Developers have always had a need to quickly deploy short-lived virtual machines, and when an IT department can't meet those demands, it might be time to think about other options. With the variety of Infrastructure as a Service options available today, developers can get what they need, but many IT departments are fearful of using an IaaS provider. But is IaaS a real threat to enterprise IT?
What Infrastructure as a Service offers
More resources on IaaS
Demystifying Infrastructure as a Service
Common IaaS security concerns
Implementing budget-friendly IaaS
IaaS purchasers are part of the IT world. They are usually the same people buying PCs and software. Turning to an IaaS provider is just another IT decision: a choice of whether to buy computer hardware or use someone else's hardware. IaaS-based virtual machines (VMs) need just as much maintenance and monitoring as VMs running in-house.
IaaS providers deliver the infrastructure, the VM and some basic underlying networking. A developer needing a low-cost VM sooner than the IT department can deliver it could benefit from IaaS. Without IaaS, this developer would need a second PC under his desk or would need to run VMs on VMware Workstation or VirtualBox.
Test and development environments generally live a brief life and don't require the level of availability that production environments demand. As such, IT departments need to offer a lower level of service without the cost of shared storage and with a strictly controlled VM lifetime. Most IaaS providers offer this level of service, which satisfies the needs of many developers.
Merging IaaS and enterprise IT strategy
If you plan to keep any VM for longer than test and development, and especially if you plan to use it for production workloads, then it will need maintenance. The OS may be fully patched upon deployment, but the IaaS provider cannot deploy new patches into existing VMs without support from the enterprise IT client. The client also needs to perform backups and antivirus protection, as well as compliance and security work to outfit the VM to host a production system. This holds true for both IaaS cloud VMs and those within the enterprise firewall. Implementing IaaS for production workloads still requires an IT team to ensure the environment meets requirements.
Software as a Service (SaaS) is another matter entirely. With SaaS, the business is choosing to use an application hosted by a vendor or service provider and made available to customers over a network. This, unlike IaaS, removes some IT functions from the equation. It is SaaS providers, rather than the IaaS provider, that embody the threat to enterprise IT today. The SaaS provider delivers patching, updating, backup and availability services that would have otherwise been delivered by IT in an in-house or IaaS model.
Enterprise IT departments need to embrace IaaS, either by offering those services themselves or by brokering the vendor services. IT should facilitate, not impede, the developer's work, or risk management turning to SaaS. Offering or sanctioning the level of service developers want will prevent unpleasant surprises.