Surviving the cloud computing boom
Understanding the channel risks
Part 1 Cloud computing launches in Australia are coming thick and fast. Already, more than 30 companies position themselves as offering hosted cloud services, and the number is rising quickly.
The rapid acceleration in the cloud provider market looks very much like at least one other boom in the Australian Internet market: the VoIP boom after around 2006, when the number of providers rose very rapidly from fewer than 70 to around 300.
That boom rode partly on the back of short-lived wholesale relationships in which retail partners – little more than sales agencies with trailing commissions – signed up to flog low-margin (and often low-quality) VoIP services. They and their customers fell victim to wholesalers who showed little regard either for the health of their partners or the quality, and ultimately longevity, of the services provided to retail customers.
The same model is likely to emerge in the cloud computing market: not every wholesaler pitching a “white box” cloud service will know or care about the support they provide to partners or customers.
Yet although the cloud model is often pitched as a threat to Australia’s reseller and systems integrator channel, it’s also an opportunity. As cloud computing reaches downwards to the SME, and once it reaches “non-IT” SMEs who don’t know how to establish, manage or integrate services on their own, there will be a market for services over the top of cloud computing.
From the other end, there will also be demand for “feet on the street” from cloud providers. Their expertise in establishing infrastructure, configuring software, billing, and integrating services with networks – these skills are unlikely to be matched by providers’ understanding of the needs of small retail or services businesses.
Due diligence will be the channel’s greatest challenge as cloud wholesaling takes off. How do you make sure that the company offering wholesale cloud services has the infrastructure it claims, and will be able to deliver the services you need?
The risk to the channel is a given, says Darren Covington, head of strategy and sales at Bitcloud, which launched last year. While it’s impossible to “see through” opaque business models of wholesale cloud providers, he identified the following broad categories of risk to channels:
Technical risk – can the cloud provider deliver the services it offers? Are its billing systems and security systems up to the task?
Compliance risk – is the cloud provider familiar with regulatory regimes in different industries? For example, is it familiar with ASIC (Australian Securities and Investments Commission) requirements for different industries?
Brian Walshe, general manager for Microsoft solutions in Australia at Dimension Data, says SIs also need to be willing to work through the business risks they’re taking:
Terms and conditions – SIs have to take the time to work through the legal contract the cloud provider is offering, he said. “Have you signed away your IP rights with this provider?”
Management and financials – This research is vital, Walshe said. SIs need to know the history of the cloud provider’s management, and need to be able to confirm its financial position and backing.
Who’s in charge?
For the systems integrators, technical risk is easy to identify and easily understood. They have, after all, chosen a technical field as the basis of their income. Contractual risks are more difficult.
Walshe again: “You have to know whose laws apply, and you have to know whose laws are protecting your intellectual property if you find yourself unable to get the service you need and need to get your data back out of the cloud.”
This is particularly sensitive when an intermediary like a systems integrator is involved, since whatever goes wrong will damage the SI’s relationship with its clients.
“Too many people still think their local laws will apply,” Walshe said, “ but if the application is stateless, you need to be clear about the laws that apply.” For example, even replicating a client’s data to an offshore disaster recovery centre could expose that client to a jurisdiction outside Australia.
“That’s the whole point of the data sovereignty debate,” Walshe said.
The problem is, of course, that it’s particularly difficult for the outsider to prove the location of the service. Chy Chuawiwat, CEO of VirtualOffis, says “You can look at network tools to find out where things are ... but the registered IP address may not be the operational IP address.”
Chuawiwat says SIs should call on outside help in vetting upstream cloud wholesalers. “There are a few consultants who can help evaluating a service provider, who know the right questions to ask”.
Peter Neatnica, director of sales and marketing at Nextep, says the question of service level agreements (SLAs) can help differentiate companies offering wholesale cloud services.
Those SLAs, he said, should cover as much of the service as possible, since service availability and responsiveness stretches all the way from the data centre out to the customer’s network connection.
“Cloud computing needs a business-class service,” Neatnica said, with “low network contention, good quality of service, and the ability to provide information upstream through to the network core.” ®
Next – Part 2: What cloud wholesalers want from the channel
Sponsored: Today’s most dangerous security threats