More than 85 per cent of upcoming applications will be built for the Cloud, but relatively few are optimised for performance, elasticity, resiliency and security, according to HP vice president and IT management evangelist, Paul Muller.
Many people “expect that failure of a utility-like service” such as the Cloud “is a once-in-a-lifetime occurance,” says Muller. However, Cloud services depend on a number of elements to work, including electricity, water and telephony networks. “If you think about it that way, it’s actually the sum of all the probabilities of failure underneath that impact the Cloud.”
An "unwary CIO" may assume that a Cloud network or provider “will always perform flawlessly and as a result neglect potential problems," Muller says. Such failure could result in a “material impact on their brand” and liability to customers and investors.
Muller offered five tips to optimise applications for the Cloud:
- Test performance
It’s tough to predict and diagnose performance degradation issues, says Muller. “Putting in place a regime of performance and scalability testing ahead of time is absolutely critical.” Test different scenarios and settings, keep track of that information and then “provide those optics to your operational team” so they can detect early warnings of performance problems.
- Efficient apps save money
The limitless and pay-as-you-go nature of the Cloud can mean that enterprises are blindsided by costs that “substantially outweigh planned expenses,” Muller says. “You can consume as much as you want to” on the Cloud, but also “more than you expect”.
To minimise costs, enterprises should make applications run as efficiently as possible, Muller says. Put the app “through its paces” with testing and redesign it until its consuming as little data as possible, he says. Reducing or compressing the amount of data sent and releasing resources when they’re no longer required are a few techniques to cut costs.
- Break the application
“The resilience of a service is something that we always need to be thinking about,” because a failure can severely damage a brand, Muller says. “Deliberately breaking the application” is a good way “to understand how or when it will fail when you pull critical pieces out”.
Follow that by writing a backup plan that lets the enterprise continue business with customers during an outage, at least in a minimal way, he says. That could be as basic as a message on the website providing a list of phone numbers for customers to call.
- Protect the app
“Everybody focuses on the core perimeter security,” but HP’s research showed that 60 per cent of security attacks “are directed at the application, not the infrastructure,” Muller says. That’s because “the application is where the data is,” he says.
To defend against attacks, it’s important to “check the source code as it’s being written to ensure that the known patterns of attack have been identified and flagged to your developers, who usually aren’t as devious as the crooks.” Next, strenuously test the app for vulnerabilities and monitor for anomalous behaviours.
Teams for security, application development, operations, planning and testing must work together “with shared information, shared telemetry [and] a single version of the truth,” Muller says. They should be able to “collaborate iteratively [and] rapidly between development and test cycles.”
Follow Adam Bender on Twitter: @WatchAdam