Surviving the cloud computing boom

Understanding the channel risks

Internet Security Threat Report 2014

Part 1 Cloud computing launches in Australia are coming thick and fast. Already, more than 30 companies position themselves as offering hosted cloud services, and the number is rising quickly.

The rapid acceleration in the cloud provider market looks very much like at least one other boom in the Australian Internet market: the VoIP boom after around 2006, when the number of providers rose very rapidly from fewer than 70 to around 300.

That boom rode partly on the back of short-lived wholesale relationships in which retail partners – little more than sales agencies with trailing commissions – signed up to flog low-margin (and often low-quality) VoIP services. They and their customers fell victim to wholesalers who showed little regard either for the health of their partners or the quality, and ultimately longevity, of the services provided to retail customers.

The same model is likely to emerge in the cloud computing market: not every wholesaler pitching a “white box” cloud service will know or care about the support they provide to partners or customers.

Yet although the cloud model is often pitched as a threat to Australia’s reseller and systems integrator channel, it’s also an opportunity. As cloud computing reaches downwards to the SME, and once it reaches “non-IT” SMEs who don’t know how to establish, manage or integrate services on their own, there will be a market for services over the top of cloud computing.

From the other end, there will also be demand for “feet on the street” from cloud providers. Their expertise in establishing infrastructure, configuring software, billing, and integrating services with networks – these skills are unlikely to be matched by providers’ understanding of the needs of small retail or services businesses.

Due diligence

Due diligence will be the channel’s greatest challenge as cloud wholesaling takes off. How do you make sure that the company offering wholesale cloud services has the infrastructure it claims, and will be able to deliver the services you need?

The risk to the channel is a given, says Darren Covington, head of strategy and sales at Bitcloud, which launched last year. While it’s impossible to “see through” opaque business models of wholesale cloud providers, he identified the following broad categories of risk to channels:

Technical risk – can the cloud provider deliver the services it offers? Are its billing systems and security systems up to the task?

Compliance risk – is the cloud provider familiar with regulatory regimes in different industries? For example, is it familiar with ASIC (Australian Securities and Investments Commission) requirements for different industries?

Brian Walshe, general manager for Microsoft solutions in Australia at Dimension Data, says SIs also need to be willing to work through the business risks they’re taking:

Terms and conditions – SIs have to take the time to work through the legal contract the cloud provider is offering, he said. “Have you signed away your IP rights with this provider?”

Management and financials – This research is vital, Walshe said. SIs need to know the history of the cloud provider’s management, and need to be able to confirm its financial position and backing.

Who’s in charge?

For the systems integrators, technical risk is easy to identify and easily understood. They have, after all, chosen a technical field as the basis of their income. Contractual risks are more difficult.

Walshe again: “You have to know whose laws apply, and you have to know whose laws are protecting your intellectual property if you find yourself unable to get the service you need and need to get your data back out of the cloud.”

This is particularly sensitive when an intermediary like a systems integrator is involved, since whatever goes wrong will damage the SI’s relationship with its clients.

“Too many people still think their local laws will apply,” Walshe said, “ but if the application is stateless, you need to be clear about the laws that apply.” For example, even replicating a client’s data to an offshore disaster recovery centre could expose that client to a jurisdiction outside Australia.

“That’s the whole point of the data sovereignty debate,” Walshe said.

The problem is, of course, that it’s particularly difficult for the outsider to prove the location of the service. Chy Chuawiwat, CEO of VirtualOffis, says “You can look at network tools to find out where things are ... but the registered IP address may not be the operational IP address.”

Chuawiwat says SIs should call on outside help in vetting upstream cloud wholesalers. “There are a few consultants who can help evaluating a service provider, who know the right questions to ask”.


Peter Neatnica, director of sales and marketing at Nextep, says the question of service level agreements (SLAs) can help differentiate companies offering wholesale cloud services.

Those SLAs, he said, should cover as much of the service as possible, since service availability and responsiveness stretches all the way from the data centre out to the customer’s network connection.

“Cloud computing needs a business-class service,” Neatnica said, with “low network contention, good quality of service, and the ability to provide information upstream through to the network core.” ®

Next – Part 2: What cloud wholesalers want from the channel

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
SDI wars: WTF is software defined infrastructure?
This time we play for ALL the marbles
'Urika': Cray unveils new 1,500-core big data crunching monster
6TB of DRAM, 38TB of SSD flash and 120TB of disk storage
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Oracle hires former SAP exec for cloudy push
'We know Larry said cloud was gibberish, and insane, and idiotic, but...'
Symantec backs out of Backup Exec: Plans to can appliance in Jan
Will still provide support to existing customers
prev story


Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.