In testing cloud computing services and observing the growth of cloud activities, we've noticed that there are distinct phases that organisations go through in adopting cloud.
First, application developers fall in love with cloud-based disposable infrastructure and/or ready-built app development platforms that circumvent long purchasing cycles and capital asset growth limitations. Then other attractions, like commodity rentable infrastructure, or expansive platforms, become attractive. Sometimes applications are either extended to the cloud as private growth areas, or moved totally off premises.
In 2012, the number of cloud hosting service providers is likely to increase dramatically due to meet demand in these areas. But security and reliability/SLA worries must be assuaged, and that will continue to spawn not only management application makeovers, but also new, cloud-based services for both cloud and on-premise resources and assets.
Along with the standard cloud offering of infrastructure as a service and platform as a service, varieties and gradients of value-added services, especially services surrounding administration, active security and migration services will grow proportionately.
We tested products that perform security in a number of diverse ways, including personal identity management, the perennial one-click logon management, but also numerous applications that provide cloud-based monitoring of both cloud and on-premise resources. We expect the number of packages in these categories to climb. Products that add intelligence to security monitoring, such as syslog managers, will increase in number as well as products that monitor assets.
Asset monitoring has become more difficult because of the addition of more and diverse mobile assets, especially smartphones - and tablets are right behind. We reviewed several mobile device management (MDM) applications, and found that the convenience of cloud-based controls seemed to trump on-premise asset tracking and policy application.
We see the trend toward cloud-based MDM growing meteorically, and users will interact with MDM applications in more direct ways as the trend toward organisationally sanctioned application stores or resources will grow. The rationale is the desire to vet the security and privacy compliance of applications used by employees on smartphones and tablets, and to contain costs that are negotiated in bulk, rather than in retail quantities for users.
In the same vein, as MDM applications increase their dominion over mobile assets, the scope is likely to expand toward "internal" fixed-location assets, such as desktops, servers and peripherals. This means that best-of-breed applications now running in the cloud will connect with more assets for control, then offer overall audit responsibility for compliance and regulatory control. This segment explodes.
Similarly, we see a trend toward combinations of MDM as well as identity management in applications. Microsoft's System Center is an example of an unreleased but announced product meeting this trend, but it also has competition that's lighter on its feet on the horizon.
The cloud host providers, managed services organizations, will be an increasing broker of cloud "stack services" that allow rapid application development and deployment for persistent applications, while on the other hand offering stack allegiances with various industry initiatives, like OpenStack. Tools that leverage development frameworks and platforms also will increase, brokered by MSO/MSPs to deliver more comprehensive solutions.
These offerings will include desktop as a service, which lets especially tablet devices become "full members" in application deployment schemes. MSPs and other hosting organizations will offer an increasingly diverse set of Internet logons to walled-garden applications utilizing various administrative and management schemes. The DaaS goal will be to use any kind of device to access applications uniformly via the Internet. Smartcard and bio-authentication devices for multiple-factor authentication to DaaS services will also grow as dictionary attacks and sniffing tools become an onerous crack in security.
The final bit of growth in cloud in 2012 is likely to arrive in the form of education, and standardised education leading to credentialisation for cloud implementations. Cloud is becoming a large enough concept with sufficiently different applications to become a discipline in and of itself - apart or augmented with data centre principles.