Cloud computing is more than just a new set of technologies businesses can utilize — it is a new way of thinking about technology. As a result, businesses are being challenged to transform every single practice and policy they are using to govern how IT systems are managed and deployed. This IT/business evolution spotlights the need for a more business-minded executive to oversee the dynamic issues introduced by the cloud. The time of the chief cloud officer (CCO) is upon us. Someone who will advise and manage a company's approach to the cloud (community, hybrid, private, public) and who will maximize the opportunities it offers in a variety of lines of business, while mitigating the complexities or concerns introduced.
If cloud computing plays a significant role in your business or you expect it to in the near future, consider these 10 critical job functions, which a CCO could handle for your organization.
1: Align existing lines of business with your cloud initiative
Cloud-based deployments offer companies significant advantages, especially in terms of cost for scalable network capacity. The pay-as-you-go cloud service model and on-demand access are huge selling points. But often, cloud computing grows organically in large enterprises with different segments of the business virtualizing their own systems and processes. This fragmented approach usually results in a sub-optimized cloud investment.
The cloud has major implications for business. To gain its full benefits, companies need a business leader who can unify this activity, determine what services are best outsourced versus insourced, and devise a strategic plan that ensures a successful endeavor in the cloud. Think of the CCO more as a business enabler than a traditional technology executive, whose charter is to manage risk while expanding opportunity across all lines of business.
2: Leverage cloud for competitive advantage
Once your organization has dipped its toe in the cloud, it's time to start thinking about how to improve business agility. A key aspect of cloud computing is the flexibility it offers companies to respond to market changes. For example, if line of business executives determine they need an application to maintain the company's competitive advantage, the cloud will enable fast, global, and simple Internet-facing application deployments. These are the key advantages cloud solutions have over internal virtual or physical deployments.
3: Manage cloud vendor relationships
Large companies may use several cloud service providers (CSPs), with smaller companies working with one or two. Having multiple vendors may be essential to an effective cloud computing implementation, since this approach helps provide a Plan B should one of the providers experience an outage. The CCO will need to use finesse when negotiating relationships with each CSP to ensure the best possible outcome for the business. It will be important for the CCO to understand the strengths and weaknesses of the CSPs, balance the costs, security features, and performance capabilities of their services, and then negotiate the best volume deals.
4: Define and implement cloud security policy
One of the most critical concerns raised when companies consider making the shift to cloud computing is data and application security. Interest in IT security has hit an all-time high, due to the sheer number and sophistication of malicious attacks launched against strategic IT assets each day. Moving to the cloud adds another level of complexity to this issue. Regardless of how stringent your CSP's security policies may be or how robust its teams of experts are, it is no substitute for your organization's own efforts to ensure the privacy of its corporate data. Another vital CCO job function is to develop a comprehensive cloud security strategy and to work with CSPs to manage the assignment of security responsibilities between the CSP and internal resources.
5: Monitor network performance and security
While monitoring cloud environments is slowly becoming possible, most approaches require that companies purchase new virtual appliances for monitoring network performance and security. The problem is that many companies have invested heavily in their existing performance and monitoring tools and would like to keep using them to have visibility across the virtual/physical network. CSPs and third parties are going to need to provide better ways for enterprises to have visibility into their share of the network and applications. Technologies such as network monitoring switches can help ensure the security of cloud implementations. This technology sits between the network and analysis tools and greatly improves network visibility. The CCO will look for opportunities to continually evolve and enhance the company's visibility of virtual network assets.
6: Monitor application performance
Companies can't ignore the major shift cloud computing represents for its future as business critical applications (BCAs) move to the cloud. But as BCAs, such as sales management, become virtualized, there is opportunity for the cloud industry to improve visibility at the application level to help ease potential concerns of its customers. It is easy to imagine a near future when cloud providers will offer multi-tenant monitoring, which the CCO will use to gain a clear view of activities in individual areas of the cloud. This will require innovation from current network-monitoring technology that will evolve in a way to protect the data of multiple tenants.
7: Investigate cloud vendor security incidents and network outages
Even the best plans don't always get executed perfectly. With more data residing outside their walls, companies need someone to manage the potential problems, and subsequent legal issues, that can arise if a cloud vendor experiences a security breach or network outage. The CCO would be responsible for coordinating with general counsel on investigating the incident, taking legal action if required, and minimizing the risk of future incidents.
8: Own cloud SLAs
A CCO can also manage the cloud vendor service level agreements. In the event that a breach of contract occurs, the CCO will interface with legal and bill cloud vendors when they do not meet their SLAs, seeking the appropriate penalties. Provable performance metrics will be critical when cloud providers are negotiating with a CCO.
9: Ensure cloud compliance
Every company is responsible to comply with its respective industry standards, i.e. HIPAA, PCI, SOX, SSAE-16, ISO 2700X and FISMA. When companies venture into the cloud, no exceptions should be made in examining the compliance practices of its cloud partners. The CCO will establish and enforce the company's policies, regularly auditing cloud vendors to ensure its interests are upheld. Additionally, the CCO will work with cloud providers to determine how troubleshooting of hosted servers are handled if problems arise, what happens to the data when a decision is made to change services, etc.
10: Keep the company out of trouble with international policies
The CCO will monitor international legislation and the international business climate, helping to identify potential risks in doing business via the cloud overseas where different rules may apply. The idea of companies having to navigate international policies while virtualizing global IT assets is still unchartered territory. But it's likely to be a critical job function for the CCO of a multinational company,since virtualized corporate data could potentially be subject to seizure by government entities in different countries.
About the author
Kate Brew is a product marketing manager at Ixia's Network Visibility Group (formerly Anue Systems), a provider of the industry's most comprehensive converged IP network validation and network visibility solutions for enterprises, communications providers, and government agencies worldwide.