Cloud for the Rest of U.S.
Posted on Fri, Jun 03, 2011 @ 09:24 AM
The federal government has long advocated the benefits of cloud computing, and just last month NIST published the much-anticipated Cloud Computing Synopsis and Recommendations, or SP 800-146.
First and foremost, it provides a lot of the practical guidance that agencies have been seeking for years. More to the point for the vendor community—integrators, manufacturers, service providers, consultants—it explains exactly what federal buyers will be looking for. As physical security is increasingly driven by cloud solutions, this is timely guidance for the industry.
The document covers more facets of cloud procurement than we could possibly discuss here—including a highly readable expansion of the oft-cited NIST cloud definition—but there are at least three relevant three take-aways for physical security providers.
Purchasing Terms Are Different for Cloud Services
The core difference between traditional software systems sales and cloud-based offerings is the Service Level Agreement, which defines the service relationship between buyer and seller.
NIST identifies several key aspects that should be included in any SLA:
- Availability Requirements, which typically are promised to be in the range of 99.5% to 100%, depending on how “uptime” is measured.
- Remedies for Failures, which include service credits and corrective requirements, and can range from 10% to 100% of the cost of service affected.
- Data Preservation, which specifies how data will be stored and returned to the customer in the event that parties terminate their agreement.
For security systems integrators, these are new elements of the customer relationship to be incorporated into commercial practices.
Not All Cloud Solutions Are Created Equal
We’ve talked about the ‘hide-the-box’ charade and ‘pseudo-clouds’ in earlier posts, but NIST effectively makes the point as follows:
It is important to understand…that the term "cloud computing" encompasses a variety of systems and technologies as well as service and deployment models, and business models. A number of claims that are sometimes made about cloud computing, e.g., that it "scales", or that it converts capital expenses to operational expenses, are only true for some kinds of cloud systems. [emphasis added]
This is one of several passages that urges due diligence on the part of the buyer, and provides some practical advice on how to go about it.
Five Key Benefits for SaaS Buyers
Software-as-a-Service (SaaS) is just one of three delivery models for cloud computing, but for buyers who want a complete turn-key application, it’s the only one that matters. NIST points out five key benefits for the federal buyer:
- Very Modest Software Tool Footprint
- Efficient Use of Software Licenses
- Centralized Data Management
- Platform Managed by Providers
- Savings in Up-Front Costs
Our Take
As the industry’s first provider of turnkey SaaS applications for physical security, we applaud the work that NIST has done it this area. We think it’s a big step forward, and expect that it will be a useful framework for buyers and sellers alike.
- Steve Van Till