The new year is well under way. How about your review of your cloud architecture strategy?

As more mission-critical services move to the cloud, this is one resolution that shouldn’t be pushed out (you know, the way the diet and exercise ones usually are ...). That’s especially true now that cloud platform services are raising the stakes when it comes to what you can expect from embracing the cloud as part of your architecture.

Here are some questions and ideas to incorporate into your own review plans:    

·         Are you realizing value from turnkey, integrated services?

An informal analysis of Fortune 100 companies shows that only two weren't using application cloud-based services as of October 2009, according to Stanford University lecturer Timothy Chou (see here for a link to the document). That number may well be zero now, because the benefits from cloud computing have become even clearer since this document was composed.

The next phase of the cloud looks as if it’s going to be about vendors providing added features beyond the raw services you get with Amazon, Google and Oracle clouds. You might be leaving some value on the table if you don’t at least explore how some of these cloud platform solutions might fit into your overall architecture strategy.

For instance, turnkey solutions built on top of some of these cloud compute platforms offer complete stacks with many features built in. Services such as CA Technologies’ 3Tera, for instance, that reuse the Amazon EC2 cloud add on capabilities for distributed applications and optimizations for transactional and I/O intensive workloads. Cloudera is another source for full stacks of integrated cloud services.

Solutions such as these are designed to eliminate tight coupling between hardware and software, which allows you to more easily change your cloud application compositions and the business processes built from them.

·         Are you benefiting from built-in security and availability capabilities?

These latest cloud platforms offer up-to-date firewalls, load balancers and other required network technology to support high-availability and uptime (even in the face of denial-of-service attacks). In addition to your application logic components, ensuring redundancy at all layers (including the network and storage services) reduces the risk of downtime in your cloud-based architecture. So, using such platforms means that your services will inherit security, reliability and monitoring at a much lower price point than doing it yourself.

But while cloud platform solutions typically offer the monitoring, self-healing and dynamic network optimizations required to improve security and reliability, it’s also important to review whether the architecture takes advantage of physical isolation, IP address enforcement and data isolation. Pure virtualization-based solutions simply can’t, or just don’t, offer all of these required security features. Consider whether a cloud platform offers the right balance between virtualization and physical isolation – just as you would for your in-house architecture.

·         Can you create dynamic business processes?

Cloud services such as CA Technologies’ 3Tera’s AppLogic allow you to break your processes down into individual logic and data units that can be more easily deployed to the cloud, and then quickly be recomposed and scaled to handle even your most complex applications.

This removes issues involved with managing these compositions yourself, such as the business disruptions that are often experienced when reconfiguring and deploying software on your own hardware. The disruptions you experience in-house are often replicated in the ether when entire apps or services are tossed over to the cloud without regard to reuse considerations.

Most important, by removing the configurations otherwise required, these cloud platforms enable you to more quickly deploy and test new services for your enterprise or your customers. The result is a more nimble and reliable IT organization, with direct benefits in terms of cost savings and customer satisfaction.

·         How easily is testing accomplished?

Using cloud management interfaces with GUIs that enforce predefined business process workflows, and well-defined application program interfaces (APIs) such as the Federated Web Service API and other WS (Web Services) standards from bodies such as OASIS, results in much easier testing of composite cloud applications. Providing these interfaces within your organization, and among other vendors, eliminates disruption to your applications due to unexpected changes. These interfaces ensure that only tested and proven cloud components are assembled, with proper data sets and formats, such as JavaScript Object Notation (JSON), into new composite applications that inherit the quality of their constituent services.

Beyond quality assurance, cloud testing platforms such as SOASTA [soasta.com] offer transparency about the capacity of your cloud services and composite applications. Knowing — through proven testing practices — that your application can meet the demands of your users, even with unexpected spikes and surges in activity, offers the level of confidence required for your mission-critical applications.

·         Are you staying in touch with industry efforts?

As a final note, the Stevens Institute of Technology, located in Hoboken, N.J., has started the Cloud Computing Consortium to work on collaboration and standardization across cloud providers and vendors across the industry. The consortium focuses on typical enterprise architecture issues, such as change management, security and other business value propositions with cloud platforms and road maps.

The consortium and its members aim to improve the quality, interoperability and value of the cloud through sharing best practices, defining standards and helping industry leaders collaborate.

What better way to ensure that your cloud strategy is on track than to collaborate with your peers and understand what’s working for them?