It's been a while since I've written a blog because I've spent most of the summer working on our Cloud Computing for Dummies book along with Judith Hurwitz, Robin Bloor and Marcia Kaufman. I did, however, post a short blog about premise vs. premises, which I urge anyone involved in Cloud Computing to read.

In any event, the book will be out in the early fall and I have to say that writing it was, for the most part, time well spent. We did a lot of research for the book and I think that readers will find it very helpful as they try to sort out how and why and what of the cloud. Judith recently posted a blog about 10 things she learned about the cloud while writing this book. In keeping with this theme, here are five key considerations for managing the cloud. I'll touch on each briefly. Obviously, we go into much more detail about management in the book. Note that a number of these areas are still in their infancy.

Quality of Service.
I've noticed that when many cloud vendors address managing the cloud, they only talk about how to manage resources over a virtualized infrastructure—specifically about self service provisioning and about some sort of automated resource allocation. They're not necessarily talking about fixing problems, providing service level agreements, or managing security. In other words, they're not talking about managing the quality of the service they are providing. However, a key element of managing the cloud is ensuring Quality of Service (QOS) which itself includes a host of issues such as availability, reliability, scalability, maintainability, integrity, security, and all of the other "ends in a y" words. At a minimum, it is important for companies that use a cloud provider to have visibility into the services so that they can measure and monitor what is going on and whether their providers are meeting any SLAs that have been put in place. Of course, negotiating these SLAs in another important consideration.

Governance.
This area is still pretty much in its infancy. Governance defines who is responsible for what and the policies and procedures people or groups need to follow to make sure business goals and objectives are met. Cloud governance requires governing your own infrastructure as well as infrastructure that you don't totally control. This includes understanding risk (such as compliance risk, contract risk, interoperability risk, billing risks, etc. etc.) as well as ensuring performance goals. A key aspect of a governance strategy will be to put together the right group to interface with both internal and external providers to make sure that policies and procedures get enforced.

Standards.
Another nascent area. A standard is an agreed upon approach for doing something. Cloud standards are needed to ensure interoperability, portability, and integration. There are a number of organizations and informal groups that are addressing standards issues in the cloud environment. Some of these organizations have been around for years; others are relatively new. Several of these organizations have gotten together to create a cloud standards coordination wiki so each group can post their work in one spot. You can find this wiki at www.cloud-standards.org

Security and Privacy.
This topic has received a lot of attention by various groups such as the Cloud Security Alliance. The same principles that apply to security on your own premises will apply in the cloud. This includes identity management to ensure that only authorized persons are allowed to access assets, as well as the ability to determine legitimate from illegitimate activity. A huge area of concern is protecting data in the cloud. This includes dealing with compliance issues associated, for example, with cross border data movement.

Dealing with Data.
Closely related to data security is the issue of ensuring that proper controls are in place for issues like co-mingling of data or secondary use of data (e.g. for marketing purposes). This includes auditability of data in the cloud (yet another emerging area). In addition to audit and control is also the issue of how vendors are storing and accessing the massive amount of data that is being stored in the cloud. This has generated new ways of thinking about database management systems and other data stores.

Cloud manageability is a big, complex, and evolving subject and clearly I've only given you a taste of some of the issues involved. I would love to hear your thoughts about the subject.