Standards can be the bane of everyone’s life, be they users, business managers or pointy-headed technologists. But they are essential if interoperability between different systems is to be remotely possible. And such interoperability is an essential component of the Cloud, particularly at the business process level: without it, most of the reasons for businesses moving to the Cloud become irrelevant. So the standards that will be important will be geared towards business KPIs rather than technology SLAs.
This was one of the underlying themes to emerge at the Standards Panel Session held at last week Business Cloud Summit. Andy Burton, CEO of Fasthosts and Chairman of the Cloud Industry Forum, David Terrar Chairman of Intellect’s SaaS Group, Director of EuroCloud and head of consulting group D2C, and Matt Holmes, MD of Liquid Accounts and Chairman of BASDA’s special interest group on Cloud Computing, kept returning to the growing need for all Cloud service vendors to work with standards that helped business users make sensible decisions about the provision and implementation of services needed for their businesses.
For example, in answer to the question of which of the many available standards are most important, the common theme was that those concerned with business aspects of the Cloud won out every time. As Terrar observed, “There are many standards, and they are still mainly on the technical side, but the important ones are more businesses.”
We are now seeing industry collaboration, and there is now so much innovation that there are lots of technical issues, said Andy Burton, “but there is also a need for transparency and customer confidence. So the need now is putting pegs in the ground that help users make sensible decisions on what they want to do. That is what the Cloud industry forum is all about. It is looking at all those issues about what the users business really is, coupled with the technical issues of making that happen, and the accountability issues. The aim is to present users with all the information they need to make a rational decision on what services they require. Cloud may be about Computing power delivered online, but that is not what the customers are looking for. What they are looking for is how it integrates with their business, and what it provides.”
This raised the possibility of there not only being too many standards but also too many standards bodies. This is, of course, a factor which has beset many areas of IT in the past, usually to the detriment of achieving anything of real benefit to the users. This can be a particular problem where the drive towards standards is being driven by user and process requirements rather than technical capabilities. Here, each group of users can feel that they have special requirements that demand special attention. Following that route, it can sometimes be a short journey to the creation of a mare’s nest of different, of often contradictory standards that vendors need to comply with. As Burton suggested, there is perhaps a need to standardise the standardising bodies.
Terrar pointed out that this possibility is very much at the forefront of their collective thinking. “There are three different bodies here, and if we all did out own thing on standards it would be a mess, so we are working together. Standards should be for the industry as a whole - both the buy side and the sell side,” he said.
One of the important factors here, as Holmes pointed out, is that the Cloud is changing some fundamental `rules of engagement’ for vendors as well as users. “Interoperability is the goal now, and the Cloud vendors are more open to the possibility of it than traditional vendors,” he said. “The days will soon be gone when it is accepted that you can't exchange information between applications. It is now not in our interest to stop someone moving their data. Lock-in has always been there – for example, I know of one vendor that does not have a button marked `export' for moving data. But the Cloud allows that, and even makes it an advantage. And allowing it will help the software industry long term.”
Another key factor in favour of widely accepted industry standards is the way they can collectively open up the marketplace for new service providers, especially the start-ups that have the potential to offer something of real value to users but without the resources to develop all the aspects of a new product needed to make it easy to use. “The issue with the Cloud and standards is that the Cloud allows great flexibility, and developers can be small and without the funds to develop stuff on their own,” said Terrar. “Existing standards can give them a platform to build on. It is up to all of us to get involved as Cloud is so different from what we used to.”
This need for involvement was taken up by Burton who, as Chairman of the Cloud Industry Forum, has a close association with the Forum’s recently introduced Code of Practice. “We need to be sure that standards are not just aspirational statements and do actually mean something,” he said. “That's why produced the Code as an independent thing. The technology is still developing, so we're about as an organisation is trying to build trust. The information from service providers is validated by external assessors and governed by a whistle-blowing process. This helps companies be held against the court of public opinion.”
That public opinion should also be ready for use in balancing the number of possible standards against what makes sense in terms of practical application. For example, Holmes pointed to an important inevitability of massive amounts of legal input coming through in terms of regulation. This is an area of standardisation that is both important in the right measure, and a potential source of huge hindrance and future inflexibility, especially as it always `follows' and can be out of time with what is happening in the marketplace. Standing against that is, as Terrar observed, the need for all standards to be practical and affordable for all companies, as many are too small to afford the costs of implementing too many non-essential standards
Given that the Cloud is already a global marketplace, Holmes pointed out that there will have to be some European standards in place eventually. “Some of it is down to risk calculation by the buyer and there is still work being done on data protection in the UK. The US has the Safe Harbour thing, but more work needed on this in the UK,” he said.
“Yes there is a need for European standards,” Terrar said, “but there will initially be regional developments. For example the Germans are doing a similar thing to the Cloud Industry Forum standards.”
In the end, however, the standards needed will be driven by the users and their business needs rather than the technologists, though the organisation of the process may well come from the vendor community, as Burton observed.
“What you need is ethical vendors pushing for standards,” he said. “While the users need to be asking the 10 or so questions that are relevant to them. It is down to the users to start asking those questions. The real groundswell will come when the users feel confident enough to identify and ask the questions important to them.”
Holmes identified what has to be the key characteristic of those questions. “The users need standards that address business issues rather than technological ones. So the question have to be driven by whatever represent the Key Performance Indicators for that business rather than what is set out in any Service Level Agreement.”
