Meaningful cloud computing standards are crucial to improve the maturity of cloud-based services and bring increased flexibility, security and interoperability, but too many competing standards could wreak damage, warned the Cloud Industry Forum’s independent certification partner, the APM Group.
As cloud uptake gathers pace among users, industry bodies and consumers have expressed anguish over the lack of relevant cloud standards and interoperability hindering cloud adoption.
Cloud standards and interoperability would allow IT to move applications and workloads between private and public clouds and from one public cloud to another. It would enable enterprises to select a combination of cloud technologies and avoid vendor lock-in.
But some experts said that any relevant standard around cloud interoperability and portability is "years away”.
“The market is clearly in need of regulation and standardisation,” said Richard Pharro, chief executive of the certification organisation, APM Group.
“It’s arguably a lack of common standards governing security, reliability and data sovereignty that has led a large proportion of organisations to delay their move to the cloud.”
While cloud standards exist, there is no single industry-wide standard for users to rely upon. Current cloud computing standards organisations include The Green Grid, Cloud Security Alliance, the Institute of Electrical and Electronics Engineers (IEEE) Standards Association, and the National Institute of Standards and Technology.
The cloud standards industry now boasts around 20 competing standards. Most are valuable and relevant – but only in part – and consolidation would be beneficial to the industry, according to Pharro.
Cloud accreditation is in danger of becoming a term as nebulous as “cloud” itself, especially given the proliferation of different standards bodies to choose from, he warned.
“Standards typically run two to three years behind innovation so when better standards come along, developers have a duty to retire their own standards or at least seek to find some convergence with similar standards. Failure to do so dilutes the overall impact of standardisation itself, making for a fractious and complicated marketplace,” Pharro said.
“In a crowded market place, with multiple competing cloud standards, how is an end user, or indeed a Cloud Service Provider (CSP), to discriminate which standards are worth pursuing and which are not?” he said.
According to APM Group, until universally adopted standards exist, CSPs should focus on commercial transparency, operational best-practice and the adoption of common terminology to ensure user confidence.
A CIF research showed that a vast majority of cloud customers (78%) would prefer to work with a CSP that is certified against a relevant Code of Practice as cloud awareness among users increase.
“Ultimately users are looking for confidence and reassurance that their data will be secure in the cloud, and that their chosen supplier is trustworthy and capable of supporting their business needs,” Pharro said.
