5 Critical Cloud Components

While I’m not sure any core application could be sourced externally without segmentation — which defeats the purpose of cloud computing — there are a number of variables that insurers need to contemplate in the design of an internal cloud or for the use of external clouds. The internal or external cloud must possess the following components in order to function as desired:

1. Availability. The internal or external cloud must achieve a Data Center Tier 4 availability rating as specified by either the Uptime Institute or by TIA-942 standards.

2. Grid Computing. Clouds must possess automated workload distribution engines. Products such as Radware, Big Iron, IBM and Cisco must be dispersed throughout the data center in order to adequately manage physical layer distribution surges. These should optimize bandwidth, switching and routing.

3. Virtualization. Clouds must have Microsoft (Redmond, Wash.) Hyper-V, VMware (Palo Alto, Calif.) or Citrix (Ft. Lauderdale, Fla.) virtualization solutions. Insurers must contemplate paravirtualization or full virtualization in conjunction with the grid computing infrastructure in order to optimize server resources (blades/SAN) with the grid computing.

4. Provisos. Clouds must include hierarchical authority levels for creating and deleting services and applications, also known as provisioning and deprovisioning. This exists for the end users. Automated code promotion/demotion — along with branching, merging, tagging and base trunks — need to exist for developers.

5. Security. Insurers must make sure they know the answers to the following questions: Who owns the data? What will regulators say? What about discovery? How are credit card numbers, Social Security numbers and other sensitive data handled? Does the cloud comply with privacy laws? How does it handle Sarbanes-Oxley (SOX)? Ensure that you have documented answers on a federal, state and auditor level.