Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Manage cloud computing with policies, not permissions

Bernard Golden | Oct. 17, 2013
Cloud computing obsolesces the idea that IT operations must put users through the ringer to get their hands on scarce resources. Many organisations continue to insist that someone must review resource requests when, in reality, an automated policy engine can do the same thing -- and put computing power in users' hands that much faster.

However, the rise of cloud computing has shattered the basis of that assumption. First, cloud providers have automated the provisioning process so that no manual intervention is required to actually install and configure resources. No physical access or work is required to obtain computing capability. Second, cloud providers offer what the Berkeley RAD Lab's Report on Cloud Computing calls "the illusion of infinite capacity" - the notion that computing capacity isn't a scarce resource that requires rationing but, rather, something available in whatever amounts a user may desire.

Consequently, much of the rationale for the traditional reasons resource request reviews were necessary have fallen by the wayside. Nevertheless, old habits die hard. Despite the fact that resources aren't limited, many IT organizations assert that someone has to evaluate every request.

Use Rules Engine to Decide Who Gets Cloud Resources
This won't go on much longer. More to the point, this can't go on much longer.

First, the question is no longer, "Can this request be fulfilled?" The question is, "Should this request be fulfilled?" In other words, it's not an issue of rationing scarce resources. It's an issue of whether someone's desire for resources is appropriate.

Its silly to put a human in the middle of that evaluation. The organization should have a set of rules about who's able to request resources, and those rules should be captured in a policy engine that can be applied automatically. After all, that's what the human is doing - applying a set of organizational rules. Why not define the rules and apply them as part of the provisioning process?

As I said, the question now is, "Should this request be fulfilled?" Once the policy is applied - a rule that says a developer can request resources for a project he or she is assigned to, for example &msash; the issue becomes the "should." That's a decision best made by the resource user, and made in the context of, "Does this resource use support the business and its objectives?"

Price is perhaps the most efficient mechanism for making resource allocation decisions ever found. This lets you make an effective judgment quickly. Providing transparent resource costs allows user organizations to make their own minds up about whether using resources is justified or not.

The issue facing many IT groups is that current processes reflect historic circumstances that are no longer applicable. Worse, they make the processes inappropriate and obsolete. In any case, cloud providers offer powerful evidence that there is another, more convenient way to operate. The challenge for IT groups is to quickly move toward updating processes to reflect what is possible today rather than continue operating with yesterday's obsolete methods.


Previous Page  1  2  3  Next Page 

Sign up for MIS Asia eNewsletters.