The concept of cloud brokerage is interesting. First if you ask any CSP (cloud service provider) they will tell you right away that the extra layer provided by a broker is simply applied cost.
Why is that?
First off the CSP is now abstracted from their customer. They no longer directly influence the customer, the surely can and will, but they in the end have less control. The broker would provide the connection to the CSP and that concerns the CSP community. So they say “brokers just add cost.”
In my Safegov.org blog post roughly 3 months ago I talked about the concept of the Cloud Broker as the new organizational DMZ. Where the broker replaces the expensive hardware and solutions with a DMZ function. If we go forward assuming that is the cast (Broker = DMZ) I wonder how much additional pressure that would generate in the CSP market .
Which brings me to the purpose of this blog – the what of cloud broker.
- Brokers will provide DMZ services including application management, hosting and external security for organizations that connect to the broker.
- Brokers will provide multi-tiered connectivity and connectivity security to reduce the APT exposure of organizations that will be connected to the broker.
- Brokers will span multiple CSP’s in an automated fashion.
I believe as does Gartner and others that in fact broker is inevitable. The market may shift a little, in that large providers won’t move into the broker space due to COI issues (conflict of interest). I also believe that the brokers will provide in depth security that will allow organizations to focus more on their core missions rather than trying to be a clothing manufacturer and a security company at the same time. I also do not think that market is to far in the future. I suspect if you take a big picture broker will be here much sooner than we expect.
.doc
Scott Andersen
IASA Fellow
