Written by Stephanie Stahl, TechWeb

When it comes to plotting a cloud strategy, CIOs should stop thinking about labels and start looking for configurations that best fit their applications, says analyst Alistair Croll, founder of and principal analyst at BitCurrent and the content chair for Cloud Connect, the industry's largest cloud computing event. Read his interview with TechWeb and get his advice on how CIOs should approach cloud computing and what they should be afraid of.

  Alistair Croll, founder and principal analyst, BitCurrent

Q: It seems 2012 will be the year of the hybrid cloud. What are the benefits of a hybrid cloud environment?

A: I actually don't believe in this "hybrid cloud" idea. It's like saying you're half pregnant. Cloud computing covers a range of architectures, both on-premise and public, both IaaS and PaaS. Better to say, "I have a variety of children, with different temperaments, talents, and convictions, and I love them all equally."

I do think that in 2012 we'll see more adoption of multiple cloud configurations, in a form-fits-function kind of way, rather than just saying, "I have a hybrid cloud." Companies will have some apps running locally, and some running on demand, and they will connect the two through well-defined service interfaces.

The myth of "cloudbursting" -- suddenly moving compute to on-demand resources -- is pure fiction. Data, as Dave McCrory says, has its own gravity. It's hard to move. So what we'll see in 2012 is a better understanding of what lives where, and an effort to unify the management and governance of that tapestry of applications.

Q: How should CIOs determine what stays on the Private Cloud and what goes to the Public Cloud?

A: I like to talk about three "C"s of clouds: capacity, cost, and compliance. These are good guidelines for what lives where.

Capacity is about having enough compute power to deliver the application with the service characteristics needed. If your order entry app needs a two second response time, but you can only offer it in five seconds, you don't have enough capacity. One of the rules of clouds is to "own the base and rent the spike" -- so variable-load, seasonal apps are better candidates for running on a public platform. If you're looking for turnkey Big Data tools, a cloud provider is also a good option, since you can just use a service and pay for what you consume, while getting Internet-scale scale out and predictable performance.

Cost is about where it's most cost-effective to run the application. This may be a simple pricing discussion, but it's important to look at true total costs, including things like internal IT employee salaries, or network charges needed to access a public cloud.

Compliance is about following the letter of the law (HIPPA, PCI, and so on.) Note that for many businesses, using a public platform may actually be more compliant than doing it on-premise. It's much easier to use PayPal than to set up your own PCI-compliant payment system, for example. Compliance is also about the degree of risk you can tolerate, and how you hedge against it, which is a discussion CIOs need to have with their CFO and chief counsel.

Every business is different, but those three "C"s are a good start.

Q: How should CIOs decide what applications to move first and where?

There are really two dimensions to the business case for migration: suitability and benefit.

An application or business process is suitable for migration to a public environment if it can be moved to virtual infrastructure, or easily ported to a PaaS environment. Many legacy apps need a particular network topology, or middleware, or a mainframe, and simply can't move.

An application is beneficial to move if it has cost, capacity, or compliance advantages to the company. If it's cheaper, will result in faster delivery, or provides something that simply can't be done in-house (like redundant disaster recovery, for example) then there's a business case for it.

CIOs need to rank their application inventory according to cloud suitability and cloud benefit, and then move the things that are both suitable and beneficial first.

Q: What should CIOs be afraid of?

The unfair advantages of a business launched in the cloud age, with no baggage.

Here's a concrete example. I'm an analyst and author, self-employed. Every piece of my data is backed up on three machines locally (two Macs and a PC) as well as periodic journaled backups (Time Machine), some of which are stored offsite. This is all synchronized and version controlled to 100GB of remote storage (Dropbox) and I can go back forever in my online content. I can also access it all via a web interface from any machine. My mean time to recover my business from catastrophic failure is roughly 1 hour, including the time it takes to buy a new notebook, assuming a reasonably fast broadband connection.

I pay around $200 a year for that, including subscription and media. I don't know any big, legacy companies that can even come close to that. CIOs should be furious that their hands are tied, and that as a result, upstarts and new entrants have tremendous competitive advantages. But instead, I often hear them using those obstacles as excuses

Q:How should customers think of Hybrid Cloud as they plan for the next 2 to 3 years of IT?

A: They should stop calling it hybrid cloud, for starters. Instead of having only a hammer, they now have a whole toolbox. They need a much more nuanced view of IT as a means to business enablement, using this broad range of new approaches. They need to ask, "If this was a brand new company, what would I do differently?"

What's really going on is the end of the monopoly enterprise IT has had on technology for the last thirty years, and think about how to become competitive while embracing the right tool for the job.