Can cloud computing teach you to ignore your infrastructure?

Abiquo CEO Pete Malcolm says that if IT managers can satisfy security, compliance and workload concerns with automated policies, infrastructure can begin to 'disappear.'

Entrepreneur and technologist Pete Malcolm has taken over the reins of Abiquo, a Spanish software project that just landed $5 million in venture capital. Malcolm claims the idea is to let enterprises be as agnostic as possible in choosing how they do cloud, even as they address security and compliance issues. Abiquo turns virtualized infrastructure into cloud computing enviroments and works with every major hypervisor and hardware platform. Malcolm has extensive experience with the technology-heavy financial industry in data loss prevention and data security.

In this interview, Malcolm talks about the opportunities and challenges facing enterprises and cloud computing vendors.

SearchCloudComputing.com: What's driving enterprise interest in cloud computing?

More on cloud security:
Google Apps chief promises security through scale

Understanding security in the cloud

HP's cloud security guru to enterprises: Tread carefully

Pete Malcolm: You've got this problem at the moment: the guys running the infrastructure don't really know what's going on with the application side, and why would they? So you've got this disconnect.

You say managers need to be able to define "workload policies" to manage virtual infrastructure and address that disconnect. What are some examples?

Malcolm: A really obvious example of that is an enterprise really wants to spread their virtual machine load across its available hardware. It owns the hardware already, it wants to spread it across and maximize performance. A hosting provider probably wants to do exactly the opposite; he wants to squish it all up and get as much utilization out of each machine as he can before it moves over to the next one. That [should be an automated] policy decision about how you want to deploy [virtual machines].

There are lots of other policy decisions that enterprises will want to make about security and compliance, and be able to say, in the banking firm, for example, "OK, these set of racks are investment banking data and these set of racks are research analysis group," that kind of stuff.

Well, somebody has to care about computers at some point. Is this the beginnings of a divorce between infrastructure operations and IT in general?

Malcolm: Your basic separation will be between those who manage the infrastructure, whose job it is to deliver resources to this thing we're calling a "resource cloud" at whatever performance levels they are required to deliver, and the consumers of that, who are the managers of these virtual data centers.

They have to exist within the resources limits that have been set. They won't have to get quite so involved. You talk about assigning public IPs or something simple like that , they don't go about managing the individual IP [address], they just say I need a public IP, which they will be provided with and consume, and the system will take care of everything between them. They don't have to manage the actual allocation.

Easy resource management is nice, but it's one of a number of critical areas for IT. Many would put security and compliance well above pure performance on the list of priorities.

Malcolm: We're not attempting to solve the security problem -- that's a hypervisor problem. In the meantime, while that's being resolved, the CIO will need to dictate policy around what stuff goes where -- what can go out and can't. Is it data that can go outside of our organization, does it follow the rules?

Why is security such a bugbear for enterprises looking at the cloud world? Won't providers eventually get it sorted out?

Malcolm: I don't know if it's going to be a solvable problem. If you've got applications delivered as application services, you've always got the security issue because no matter who you're getting it from, they can see your stuff.

You can't ring fence it, all you can do is have them audited by some third party that everyone thinks is reputable. If you're talking about infrastructure, I think that problem hasn't been solved yet, but I think it is solvable. I think you can build a hypervisor with a ring of steel around it, we know you can build communication channels with rings of steel around them, so I think that's a solvable problem.

I think that's where security is going to get delivered. I think then you will start to build trust to let [critical data] out.

So is that a flat "no deal" for enterprises moving critical infrastructure to the cloud? Then how will organizations start moving out to the cloud, as everyone assumes they eventually will?

Malcolm: They're not going to go out anytime soon. Delivered as infrastructure, they might start to go out, but it'll be at the periphery. Is an investment bank going to want its trading system on anything that's not under its control? No.

I don't know if [cloud security] is going to be a solvable problem.
Pete Malcolm, Abiquo CEO,

Some of those [same] people will let email out there, but email is going to be public anyway and if it's not, each email can be wrapped to handle that security. To some extent, things like Salesforce.com have succeeded in that; there's a fairly tightly defined area for what's going to go out. In some ways, you can say [CRM] is mission critical, but it's very containable, you see.

What else do people want to see out of a compute cloud besides security, governance, and so on?

Malcolm: People want to consider billing and charge back and I think people want to understand more about machine utilization -- not just allocating resources, but what of those resources are being used.

Could we, for example, overload systems, like airlines overbook, on the theory that some people simply won't show up; could we overload stuff to get more out of it without compromising performance. People almost always request more resources than they actually consume.

There's a rule out there about actual physical data centers that says only 10-15% are actually being used; that's a big statistic.

So how does cloud go forward at the moment?

Malcolm: We see private clouds as the immediate opportunity but we're trying to have a vision and an architecture about how that expands out when the security and everything is in place to do that, and still have centralized control. Eventually, the managers on the virtual side neither know nor care whether it's stored privately or publicly, because why should they? The CIO is happy because policy is being followed. I think that sort of public/private cloud thing will kind of disappear.

PETE MALCOLM'S BIO:
Pete Malcolm joined Abiquo in 2009 as chief executive officer to boost the company's international expansion, thanks to his extensive experience with startup technology companies. Pete is a serial entrepreneur and technologist, best known as the founder and chief technology officer of Orchestria Corporation, which was acquired by CA Inc. in January 2009.

Previously, Pete was Benchmark Capital Europe's first Entrepreneur In Residence, and prior to that he was senior vice president of business management with CA Inc. from 1996 to 2000. In addition, he founded the IQ International company in 1989 (acquired by Cheyenne Software in 1996) where he was instrumental in developing the data storage technique known as Open File Backup. Pete's Open File Backup product was later sold by Cheyenne and CA Inc., who currently sell the product as Open File Agent.

Pete is also the inventor of more than 150 software patents, including Data Loss Prevention and Open File Backup patents.

This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchVMware

SearchVirtualDesktop

SearchAWS

SearchDataCenter

SearchWindowsServer

SearchSOA

SearchCRM

Close