:
• U
nderstanding the options – three service models and four deployment models are
described, along with twelve example adoption scenarios, supported by a number of
brief case studies.
• Identifying opportunities – from internal IT reviews, business reviews and legal
checks through to problem/opportunity selection and requirements gathering.
04
Making the move to cloud computing
• C
loudsourcing – risks and costs vary greatly and it is important to keep the ‘big
picture’ in mind whether you choose a private cloud or multiple public clouds.
• Implementation – test, deploy and monitor cloud-based systems, and make sure you
have an exit strategy.
The final chapter presents a six-step iterative process for cloud computing adoption based
on the above, which can be summarised as follows:
1. Familiarise yourself with the options for deploying cloud services.
2. Conduct relevant internal reviews of your people, processes, policies and IT capabilities.
3.Select appropriate opportunities for cloud computing keeping in mind your
organisation’s objectives.
4. Document prioritised requirements for named beneficiaries.
5. Find candidate cloud solutions and test them fairly and systematically.
6. Execute an implementation plan with an exit strategy.
1.5 CHECKLIST
Before you go any further consider the following questions on behalf of your organisation:
• What are your competitors and peers saying about cloud computing?
• Would you consider sharing resources in a public cloud?
• Is capital expenditure worth avoiding in these uncertain times?
• What responsibilities do you have in terms of data privacy and protection?
• Could cloud computing be a good CSR option?
• Would you consider allowing more home working?
CASE STUDY
When Richard Messik first set up RFM Associates two years ago, after many years as
a partner in a top 20 firm of chartered accountants, he was determined to have an
organisation that worked purely in the cloud, both for all of its internal procedures
and more importantly in its dealings with clients.
As a consequence, all of the applications and systems used in the company are
totally cloud based – from telephone to accounting; email to file storage. This means
that no IT infrastructure is required, the only requirement being that the team, who
all work from separate locations, have access to the internet.
One of the main benefits of this set-up is that all staff have access to the same
information at the same time, without the costly infrastructure required in a normal
on-premise server set-up. Backups and security are not a problem as this is all taken
care of by the relevant service provider and the systems and data are accessible on a
true 24/7 basis from anywhere, any time. For example, Richard always uses his iPad
when he is away from his desk and has access to all of his data and office systems.
This principal is also extended to working with clients. For example, when RFM
Associates was selected by PensionsFirst, a solution provider to the pensions industry,
to provide outsourced financial administration, they devised a cost effective and
efficient method of administering the weekly and monthly processes based on using
cloud technology for the transfer of information and data.
Security was a concern for the client. So, using the online accounting system
E-conomic, a process was set up whereby all data processing is accessible by client
and outsource team on a real time basis. Supplier invoices are scanned directly in
and linked to the transaction to which they relate, thus providing a permanent and
accessible audit trail. Both teams can review and discuss data and deal with any
amendments as required, without the need for time-consuming and often inefficient
file transfer protocols.
At end of year, the company’s auditors, one of the big four, are given access to
E-conomic so that the audit routines can be carried out.
Making the move to cloud computing
05
2 UNDERSTANDING THE OPTIONS
A widely accepted and freely available, formal definition of cloud computing is provided
by the National Institute of Standards and Technology (NIST) on behalf of the US
Department of Commerce, and it begins with the following statement:
‘Cloud computing is a model for enabling ubiquitous, convenient, on-demand network
access to a shared pool of configurable computing resources (eg, networks, servers,
storage, applications, and services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction.’
In less than two pages the NIST definition then goes on to define five essential
characteristics, three service models, and four deployment models of cloud computing.
It is clear then that ‘cloud computing’, even when formally defined, means many things
and there are many choices to be made.
2.1 SERVICE MODELS
According to the NIST the five essential characteristics of cloud computing are on-demand
self-service, broad network access, resource pooling, rapid elasticity and measured service;
and it is the measured, on-demand, self-service nature of cloud computing that makes
it a game changer. The three cloud computing service models are:
1.Software as a Service (SaaS) – ready-made online applications and software suites,
which are typically charged per user per month;
2.Platform as a Service (PaaS) – online tools and components for developing bespoke
applications, which can be charged by user, application, data storage and data
transfers;
3.Infrastructure as a Service (IaaS) – more fundamental computing resources such as
virtual servers, networks, data storage and data transfers often charged per unit
(eg, Gigabytes) of resource used on a pay-as-you-go basis.
Depending on the internal skills and particular requirements of your organisation you
could choose off-the-shelf SaaS, which requires negligible technical expertise but may tie
you to a vendor’s product; toolkit PaaS if you have non-standard processes that may be
reproduced online using standard parts in a managed development environment; or the
basic building blocks of IaaS which affords the most flexibility and control but also requires
the most in-house expertise.
2.2 DEPLOYMENT MODELS
The four deployment models of cloud computing are:
1.Public cloud – you share computing resources with other organisations, which may
include your competitors.
2.Community cloud – you share computing resources (and costs) with trusted
organisations that may have similar or related concerns to yours.
3.Private cloud – disparate departments and offices in your organisation benefit from
a shared pool of computing resources managed internally.
4.Hybrid cloud – a private cloud that can expand securely into a public cloud (or virtual
private cloud) when additional resources are required.
06
Making the move to cloud computing
Smaller organisations generally have limited resources and are unfettered by onerous
regulations so public clouds are the first port of call. Larger organisations, especially
those in highly regulated industries, will deploy private clouds if they require cloud-based
services and only use public clouds, perhaps in a hybrid cloud configuration, to store or
process non-sensitive data. Community clouds are generally the preserve of connected
communities like government bodies, scientific collaborations or charities.
2.3 ADOPTION SCENARIOS
Here are some examples of cloud computing adoption scenarios ranging from SaaS to IaaS:
•A start-up business can use a browser-based SaaS system to enable varying numbers
of employees and contractors to send company emails, share files and create
documents and presentations on any computer from anywhere.
•An established business that uses Microsoft Office templates and macros heavily,
along with one or more desktop software packages, can choose a cloud-based
Windows hosted desktop service so that remote workers can use the company’s
preferred tools in the same way as office-based workers.
•A business that takes on temporary staff for a brief but intensive sales campaign can
make good use of a SaaS Customer Relationship Management (CRM) system which
is charged per user per month, and they can configure it so that data exports by
non-staff are not permitted.
•If a company’s desktop software is obsolete and needs updated or replaced but their
PCs are too slow to run newer applications, then SaaS products, which are always kept
up to date and run in a browser, can increase the lifetime of their PCs.
•If you have security fears surrounding data stored on laptop computers taken out of
the office then you can either encrypt the data on the laptop and protect it with a
password or fingerprint recognition software or store the data in a SaaS application
and use two-factor authentication (a security approach where the two factors are
‘something you have’ and ‘something you know’ – a common example being the chip
and PIN card where the card is the physical item and the PIN is the number known
to the user).
•You can use a ready-made SaaS system or develop your own system using PaaS to
afford more effective online collaborations with partner organisations.
•If your staff would benefit from access to business data from their smart phones
when they are out of the office then most SaaS and PaaS products support such
devices, and many offer tools to integrate with external data sources and legacy
systems.
•If you plan to develop a software product and sell it online then you could choose a
PaaS system with its own marketplace for your application and other applications that
can be easily integrated with yours.
•If you merge your company with another that is based elsewhere in the country and
has systems and processes that are no better and no more modern than yours, then
moving everyone to a new cloud-based system (probably PaaS) is a good way to
connect your offices, integrate legacy systems, and bring everyone together to develop
new ways of working rather than risk alienation by choosing one old system over
another.
•If you are planning intensive but sporadic marketing campaigns that you fear may
overload your current web server then you could move it to an elastic public cloud
(IaaS) where its specifications can be manually or dynamically increased to deal with
temporary highs in web traffic.
•If you need to run a large and complex computer simulation that would drain
your own computing resources for a long time you can run it quickly instead on a
temporary, cloud-based (IaaS) compute grid and pay only for the resources you use.
•You can also make use of IaaS for disaster recovery by automatically backing-up your
IT systems, virtual machines and business data from your data centre as well as your
employees’ desktops.
Making the move to cloud computing
07
Surveys reveal that the most commonly used public cloud services in 2011 were remote
data storage and back-up solutions such as DropBox, while email and office applications
such as Google Apps were the most popular type of SaaS product. This was almost
certainly because of the low (or zero) cost associated with these services, especially for
small businesses, and the relative ease of deployment. However the number of businesses
paying for these ‘basic’ services and more complex SaaS products, which require a bit
more consideration, such as accounting, collaboration and payroll systems is on the rise.
2.4 CHECKLIST
There are numerous cloud computing options, not all of which will be appropriate to
every organisation, but here is a quick list to aid your decision process:
• Choose (SaaS) if you want ready-made online applications.
• Choose (PaaS) if you need customised applications to match your processes.
• C
hoose (IaaS) if you require complete control over your applications and the
underlying operating systems.
• C
hoose a community cloud, private cloud, hybrid cloud or no cloud for data and
processes that should not be stored in a public cloud.
CASE STUDY
For West Midlands-based accountancy firm, Prime Chartered Accountants, the
adoption of Xero online accounting software has delivered more than improvements
in efficiency. They see the cloud-based solution as being a key marketing tool and
something that helps to differentiate themselves from the competition.
Laurence Moore, Prime’s Chairman explains, ‘Xero is important from a marketing
perspective, it means that we have a lot more tools in our kitbag to go out and win
business. It’s a differentiation that has enabled us to develop new revenue streams.’
In these challenging times clients want accountants to be part of their team and
Moore believes that a cloud-based system allows this, ensuring that a higher level of
ongoing support can be provided. And getting close to a business means that the
accountant can be much more proactive in suggesting and selling new services.
One of the strengths of the cloud-based approach is the ready availability of
specialist apps and Prime have made extensive use of these, including WorkflowMax,
an online job, time and invoice management solution and Unleashed, an online
inventory management product.
Another strength is that the cloud model enables businesses to be much more
mobile. So, for example, a sole practitioner can keep up with their bookkeeping
while staying overnight in a B&B. Equally, the location of the client is no longer an
inhibiting factor, and indeed Prime have a number of overseas clients.
So successful has the company been in their use of Xero that they are now a gold
partner and have around 140 clients using the software. This has given them a
clear view of the key success factors in implementing an online accounting solution.
And Moore firmly believes that it’s crucial ‘somebody at the top needs to buy into
the idea’.
Ultimately, of course, it’s about providing the client with a better service.
08
Making the move to cloud computing
3 IDENTIFYING OPPORTUNITIES
Understanding what cloud computing is and what you can do with it is a good start,
but before you begin searching for a cloud provider it would be wise to conduct internal
reviews. And unless you have an obvious requirement for operational expenditure on IT
systems that scale up and down with usage or user numbers, or new cloud-based software
that can be accessed remotely and will enable your users to be more productive and less
reliant on internal IT staff, then you need to find an appropriate ‘problem’ to solve, an
opportunity for positive change in your organisation.
In the following sections there are suggested activities for internal IT and business reviews,
but you may also choose to augment your in-house resources and analytical capabilities
with external expertise where necessary.
3.1 INTERNAL IT REVIEW
One common temptation that faces executives is to bypass their IT department and
adopt an external cloud computing service because it is so easy to do and may seem
good value for money. However, such an approach also means bypassing established
information governance policies and processes, and potentially exposing your organisation
to undue risk. It is clear, therefore, that your IT department needs to be heavily involved
in your research into cloud computing, even if the end result may involve changes to job
descriptions or even job cuts.
Your IT department can help you modify policies governing internal information controls
so they can encompass external systems. With cloud computing in mind, you can request
detailed answers to the following questions about your current IT set-up:
• Is there a tried and tested disaster recovery plan in place?
• Do key systems have sufficient redundancy and failover mechanisms?
• Can staff work effectively from home or on the move if necessary?
• How quickly can new servers be procured, configured and deployed?
•How quickly can new software packages and updates to existing software packages be
deployed to users?
• What are the core functions of the IT department and what services do they provide?
If you have time for a more thorough audit of your current IT systems you can also
document the following:
• Hardware specifications.
• Key functionality of software currently employed.
• Upgrade costs for hardware and software assets.
• User details, including the assets they use and their physical locations.
• Technical support and hardware maintenance requirements, and associated costs.
• Data storage requirements, including offline storage on PCs.
• Internet connectivity and usage.
• Key technical people, their responsibilities and expertise.
The information and understanding you glean from an internal IT review will certainly help
you gauge the true value and cost of a cloud-based solution and whether your current
systems are fit for purpose.
Making the move to cloud computing
09
3.2 INTERNAL BUSINESS REVIEW
Another common temptation is to forget about the big picture and choose a particular
cloud computing service because it solves one obvious problem and seemingly saves you
money. However, such an approach risks overlooking more important issues and missing
something potentially transformative. Small businesses usually have business plans, while
large organisations constantly review their mission, their targets and their objectives; but
paradigm shifts are possible if you make fundamental changes to the way you do things.
Here are some high-level suggestions for an internal business review, which you may
already have performed (the word ‘staff’ refers to employees and regular contractors):
•Document all tasks your staff (including IT staff) perform on a day-to-day basis, any IT
systems they use as part of the process, and measure how much time (and therefore
internal cost – depending on salaries and computing resources) they spend on each.
•Taking each department in turn, engage with staff to determine which tasks and which
systems are the most valuable in terms of meeting your organisation’s objectives or
generating revenue.
•Request suggestions from staff on how more time can be freed up for the most
valuable tasks.
•Ask your customers where you are succeeding and failing to deliver good and timely
service, and find out which methods of communication and interaction they prefer.
•Document processes and practices, referring to those tasks identified and timed earlier,
and identify any expensive bottlenecks.
•Look again at your business objectives and see if any improvements in working
practices or processes could help you meet them.
Conducting an internal review with people and processes in mind may reveal problems
for which cloud computing is not the best solution. This is a useful result in itself, but your
findings may also suggest implementations you would otherwise not have considered.
Even if a reduction in staff numbers is on your agenda it is important to involve employees
in an internal review like the one sketched out above. There is often resistance to change
but introducing change without consultation is rarely a good idea.
3.3 LEGAL CHECKS
You will, of course, need to involve your legal team if your organisation is subject to
industry regulations or you have data protection responsibilities. You should also get legal
advice if staff reductions may result from cloud computing adoption. Although procuring
cloud services is not the same as traditional outsourcing because of the automation
involved, there is a small chance you could face financial exposure from staff claiming
unfair dismissal under the UK’s Transfer of Undertakings, Protection of Employment (TUPE)
regulations. A successful claim would depend on whether the affected employees can
be clearly identified as performing the same service that is being provided by the cloud
provider.
3.4 OPPORTUNITY SELECTION
After conducting an internal review you may identify particular operations or processes
that could potentially be done better using a cloud-based system. There may be one
standout problem with a genuine business case that clearly needs to be resolved quickly,
or there may be a group of tasks that can be performed better with cloud computing.
If you have separate and unconnected opportunities for change competing for your
attention it is probably better to concentrate your initial efforts on one that saves you
money or improves customer service and is the easiest to implement. A quick win will
justify all the effort you have put in thus far. You may, however, prefer to select a problem
or opportunity with the lowest risk involved if you are considering a public cloud. In this
case you should choose a solution that involves non-sensitive data and applications that
are not business critical.
10
Making the move to cloud computing
3.5 REQUIREMENTS GATHERING
As with any IT project you should work with relevant staff and other stakeholders to put
together a prioritised list of measurable and testable requirements for key features and
functionality. Insist formally that beneficiaries of each function or feature sign off on a
clear description of what it is and why it is needed. This will enable you to compare cloud
services effectively against agreed criteria and be less swayed by any other technical ‘bells
and whistles’ that may not be needed.
3.6 CHECKLIST
•Review your current information governance policies and processes with cloud
computing in mind.
• Take stock of your current IT costs and capabilities.
• Engage openly with employees and customers.
• Perform necessary legal checks, including TUPE.
•Find genuine problems/opportunities with a clear business case for solving/realising via
cloud technologies.
•Select an urgent problem, a quick win or a low risk solution.
• Create requirements documentation with key stakeholders.
CASE STUDY
The integration of cloud-based accounting packages with other business applications
can deliver significant benefits. White Springs is a small company with 25 employees
that develops software to support sales teams.
The company implemented FinancialForce Accounting which now runs seamlessly
alongside Salesforce CRM software. This combination provides a number of benefits,
not least the fact that both sales and finance can see which customers have been
billed, what they have been billed for and what has been collected. Previously, those
responsible for debt collection had been running in isolation from the rest of the
business. Now they can see opportunities in the pipeline and support cases that
might influence a customer’s willingness to settle up.
Gary White, the CEO of White Springs explained that they are also seeing some
significant time savings. ‘As a SaaS company, we usually receive customer contracts
at the start of the year. Rather than accounting for revenue over 12 months, we
are required to account monthly, something we were doing manually before
implementing the cloud-based accounting solution. Now that we don’t have to
manage a deferred revenue spreadsheet, we can rely on the information in the
monthly management reports, they are quick and easy to produce, and we have no
spreadsheets to worry about outside of the system.’
‘Our accounting team has saved at least 20% of the time that was spent posting
invoices manually. It’s all automated, from an opportunity being closed in the
CRM system to an invoice going out from the accounts system. Preparation of the
monthly management accounts takes only one day now instead of two. These
savings are significant for a business like ours.‘
Making the move to cloud computing
11
4 CLOUDSOURCING
Before you proceed to build your own private cloud or move to a public cloud you can
begin ruling out some potential providers, armed with the knowledge of what risks and
costs are acceptable to your organisation.
4.1 MULTIPLE CHOICE
The previous chapter stressed the importance of understanding your existing systems,
data, processes, policies, people and problems, before you actively consider cloud
computing. The bigger your organisation is and the more systems you have then the more
planning and consideration a migration involves. There is usually no one-stop shop where
you can find a single integrated system that does everything you need – no cloud-based
panacea – so most cloud consumers end up using multiple cloud services. Therefore, not
only do you need to ensure that your remaining internal systems are integrated with any
cloud-based systems you choose, you also need to ensure that your cloud-based systems
afford integration with each other where necessary. Now, cloud computing by its nature
is service-based and application programming interfaces (APIs) are provided that enable
software applications to access the services of other software applications. So it is up to
you and your IT team/consultant to select the cloud-based systems that most easily fit
into the underlying structure which supports communications between such services
(commonly referred to as a service oriented architecture) for your organisation.
4.2 RISK MITIGATION
Here is a list of common cloud computing risks and some suggestions on how to
overcome them:
•Internal security breaches – through user account management processes and security
technologies such as two-factor authentication and single sign-on.
•Internal resistance from staff – avoided through consultation, engagement and
involvement.
•Cloud security breaches – by ensuring your provider has adequate controls verified
by a reputable third party.
• Data protection litigation – by storing only non-sensitive data in public clouds.
•System outages – by only using cloud-based applications that are not business-critical.
• Data loss – by backing-up your data to another provider’s cloud.
•Vendor lock-in – by adopting clouds that utilise open standards and support
interoperability and data migrations.
•Vendor failure – by thoroughly researching your provider and monitoring their
progress.
4.3 VENDOR SELECTION
In Appendix B you can find a list of cloud provider directories. Every cloud service you
consider, including private and hybrid clouds, should be judged in the same way, and in
this section are listed some example selection criteria under four categories that may help
you decide.
Firstly, in terms of their processes and practices, does the cloud provider:
• Have systems that satisfy your internal requirements for governance and compliance?
12
Making the move to cloud computing
•Follow any industry best practices for IT service management, such as the Information
Technology Infrastructure Library (ITIL)?
•Have independently audited internal controls of IT systems and processes to ISAE 3402
(successor to SAS 70) specifications?
• Have ISO 27001 certification for their information security management system?
• Have favourable independent and verifiable online reviews and client endorsements?
Secondly, even if providers are certified, data protection is your responsibility so it is
important to have a formal agreement that contains specific answers to the following
issues:
• Your ownership of your data.
•Where your data and backups are stored geographically and where the provider is
based, whether the host countries subscribe to international Safe Harbor privacy
principles, and whether those countries or the provider’s home country have laws in
place that can override Safe Harbor agreements, such as the Patriot Act, which allows
the US government to access and copy any data stored by an American cloud provider,
even if they are stored outside the USA.
• How the data centres are secured physically.
•Who, including system administrators, has access to your data, how are they vetted
and how data access is controlled and logged.
•What happens to your data if a service agreement is terminated or if the provider’s
business fails.
•Controlled facilities for making automated and authorised backups to other clouds,
including private clouds.
• Flexible data retention facilities for regulatory purposes.
•Their standard procedures for responding to government inquiries and legal
investigations of their customers’ data, and the costs to be incurred by individual
customers being investigated;
•Assurance that your data will not be compromised or seized if another customer
of theirs is being investigated.
• The provider’s disaster recovery plan.
•How your data is stored, backed-up, encrypted and kept separate from other
organisations’ data in the cloud.
• How and when security tests are performed, especially during service updates.
Thirdly, regarding continuity of service, find out from your provider:
• What is the notice time, frequency and duration of scheduled downtime.
• How they define complete and partial service outages.
• How they measure and report on downtime and outage severity.
• How customers report service problems.
• How customers are compensated for outages.
• How much downtime they have had in the past.
And, finally, on quality of service (QoS), your provider should be able to answer the
following questions:
• How quickly are additional resources allocated to over-loaded virtual servers?
• How fast is the automated failover?
•What monitoring tools and QoS metrics are used by the provider and which of these,
if any, are made available to customers?
Making the move to cloud computing
13
4.4 COSTING CLOUDS
The features, functionality and service levels of one or more public clouds may seem to
meet your needs but be sure to understand your potential providers’ pricing models and
try to forecast as accurately as possible your service consumption before you proceed to
testing and implementation. In particular you should find out:
• What computing resources are chargeable and how much do they cost per unit?
• Are there any set-up costs, minimum monthly charges or minimum contract lengths?
• What notice period is given of price changes and service levels?
•Are there additional operational costs for user support, third-party services, software
licenses, operating system licenses or anything else?
•And are there any additional charges for retrieving and transferring data on
terminating an agreement?
As well as the recurring and varying service consumption charges there are, of
course, other costs associated with cloud computing adoption. Larger organisations,
especially, will incur significant internal costs due to the necessary involvement of
their IT departments and legal teams, as well as the costs associated with training and
documentation if a new IT system is to be implemented.
4.5 DO IT YOURSELF – PRIVATE CLOUDS
If the total long-term cost associated with public cloud usage is too large, or the service
levels are unacceptable and not negotiable, but you have a genuine requirement for
cloud computing in the form of Infrastructure as a Service, then private clouds may be
more suitable for your organisation; but you still have decisions to make and questions to
ask. You could, for example, invest in an integrated package of consultancy, computing,
network, storage, and management capabilities from IT powerhouses like VCE (VMware,
Cisco and EMC) or a VCE partner. At the other extreme you could repurpose your existing
hardware and set up a private cloud yourself. There are now numerous cloud operating
systems to choose from – some proprietary and some open source – but not all of them
include metering technology for internal billing. Microsoft, VMware and other major
software vendors offer proprietary private cloud operating systems with varying levels of
interoperability and open APIs, while popular open source private cloud offerings include
Eucalyptus, OpenStack and OpenNebula. And you also have the option of procuring a
managed private cloud or virtual private cloud from Amazon, Rackspace and others.
4.6 CHECKLIST
F or the particular business application or applications that you are considering for your
organisation, candidate public and private cloud services should have:
•Acceptable levels of downtime, performance and security for the relevant business
application.
• Adequate security controls, service level agreements and monitoring capabilities.
•Affordable total monthly service costs for your maximum expected usage in the long
term.
The cloud services should also:
•Satisfy your organisation’s IT service management, data protection and industry
compliance requirements.
•Integrate easily with your favourite desktop software, internal systems and other cloud
services.
• Fit well with your development platforms and programming languages.
•Preferably be interoperable and afford easy extraction and migration of data in a
structured form where meaning is preserved.
14
Making the move to cloud computing
CASE STUDY
Cost saving is one of the benefits frequently cited for cloud computing and this
was certainly the case for BLUW. The company, which specialises in the design and
manufacture of fun novelty gadgets has a head office in London with other locations
in New York and Hong Kong.
This young business had experienced major growth, which led to the following
challenges of operating across three continents and different time zones:
•Conventional ‘on-premise’ IT infrastructure, having a centralised server running
on UK GMT time without 24 hour support meant occasional complete working
days being lost due to not having access to centrally held data.
•Customer management information was managed locally in each country with
overlaps occurring between the Hong Kong-based merchandising and UK-based
sales team.
• Accounting systems were diverse and restricted to financial operations only.
•Cash management and forecasting was extremely challenging due to
miscommunication as a consequence of the lack of a centralised system.
•Production planning and product development were also becoming extremely
difficult with localised data and lack of accountability.
A single solution was provided by NetSuite OneWorld. Ian Harkin, the Financial
Director says ‘Having everything operating on a single platform is highly efficient.
Our online stores, outsourced warehousing facilities, delivery and dispatch system,
and shipping are fully integrated with UPS and our payment processing with PayPal,
dramatically reducing investment on overhead.’ The system is expected to support
planned growth from the current third year turnover of £2.7m to £5m, £10m, £20m
and beyond.
In terms of cost savings, Harkin confirms that the company has saved in excess of
£50,000 in computer hardware and infrastructure alone and at least as much again
in salaries and fees for IT maintenance and support. He concludes ‘It makes no
commercial sense for BLUW to own computer equipment.’
Making the move to cloud computing
15
5 IMPLEMENTATION
Once you have selected one or more candidate clouds that seem to meet your organisation’s
documented requirements it is time to test them thoroughly, adopt the best one(s), and
implement a project plan with an exit strategy.
5.1 USABILITY AND PERFORMANCE
Before you test the performance of external cloud services you should test your local
internet connections (packet transmission speed, packet loss and network latency)
from your offices during peak times over a period of days. You can also benchmark the
performance of any business applications that you are migrating to a cloud or replacing
with a cloud service by measuring response times and timing key activities. If you have the
in-house expertise you may find it useful to test applications on your own virtual servers,
varying the memory and processor speed to find the baseline specifications required for
acceptable performance on your local network. Armed with benchmarks and baselines
you can then test systematically those cloud services with the ‘must have’ features and
functionality you agreed with stakeholders.
For SaaS ask a sample of open minded, affected users to test candidate SaaS applications
by performing the same standard tasks on each system alongside an impartial trained
observer whose job it is to document the user’s experiences, time tasks and record the
difficulty ratings for each task. If you have a number of testers, which may include yourself,
you can vary the order in which rival SaaS systems are tested to make the tests even fairer.
Ask the users which SaaS application they prefer, why they prefer it, and how it compares
to the system they currently use, if any; and you may find it instructive to repeat the tests
with the same users to see if their experiences improve as they learn. One system may
turn out to be the most easy to use, which is a key consideration.
For PaaS ask your developers to test candidate PaaS systems by creating in each a basic
database-driven software application to perform the same prescribed task, which may
be one they are familiar with in your organisation. For each platform the developer can
document their specific experiences and general impressions using a set of standard
forms, and they can record the time it took to develop the test application. On the forms
they can describe and rate the quality of, for example, online documentation, feature sets,
ease of use, and response times. Which do they prefer and why?
For IaaS the tests may include the self-service creation and destruction of, for example,
virtual servers and server farms; data transfers and firewall tests. As with SaaS and PaaS,
usability, online documentation quality and user preferences are also important factors to
record and consider. The important thing is to test each cloud service in the same way and
document the results.
Another important criterion for candidate cloud services is that they perform well over
any reasonable internet connection, so send some of your staff home early on the
condition that they quickly run through a subset of tests for the relevant SaaS, PaaS or IaaS
systems being considered, taking particular note of response times. Finally, a good test of
candidate cloud providers is to send them the same technical support question – even if
you know the answer – and record the speed and quality of the reply. If all else is equal
then this simple test could make the decision for you.
16
Making the move to cloud computing
5.2 DEPLOYMENT
A cloud implementation plan, like the plan for any major IT project, should include
relevant details of why, who, what, where, when and how much:
• Why is the project happening – business drivers and objectives?
•Who are the named executive sponsors, project management team members, project
delivery team members and affected users?
•What are the guiding principles, governance constraints, specific requirements, risks,
deliverables and key success metrics?
•Where (in an organisation with multiple sites) will the new systems be rolled out to if it
is a pilot project?
• When will stakeholder engagements and other scheduled activities occur?
•How much will it cost in terms of internal resources – person hours, infrastructure,
hardware and connectivity?
An implementation plan should also include full details, estimated costs and schedules
for user training and documentation; data migration; customisation and integration with
other systems. Provision should be made for parallel running of old and new systems and
a rollback (exit) plan, if required. And although performance testing, user testing and
security testing may have already occurred (see previous section) it should probably be
included in this plan, too, or in a separate project plan.
Depending on your favoured project management methods your implementation plan
may include a rigid functional specification to ensure there is no feature creep; or it may
describe an agile approach where key project team members are involved at key stages
to find the best solution rather than the solution initially envisaged. In any case regular
communication with stakeholders will increase the chances of your new cloud-based
systems being successfully rolled out to willing users.
5.3 EXIT STRATEGY
Even if you follow all the steps in this guide you may find that a cloud service does not
work out for your organisation. If you consider this to be a genuine risk you should prepare
an exit strategy. The implementation plan described above suggested that provision be
made for parallel running of old and new systems which you can do manually through
double entry or, preferably, by integrating the systems to keep the old one automatically
synchronised with the new one in case you need to roll back. Always be prepared to make
a quick exit because at some point you may decide to move to another cloud (public or
private) or you may simply need to extract your data in a structured form because, for
example, your business is closing down. Make sure this is possible and build your cloud
exit strategy into your implementation plan and disaster recovery plan and test it!
5.4 MONITORING
At the cloud sourcing stage you may have selected a vendor that provides service level
monitoring tools but you can augment these tools with your own. Your IT department can
monitor the performance and availability of applications and systems running within IaaS
clouds, while automated tools are available from third parties for automatically testing and
timing transactions in web applications so you can be made aware of any interruptions in
service or dips in performance. And it is also helpful to monitor usage patterns in any new
cloud-based systems you roll out to ensure that they are being used.
5.5 CHECKLIST
• Get relevant users to test candidate clouds in a fair and systematic way.
• Put together a detailed implementation plan with a tried and tested exit strategy.
• Continually monitor your cloud services after deployment.
Making the move to cloud computing
17
CASE STUDY 1
An Australian accounting firm, Five Ways Chartered Accountants, uses multiple
cloud services and no desktop accounting packages at all. They consistently use the
following three SaaS products, which enable them to work completely online:
•Xero Accounting – to access their clients’ up-to-date financial information, which
affords closer engagement and has reduced their time spent on compliance work
by almost 50%.
•Batchbook Social CRM – to keep all contact information, email discussions and
social media interactions for their clients in one place.
•Box.net – to manage all documents online including standard documents, letters
and client documents, and enable particular documents and folders to be shared
securely by clients and appropriate staff.
This focus on a particular set of cloud services means that they have a single effective
way of working with their clients, which is completely cloud-based. Paul Meissner,
Director of Five Ways, had this to say: ‘Overall the move to the cloud has made our
client service more efficient, cut our overheads and made us more profitable’.
CASE STUDY 2
South West-based accountancy practice Glover Stanbury & Co took the decision to
move all of their IT systems into the cloud in June 2011, opting for hosted servers
rather than the office-based servers they had relied on previously.
It’s a decision that has already paid dividends according to Kevin Salter a partner in
the practice, who said ‘The move to the cloud has been a great success and, indeed,
works even better than we had anticipated.’
The firm, incorporating six partners and 30 staff, uses a variety of software ranging
from Microsoft Office and Exchange Server for emails through to SaaS products
such as Google Docs, DocSAFE (a secure online means of sharing and storing client
documentation) and Xero and Liberty accounts packages.
Some of the benefits achieved include:
•Software standardisation – all staff use the same versions of software together
with a common operating system platform, compared to the array of versions
that existed previously.
•The ability to work from anywhere has been invaluable, both in terms of allowing
staff to work from home or between offices when necessary and also providing
access to all software while on client sites.
•Cost savings – the hosted server costs over a five-year period are comparable
with those incurred for the earlier office-based system, however the real benefits
lie in the significant savings on time previously spent supporting the day-to-day
operation of in-house servers.
•Closer integration between the firm’s two sites, located 10 miles apart, as single
database solutions have been implemented for tax, accounts and document
management systems.
And along the way there have been some valuable lessons learned:
•Prior to migrating to the cloud make a list of the software you intend to use
and prioritise it, so that the most business-critical applications are available
immediately.
•Use the move to the cloud to have a tidy up of existing files on servers, and
review ongoing procedures and methods with regard to file saving generally.
•Keep one in-house server available on stand-by, as there will almost certainly be
the odd occasion when there’s a requirement for that ‘urgent file’ which hasn’t
been moved across to the hosted service.
The success of the move was reinforced by Salter who, when asked if the firm would
consider going back to putting servers in-house, replied ‘Definitely not!’
18
Making the move to cloud computing
6 KEEPING YOUR HEAD IN THE CLOUDS
Many organisations, including most famously the US Federal Government, have instituted
a ‘cloud first’ policy, and the UK Government, which has been criticised for being a bit
slow off the mark, is also planning a ‘shift towards cloud computing’ with a target of at
least 50% of Whitehall’s IT services running in the cloud by 2015. Mirroring this difference,
UK organisations tend to take a more cautious and sceptical approach to cloud computing
adoption than their American counterparts. There are certainly significant risks and ‘big
pictures’ to consider, which this guide attests to, and caution is understandable, but
fortune can also favour brave cloud pioneers.
6.1 SUMMARY
This guide has described a measured approach to cloud computing adoption which can
be summarised in a six step process as follows:
1. Familiarise yourself with the options for deploying cloud services.
2.Conduct relevant internal reviews of your people, processes, policies and IT capabilities
– keeping in mind your organisation’s objectives.
3.Select appropriate opportunities for cloud computing.
4. Document prioritised requirements for named beneficiaries.
5. Find candidate cloud solutions and test them fairly and systematically.
6. Execute an implementation plan with an exit strategy.
This process is, of course, an iterative one. Once you have completed one successful
cloud implementation project you can return to step 3 to choose the next problem or
improvement, and when you have run out of problems and improvements you can return
to step 2 and review or repeat your internal reviews, and so on. If you represent a large
organisation planning to migrate numerous virtual servers and applications to the cloud
you could follow the steps in a Cloud computing maturity model such as the model
developed by GTSI (a provider of technology solutions and professionals services to the
public sector in the US) that is preferred by the US Government.
6.2 CONCLUDING REMARKS
After reading this guide you may have come to the conclusion that cloud computing
sounds like more trouble than it is worth, which is generally not the case. According to
the Cloud Industry Forum, 96% of the UK organisations they surveyed that have already
adopted cloud computing in some form are happy with their cloud services. Therefore,
as long as you choose your cloud or clouds with care, perhaps taking a hybrid approach
or beginning with low risk data and applications, and have a strong business case to
build on, there is a good chance your organisation will reap significant rewards. For large
organisations it may be an initially slow and painful process moving to the cloud but once
there they should find that change becomes easier and they can deploy new business
applications and processes with lightning speed!
Making the move to cloud computing
19
APPENDIX A: GLOSSARY
API (Application Programming Interface) – an interface implemented within a software
application that enables other software applications to access some of its services.
Cloud – a pool of configurable computing resources on the Internet.
Cloud computing – a model for enabling convenient, on-demand network access to a
cloud that can be rapidly provisioned and released with minimal management effort or
service provider interaction.
Cloud portability – the facility for moving data or applications from one cloud to another.
Cloud provider – a supplier of cloud computing services to multiple customers using the
same multi-tenanted infrastructure.
Cloud services – see service models.
Cloudsourcing – finding and selecting a set of cloud services for your organisation from
one or more cloud providers.
Community cloud – a cloud shared by a particular community of organisations with
common interests or data protection concerns.
Compute grid – a collection of computers on which compute-intensive batch applications
are run in parallel.
Consumption-based pricing – the pricing model whereby customers are charged only
for the discreet cloud computing resources they consume (compare with subscriptionbased pricing).
Deployment models – public cloud, community cloud, private cloud and hybrid cloud
(according to the NIST definition).
Elastic computing – see rapid elasticity.
Essential characteristics – on-demand self-service, broad network access, resource
pooling, rapid elasticity and measured service (according to the NIST definition).
External cloud – a public cloud or community cloud provided by a cloud provider.
Failover – the automatic capability to switch an IT service to a redundant or standby
computer server, system, or network upon failure or abnormal termination of the service.
Hosted desktop – a fully interactive view of a virtual computer desktop (usually Microsoft
Windows) that is hosted in a public cloud and provides the user with remote access to
their organisation’s data and software applications.
Hybrid cloud – a private cloud linked to a public cloud.
IaaS – see Infrastructure as a Service.
Information governance – an organisation’s policies, procedures, processes and controls
for information management.
Infrastructure as a Service – the service model that includes virtual machines, data
storage, processing power, bandwidth and networking resources.
Internal cloud – see private cloud.
ITIL – the Information Technology Infrastructure Library, a widely adopted set of best
practices for the management and provision of IT services.
Multi-tenanted system – a system shared by multiple organisations and users (an
essential characteristic).
Network latency – delays in application response time as data travels over a network
through intermediate devices.
NIST definition – the definition of cloud computing published by the National Institute
for Standards and Technology (NIST).
20
Making the move to cloud computing
On-demand computing – the immediate availability of online computing resources upon
request (an essential characteristic).
PaaS – see Platform as a Service.
Patriot Act – a statute passed into law by the United States Government in 2001 that enables
law enforcement agencies in the United States to search telephone, e-mail communications,
business records, and other records for suspected links to terrorism – without a court order.
Pay-per-use (or Pay-as-you-go) – the payment model whereby customers pay only for
the cloud computing resources they use and avoid capital investment in software and
hardware (see consumption-based pricing and subscription-based pricing).
Platform as a Service – the service model that enables software developers to quickly
create and develop scalable, database-driven web applications.
Private cloud – the deployment model where cloud services are provided internally by
organisations.
Public cloud – the deployment model where cloud services are provided by a cloud
provider.
Rapid elasticity – the availability of computing resources that can expand and contract on
demand (see essential characteristics).
SaaS – see Software as a Service.
Safe Harbor agreement – a set of data protection principles approved by the European
Union, the United States of America and numerous other countries.
Self-service – the capability for organisations to consume cloud services under a pay-peruse model without communicating with the cloud provider.
SLA (service level agreement) – a contractual agreement with a service provider that
defines the level of service they will provide, including guarantees of availability and
performance.
Service models – SaaS, PaaS and IaaS in the NIST definition.
Service Oriented Architecture – a set of principles and methodologies for designing and
developing software in the form of interoperable services that represent distinct business
functionalities.
Service provider – see cloud provider.
Single sign-on – the ability to log on to multiple IT services simultaneously using a single
user name and password pair at one entry point.
Software as a Service – the service model by which ready-made software applications
and software suites are provided online.
Subscription-based pricing – the pricing model whereby customers pay to use cloud
services for a set period of time (compare with consumption-based pricing).
Two-factor authentication – the combination of an additional hardware or software
method and regular login credentials (user name and password) to uniquely identify a user
when they log on to a computer system.
Vendor lock-in – the restrictive commercial ties created between customer and provider
in the absence of cloud portability.
Virtualisation – the software methods that enable multiple virtual computing resources to
run on a single hardware platform.
Virtualised – see virtualisation.
Virtual machine – virtualised computer hardware that executes programs like a physical
computer.
Virtual private cloud – an isolated private cloud running within a public cloud infrastructure.
Virtual server – a virtual machine used as a computer server.
Web services – the standard internet communication protocols that are used to pass data
to and from cloud services.
Making the move to cloud computing
21
APPENDIX B: FURTHER INFORMATION
In this guide various surveys, supplier directories and other resources are cited, all of which
are referenced below.
ICAEW IT Faculty publications
Simon Bisson (2007), An Introduction to Software as a Service.
Lesley Meall (2010), Online Accounting Software Product Guide.
Barnaby Page (2011), Cloud Computing – A Guide for Business Managers.
ICAEW IT Counts online community
www.ion.icaew.com/itcounts
CIO Global Cloud Computing: Adoption Survey Result
PDF from VMWare
http://tinyurl.com/7yug2wx
Cloud First Buyer’s Guide: Resources
Various links selected for the US Government
http://tinyurl.com/6ob6u56
Cloud Provider Directories
• CloudBook: www.cloudbook.net/
• Cloud Directory (UK): www.clouddir.co.uk/
• Cloud Industry Forum (UK): www.cloudindustryforum.org/
• CloudTweaks: www.cloudtweaks.com/cloud-vendors/
• GetApp: www.getapp.com/
•SaaS Directory: www.saasdir.com/
•SaaS Showplace: www.saas-showplace.com/
Cloud UK Paper one: Adoption and Trends 2011
PDF from the Cloud Industry Forum
http://tinyurl.com/3f3dqba
Government ICT Strategy
PDF from the UK Cabinet Office
http://tinyurl.com/8x9qmda
GTSI Cloud Computing Maturity Model
A PDF white paper from GTSI
http://tinyurl.com/7btxrfv
22
Making the move to cloud computing
Make IT Green: Cloud Computing and its Contribution to Climate Change
PDF report from Greenpeace
http://tinyurl.com/87mzvr7
NIST Definition of Cloud Computing (final)
PDF from US National Institute of Standards and Technology
http://tinyurl.com/3cwq47r
Open Cloud Resources
A list of open cloud systems (see also the Open Cloud Manifesto at www.
opencloudmanifesto.org/)
• Cloud Foundry (PaaS): www.cloudfoundry.org/
• Eucalyptus: www.eucalyptus.com/
• Openstack: www.openstack.org/
• OpenNebula: www.opennebula.org/
Other
Dr Mark I. Williams (2010), A Quick Start Guide to Cloud Computing, London: Kogan Page.
Making the move to cloud computing
23
ABOUT THE AUTHOR
Dr Mark I. Williams began his postgraduate career in 1992 at CERN, birthplace of the
World Wide Web, before switching to a similar facility (SLAC) in California in 1998, where
he managed a major intranet redevelopment project. Mark formed his first company,
Surfability, in 2000 with the help of an Enterprise Fellowship award from The Royal
Society of Edinburgh, followed by a DTI SMART award. A partnership with an early cloud
computing provider, Extrasys, four years later led eventually to Mark running that business
for NG Bailey before helping to sell it on again in 2009. Mark’s current venture is Muon
Consulting and he blogs at http://blog.muoncloud.com. He has chaired sessions at the
annual Cloud Computing World Forum in 2010 and 2011 and is the author of A Quick
Start Guide to Cloud Computing, which was published by Kogan Page in 2010.
24
Making the move to cloud computing
ICAEW is a founder member of the Global Accounting Alliance, which
represents around 775,000 of the world’s leading professional accountants
in over 165 countries around the globe, to promote quality services, share
information and collaborate on important international issues.
ICAEW is a professional membership organisation, supporting over
138,000 chartered accountants around the world. Through our technical
knowledge, skills and expertise, we provide insight and leadership to the
global accountancy and finance profession.
Our members provide financial knowledge and guidance based on the
highest professional, technical and ethical standards. We develop and
support individuals, organisations and communities to help them achieve
long-term, sustainable economic value.
Because of us, people can do business with confidence.
ICAEW
IT Faculty
Chartered Accountants’ Hall
Moorgate Place
London EC2R 6EA UK
T +44 (0)20 7920 8646
F +44 (0)20 7920 8780
E [email protected]
icaew.com/itfac
linkedin.com – find icaew
twitter.com/icaew_ITFaculty
facebook.com/icaew
£25.00
TECPLM11197 03/12