Welcome to the ITIC Website, I hope you’ll come back and visit often. The technical and business issues and concerns you raise regarding Cloud Computing are all points well taken. Any organization contemplating a public cloud infrastructure must perform due diligence in advance of any migration. All cloud providers are not created equal and there will be many classifications and strata of offerings. Corporate enterprises must ask very specific questions with respect to such crucial items as: the type of server and virtualization product as well as specific configuration. The type of infrastructure equipment is also important. Customers should also ask how often the equipment is upgraded and request and insert specific minimum latency and guaranteed response times into their licensing and support contracts. Also, insert outclauses and penalties into the contracts, in the event the cloud provider fails to meet agreed upon Service Level Agreement (SLA) committments. Security is also a crucial issue — end point security is a must in the cloud. AND, corporate enterprises are well advised to have their corporate counsel or outside attorneys carefully review the security and privacy statutes of the state (if in the U.S.) or country where their data will reside.

And finally, you are absolutely correct Etoin: all prospective cloud customers should perform a thorough three-year TCO/ROI analysis of the capital expenditure and operational expenditure costs to make the best decision for their individual conpany.

Then there’s the question of accountability and, to take things further, GRC. By definition and of necessity, cloud environments rely heavily on virtualization. Now, one of the main attractions of virtualization is the ability to shift loads from overburdened or failing servers to other servers rapidly and easily. But the workloads will SHARE servers. Where’s the accountability and the traceability? How can an enterprise prove beyond doubt that a particular app was sitting on a particular server in full compliance when those apps may be moved around at any time?

There are lots of other issues being raised; let’s not be blinded by the cloud fans’ mantra of “It’ll save you CapEX up front;” they’ll charge enough for services later to make enterprises wish they’d ponied up the CapEX in the first place, once the enterprise is locked into a contract.