User:Shawndouglas/sandbox/sublevel45
The cloud is about how you do computing, not where you do computing.
- Paul Maritz, former CEO of VMware
This quote from Paul Maritz has been floating around for some time, but how relevant is it today? The first chapter of this guide examined what cloud computing actually is and how it has changed since the mid-2000s. We've gone from talking about how to implement web services at the turn of the century to advanced cloud services that are going "hybrid" or "serverless." Despite the massive shift in thinking, however, one aspect has always remained the same: you have to have internet access to use services provided on the web. In that sense, the "where" of the performed computing is important. In another sense, "where" matters, as we discovered in the second chapter on cloud standards, regulations, and security. Where the data is created and where it resides are important considerations for regulatory purposes, as are the methods used to secure the cloud, and who holds responsibility for them. "Where" is also a consideration when asking about your data in the cloud. Its location is relevant to not only risk assessments and risk management practices—as described in the third chapter—but also to where you do your work: the laboratory. In the fourth chapter we discussed how a laboratory and its unique workflows, industries services, and affecting regulations shape decisions on cloud projects, while also addressing the benefits and drawbacks. In the fifth, we explained the concept of managed security services, which further abstracted the “how” and “where” of computing via the third party, who manages the security of your cloud and on-premises solutions remotely! And in the sixth chapter, we distilled much of the previous chapters down into how a laboratory chooses and implements one or more cloud solutions. Even there, "where" comes into play, as you ask the cloud service provider where their servers are located and where your data will be stored, while you ask yourself "where" you envision your lab with cloud computing solutions in the future.
When considering all this, however, Maritz was only partially off. There are many "wheres" to choosing and implementing a cloud-based service for your laboratory, including where you do your computing from, and even where your security is managed from. But cloud computing is certainly more about “how” you do computing in your laboratory. Cloud computing has proven to be at least a partially disruptive force over the years, changing organizations' IT departments, security planning, budgeting, and many other aspects, often for the better, though with its own complications. Laboratories can now host laboratory information management systems (LIMS) and electronic laboratory notebooks (ELNs) in the cloud and use infrastructure as a service (IaaS) to host serverless code that triggers when a cloud-connected instrument takes a reading and uploads the data. Laboratory users can now pull up information about not only automated lab procedures but also the security status of the equipment managing those procedures using a tablet while parked in the grocery store parking lot. Environmental sensors in Alaska can send data to a software as a service (SaaS) application hosted in Europe for processing, and then be accessed by an authorized user in Australia. Yes, the where of it all is related, but ultimately how the laboratory computes has now been changed with cloud computing.
That doesn't mean there are fewer considerations and complications with a shift to the cloud. The laboratory should approach any migration to or addition of cloud services with assertive yet balanced project planning that takes into account organizational goals, management buy-in, necessary stakeholders, scope and responsibility, existing IT and data structures, risk management and regulatory considerations, budgeting and IT requirements, provider vetting, training, maintenance, and security monitoring. Vetting providers and their services can be particularly time-consuming, but it remains a critical component of any cloud-based move in your lab. Given all these complications, laboratories shouldn't be afraid to seek additional help from knowledgeable consultants and managed security service providers with experience implementing and securing cloud in laboratories, particularly when in-house expertise is lacking.
Hopefully this guide has been a boon to understanding cloud computing and all the considerations that come with it. Laboratories have much to consider when moving to or adding to their position in the cloud. The fact that you've made it through this document is a strong testament to your desire to ensure the success of a cloud project for your lab going forward. Good fortunes to you and your organization going forward.