Updated on August 2, 2016 by Sam Lee
There is no disputing the fact that cloud computing has led to a number of remarkable changes in the way many companies do business. Cloud-based solutions have been instrumental in streamlining IT functions and other business processes, resulting in a considerable savings in terms of time and monetary output.
By no means is cloud computing a one-size-fits-all solution. While there is value in adopting the cloud, a variety of industries are better served by processes and services that are uniquely tailored to their needs. As a result, cloud providers are looking towards building industry-specific clouds that cater to the needs of a particular vertical. The overall value of cloud-based solutions grows even greater as intellectual property and vertical expertise are added into those offerings.
Reasons for Moving Towards Industry-Specific Clouds
A growing number of industries appreciate the advantages of cloud computing, but also recognize the barriers that stand in the way of making a meaningful transition. For instance; finance, healthcare and government operations are areas where sensitive and confidential data must be carefully handled and protected at all times from unauthorized access and other malicious activity. As a result, a variety of national and international authorities have created regulations and compliance measures that govern not only how a number of industries handle critical data, but also how cloud service providers are expected to safely host said data.
Regulatory and compliance requirements are a major concern for organizations interested in cloud-based computing. For example, U.S. government agencies are required to meet a variety of regulatory and compliance guidelines when utilizing data and application processing and storage solutions. For example, the International Traffic in Arms Regulations (ITAR) places heavy restrictions on both data access and location, requiring data storage facilities to be located specifically within the U.S. and restriction of data access solely to U.S. citizens.
The healthcare industry has its own regulations to contend with when it comes to handling sensitive and confidential data. The Health Insurance Portability and Accountability (HIPAA) Act and Health Information Technology for Economic and Clinical Health (HITECH) Act place heavy restrictions on data access, processing and dissemination in the interest of patient confidentiality. Nevertheless, many healthcare organizations are aware of the benefits cloud computing offers, making it imperative for them to find innovative ways of overcoming these regulatory and compliance obstacles.
Maintenance of security protocol as well as compliance with federal and international regulations is a driving force behind the reluctance of many industries to fully utilizing the cloud. As a result, many of the emerging cloud providers are taking a hard look at ways to accommodate these concerns, as well as how to approach the issue of compliance and certification.
Enter the Industry-Specific Cloud
The industry-specific cloud is unique from other cloud solutions, as it can be uniquely tailored to accommodate the needs of specific industries. For example, healthcare organizations can utilize cloud-based solutions that meet the compliance standards set by HIPAA, HITECH and other governing statues. Global enterprises can rely on the combined knowledge and expertise within their specific industry vertical to take advantage of certain benefits offered by industry-specific cloud computing.
Industry-specific clouds share a number of characteristics with private and hybrid cloud infrastructure. Like private clouds, an industry-specific cloud limits access to members of a particular vertical. However, industry-specific clouds also allow each of their members to utilize the public cloud to access resources, given that the appropriate security measures are taken. Developing a unified cloud infrastructure for industry verticals also allows service providers to create and offer their own cloud functions, including SaaS and IaaS.
According to Saugatuck Technology vice president Charlie Burns, industry-specific cloud computing is also opening the door for traditional Fortune 1000 companies to leverage their own cloud infrastructure with an eye towards developing market specific services to targeted markets. He believes that these companies will end up becoming users as well as providers of industry-specific cloud solutions.
Examples of Vertically Integrated Solutions for Cloud Computing
Several industries are already benefiting from industry-specific cloud solutions. Air transport IT provider, SITA, and communications provider, Orange Business Services, recently joined forces to create a managed cloud computing infrastructure capable of accommodating the needs of global enterprises within the air transport industry. According to SITA, this infrastructure is based on six Tier III+ and Tier IV data centers located in six regions, all of which are connected to a high-speed MPLS network provided by Orange. Both Orange and SITA will continue to offer their own individual cloud-based services while relying on a single industry-specific infrastructure.
This new infrastructure is aimed towards offering a shared solution for airlines that currently utilize their own equipment, allowing them to reduce costs, free up capacity and experience increased service quality. Many airlines utilize their own infrastructure for processing critical functions, including call centers that process flight reservations.
The U.S. government is also in the process of migrating most of its functions to the cloud thanks to the Federal Cloud Computing Initiative (FCCI). The FCCI aims to increase operational efficiencies among government agencies by combining and optimizing common services through cloud-based solutions, with the ultimate goal of promoting the successful adoption, implementation and management of cloud computing throughout the U.S. government. The FCCI hopes to help government agencies reduce the costs of building, maintaining and managing current IT infrastructure while promoting adequate levels of security to protect infrastructure, data, and applications.
The FCCI also manages the Federal Data Center Consolidation Initiative (FDCCI) and Federal Risk and Authorization Management Program (FedRAMP). The FDCCI intends to eliminate redundancies among government agencies by consolidating agency data centers. The FDCCI intends to consolidate and close over 960 data centers by 2015.
In addition to the FCCI's efforts, Amazon is also offering its AWS GovCloud services to U.S. government agencies and businesses. AWS GovCloud provides a variety of secure IT applications shared among government agencies and businesses requiring secure cloud infrastructure. These services include enterprise applications, web applications, storage and disaster recovery and high performance computing. The AWS GovCloud Region offers support for a variety of system integrators and independent software vendors, including Oracle and Adobe.
Concerns Pertaining to Industry-Specific Cloud Computing
One major concern among industry leaders is dealing with the possibility of vendor lock-in. As their needs change, companies must be able to change with them. Being locked into a particular vendor solution stifles much of the flexibility that companies value. Migrating from one vendor solution to another can cost millions of dollars and take valuable time that can be put to other uses. There is also the possibility of being stuck with a particular vendor due to a notable lack of other available options. In addition, there is the possibility of a particular vendor taking advantage of its lack of competition through price gouging, creating unnecessary costs for businesses lacking other options to turn to.
IBM responded to these concerns by decoupling its software platform from its hardware, allowing it to run on hardware provided by other companies. As one of several companies that have chosen to supplement its existing workload-specific cloud solutions with products aimed at industry verticals, IBM hopes to offer a complete assortment of cloud solutions while avoiding the issue of vendor lock-in. As time goes on, other providers may similarly decouple their software platforms from their hardware, thereby alleviating concerns of vendor lock-in.
The ability of industry-specific cloud services to pass muster with a variety of regulatory and compliance measures is another major concern for certain industries. In the case of the U.S. government, FedRAMP provides a regulatory framework towards ensuring cloud infrastructure security. FedRAMP utilizes a "do once, use many times" approach that eliminates the need for redundant security assessments among agencies, thereby saving time as well as cost and manpower.
Amazon and other cloud providers have made efforts towards gaining compliance with FedRAMP and other regulatory statutes. For example: Amazon's AWS GovCloud Region has its servers physically located within the U.S. and accessible both physically and logically by U.S. residents only, with support for FIPS 140-2 compliant end points, thereby meeting the requirements of ITAR and other federal regulations pertaining to data security. As a result, AWS GovCloud can safely handle sensitive workloads originating from U.S. government agencies and other organizations requiring elevated data and application security.
Follow UpGuard on Twitter
Misconfigurations are an internal problem that emanate from within the IT infrastructure of any enterprise; no hacker is necessary for massive damage to occur to digital systems and stored data. And the problem is pervasive, with Gartner estimating anywhere from 70% to 99% of data breaches result not from external, concerted attacks, but from internal misconfiguration of the affected IT systems.