Lessons to be Learned from the Amazon Service Disruption in the US

May 2011

Amazon Elastic Compute Cloud (EC2) services were disrupted for a few days in last April. Thousands of companies lost their services completely in this period. There is no doubt that Amazon, the leading Cloud Service Provider, has the expertise and good practices to implement, operate and maintain the highly reliable and available service. The incident might have resulted from a chain of unprecedented events or might only be a matter of a simple human error. Regardless of the reason, Amazon must have learned its lesson from this incident and probably will improve its service even further in the following months. On the other hand, what are the lessons a cloud customer should learn from this incident? I sought the answers between the lines of the "Summary of the Amazon EC2 and Amazon RDS Service Disruption" report published by the Amazon Web Services Team.

Cloud Computing Resources for IT Service Architects

April 2011

NIST (U.S National Institute of Standards and Technology) Cloud Computing Security Working Group (NCC-SWG) publishes this page to consolidate concerns of cloud transformation due to the changes in control dynamics (both in terms of ownership and management).

 NIST Cloud Computing Collaboration Site

The group aims to to develop a security guidance based on standards and best practices for ensuring implementation of appropriate controls. Highly recommended resource for any IT Service / Security Architect considering cloud to source IT services.

Unifying IT Best Practice Frameworks and Standards within TOGAF

April 2011

All IT best practice frameworks and standards have a common goal; building and operating IT effectively and efficiently to add value to the business it drives and to maintain information assurance. An enterprise successfully applying best practice frameworks and standards will more likely have advantage against its competitors as it develops a clear IT strategy reflecting the requirements of its business strategy, makes effective and transparent investments, manages its performance, and acts in compliance with regulatory and contractual requirements.

There are various work groups and institutions compiling best practices and defining standards with similar motivations. It is sometimes confusing for an organization which framework or standard to follow and very often there is a need to align more than one standard or framework due to varying reasons, such as competitive, contractual or regulatory requirements. The dispersion of requirements across various organizational functions and the duplication of information contained within different frameworks may often cause distractions, lack of ownership and stakeholder commitment, and long running redundant efforts with fragmentation issues. Demonstrating the return of investment can also be challenging in many of these projects.

Moving to Cloud: An IT Management View

March 2011

Cloud computing simply refers to a model for computing resources (networks, servers, storage, applications and services) provisioned on shared pool of technology infrastructures. Various service models allow deployment of these services independently or combined, transferring most of the system maintenance functions to the service provider. The main prospect of cloud computing is to provision IT resources in a short time and to reduce infrastructure investments with increased reliability and scalability.

Although this concept has been available for a long while, new online business models, reliable and cost-effective network services and matured technologies such as virtualization, grid computing and web-based services have boosted cloud based offerings in recent years. The strong view in the IT world considers cloud computing as the dominating IT sourcing model within the next 5 years. The volume of researches by various agencies and industrial bodies and the amount of recent investments by leading vendors and service providers are strong indicators of this trend.