Site icon IT World Canada

The cloud service broker – a necessary role?

There seems to be growing interest in cloud service brokers (CSBs) and their role in the cloud computing ecosystem. For example, the Canadian Federal Government’s recent cloud strategy positions Shared Services Canada as the internal GC Cloud Broker.

What is a cloud service broker and is having one important for the Enterprise IT organization?

Definition of a CSB

ISO/IEC 17789-2014 (Information technology — Cloud computing — Reference architecture) defines the Cloud Service Broker in the following way:

“The cloud service broker is a sub-role of cloud service partner that negotiates relationships between cloud service customers and cloud service providers. The cloud service broker is not itself a cloud service provider and should not be confused with the role of inter-cloud provider (see clause 8.3.1.6). The cloud service broker role could be combined with or operate independently of the role of inter-cloud provider.

The cloud computing activities of a cloud service broker include:

The marketplace assessment can happen prior to customer acquisition, creating pre-agreements with cloud service providers and this can enable cloud service customers to select cloud service providers from a service catalogue, possibly negotiating service details (e.g., service level objectives) at selection time.

In either case, the cloud service broker only acts during the contracting phase of the service, between the cloud service customer and cloud service provider. The cloud service broker is not involved during the consumption of the service. In such cases, the activities involve cloud service provider’s activities.”

NIST SP500-292 (Cloud Computing Reference Architecture), published in September 2011, defines the cloud broker this way:

“As cloud computing evolves, the integration of cloud services can be too complex for cloud consumers to manage. A cloud consumer may request cloud services from a cloud broker, instead of contacting a cloud provider directly. A cloud broker is an entity that manages the use, performance and delivery of cloud services and negotiates relationships between cloud providers and cloud consumers. In general, a cloud broker can provide services in three categories [9]:

Finally, Gartner also has a definition for cloud services brokerage:

“Cloud services brokerage (CSB) is an IT role and business model in which a company or other entity adds value to one or more (public or private) cloud services on behalf of one or more consumers of that service via three primary roles including aggregation, integration and customization brokerage. A CSB enabler provides technology to implement CSB, and a CSB provider offers combined technology, people and methodologies to implement and manage CSB-related projects.”

Gartner first provided its guidance on cloud service brokerages in 2009 (which was quite early days for cloud computing) when they stated there were three types of cloud broker business (basically this was later adopted by the NIST):

Apparently, there is not yet any consensus or best practices for the roles and responsibilities of a CSB!

Organizational placement

The CSB can report into three different organizations:

The cloud broker role could also be distributed, with each group providing selected functions. This could be called a virtual CSB.

For example, a third-party Cloud Access Security Broker (CASB) may offer specialty services that could be combined with in-house cloud administration services, as is defined by Gartner:

“Cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on.”

The optimal placement of the CSB will depend on what functions are being provided and what is offered by suppliers. For example, the ISO definition positions the CSB as a partner that performs functions that would not be available from a cloud service provider.

Cloud brokerage services

So, what should a cloud service broker do?

Unfortunately, there’s no definitive standard (yet) so the answer is – it depends! Several factors need to be considered. For example:

There are potentially many other “value-added” support services.

The CSB services may vary by cloud service category as well. For example, a physical network exchange point, such as provided by Equinix, could be called a “Layer 1 broker.” An infrastructure broker might include diversification across multiple IaaS providers (such as AWS, Azure and Google Cloud). An application broker could integrate SaaS services from different providers.

Is having a CSB essential to cloud success?

Enterprise architects and operations managers must determine whether a CSB is a required organizational unit or whether is a service to be acquired from providers, or whether it is a combination of both.

IT executives must also determine what tools and processes are needed and how much can be automated – it’s easy to imagine a CSB maturity model.

Are you planning or have you implemented a CSB in your environment? If so, how did you justified it, and have the benefits proven to be true?

This is what I think. You may have “alternative facts.”

Exit mobile version