Security is the main obstacle between private and hybrid clouds, at least for now. As cloud security tools and services mature, this obstacle should fade. For now, though, once you figure out how you will secure an environment where resources are potentially available to everyone in the organization, it’s not that easy to expose them further into public clouds where your security tools don’t fit.
“It is certainly possible to move from a private cloud to a hybrid cloud, but in order to do this successfully you must design the private cloud assuming you will eventually move to the public cloud so that you have security in place that can span both,” Rand Wacker of CloudPassage said. “You can’t use technology that only works in the private cloud.”
Eventually, this will sort itself out, but that will take time. Security will be an add-on service offered by pretty much every public cloud provider. And in on-premise environments, security will adapt. More of it will be decoupled from the underlying hardware, making it more portable.
As the cloud matures and as security risks become more challenging, I believe more organizations will consume security as a service, rather than dropping ever more into their networks. Once security as a service is mature and manageable, security won’t be what stops you from expanding your private clouds to take advantage of public-cloud resources. That’s vision is still years away, though, so it’s important to resists the temptation to believe cloud vendors when they paint a picture of an idealized cloud world.
In an ideal cloud world, security challenges are simple, and it’ll be easy to move between private and public resources. In the real world, this stuff is ridiculously complex.
Unless you’re an IT Luddite, the cloud will not cost you your job. Of course, just as many IT folks hope that the cloud will help them keep their jobs. Both worries are misplaced. The thing to realize is that the cloud is changing the role of IT, but so is mobility, and so is social media, and so will something else tomorrow. Half of IT’s job, maybe more, is managing change, so this should be a challenge you can navigate.
What the cloud and all of these other trends mean to IT is that the skills that are necessary today may well be automated out of existence tomorrow. IT’s role won’t disappear, nor will it necessarily grow, but it will definitely be different.
“IT needs more business savvy than ever before. Many cloud decisions are economic ones. That’s how you’ll judge one application over another, or how you’ll decide whether to use a private versus a public cloud,” Lamorena said.
In the past, it was important to retain some crotchety old IT vets who knew how to fix ancient custom applications when they broke. You needed someone who could fire up that database that no one accessed for years – just in case. Now, those legacy applications are being either abandoned or migrated into private clouds, and obscure IT talents are being absorbed by automated tools.
IT should start proactively carving out new areas of expertise. Security is already an IT specialty, but it should become a skill that is a prerequisite, not a specialty. The specialties should be things like “social media security,” “mobile security,” and even “Facebook security.”
IT can also claim a niche in social media, and it is already doing a good job of positioning itself as the facilitator of enterprise mobility.
However, IT needs to do a better job of advocating for itself. More of your leaders, CIOs and VPs, are coming from the business world, instead of the tech one. They’ll favor their own, so it’s time to start acquiring new skills.
The stereotype of the IT guy with no social skills, a thick neck beard and a grubby Star Trek t-shirt will soon be as outdated as an Altair 8800. IT pros need to be ready for that, and they need to be ready to make the emerging stereotype of the CIO who knows next to nothing about technology just as outdated.