How can Cloud Computing benefit my business?
It is hard to imagine a company today that works without email, internet access, website or the possibility to access data externally, already forming a kind of hybrid cloud setup. Assume a company with an on premise data-center where business-critical custom built software as well as standard applications like office, Intranet, email, phone etc. are hosted locally together with custom built software. The ERP might be hosted in an external datacenter, so is the corporate website.
A helpful analogy for the kind of decision you are about to make could be owning a car versus public transport by train. A car (like your on-premise data-center) you will have to buy, pay for maintenance and energy consumption and repurchase at the end of the lifecycle. You are responsible to keep it operating and will invest time just to keep the system running. Therefore you have full control over it and can get almost anywhere anytime with a defined and limited maximum load.
It's obvious that with a train-ticket you are loosing control as the train will follow a predefined schedule and only stop in stations. However you will only pay for your usage. The resource as well as the payload is infinite. No time or money spent on planning, lifecycle management, maintenance and repair as they are managed by a third party.
Optimization of your IT-structure will aim to combine the strengths of both technologies. Keep in mind that cloud computing is permanently evolving. Use-cases where on-premise-IT is the better option will continually thin out as cloud computing further matures.
So what are the sweet spots in cloud computing?
Flexibility - The virtual nature of a cloud computing lets you adjust capacity to your demand on a continuous basis. You require more DB-server? You get them. You do not need 50% of your storage? You release it. You can adopt your infrastructure to the learning curve of your projects and level out surpluses or shortages of resources on demand. Even migration of a data center to another provider is rather a matter of days than months.
Speed / Agility - The flexibility of cloud environments simplifies changes in your IT infrastructure by reducing complexity and dependencies, therefore saving uncounted days of internal staff or consultant work. Generating capacity for a load test, providing a new environment for a particular customer test or preventing your developers from wasting time to wait for changes of firewall rules can sum up to 5-15% of your development budget. Using independent cloud infrastructures will reduce complexity and dependencies and therefore save uncounted days of internal staff or consultant work.
Scalability - Assume a use case where additional processing capacity is required for a few hours per day, e.g. running a web shop between 17:00 and 21:00 on 5 additional instances (standard server). In a cloud environment, these machines could be started and shut down automatically, generating costs only in the hours they are running.
Cost - With cloud computing there is infinite computing power at your disposal while you are only paying per use, reducing complexity and gaining extra flexibility and speed. There are studies on the effect of cloud computing on ICT costs (information and communication technology). A recent KPMG study states that with adoption of cloud services across 75% of relevant ITC spending, savings of 25% in opex and 50% in capex from the overall ICT spending were realistic. While this is great news for established companies, new companies are enabled to use state of the art technology with almost no capex at volume-based rates that by definition adjust to the level of business activity avoiding financial risks caused by upfront investments.
Which challenges to tackle when moving to cloud computing
cloud computing clearly offers multiple benefits, but it is essential to have a clear understanding of the dependencies and impact, cloud specifics may have on the particular use case.
There have been scary reports heating up an often emotional debate on security "on the internet" in the past, and indeed security remains a top concern that needs managing. Taking a closer look you find that the risks that have to be managed are basically the same in a cloud environment than in a classical on-premise environment. What are the typical risks and how could a cloud environment manage them?
- The service is not available.
- The service is available, but not reachable.
- Data is lost.
- Data is corrupted.
- Data is leaked.
Let's take a look at the cloud specific differences:
The service is not available - The virtual character of the cloud-based datacenter bears the chance to migrate a Virtual Machine to another hardware before disaster occurs. This includes an almost high availability approach for cloud based resources.
The service is available, but not reachable - Cloud datacenter – starting from Tier 3 – have at least two independent internet connections with multiple different carriers. For a cloud provider, connectivity is an existential component of its core business and motivating the effort to ensure reliable access.
Data is lost - Cloud storage is typically provided on highly redundant devices as this is the usual way to provide fast access to many tenants. As long as you do not use local storage, data loss due to hardware failure is a very unlikely event.
Data is corrupted - Two reasons for corruption are: Corruption due to application failure and due to third party influence. While application failure is not in the scope of an IaaS provider, he has an essential interest, that the service is secure. A hacked datacenter will ruin the credibility of a cloud service provider immediately, so he might pay even more attention to that topic than the management of your local datacenter.
Data is leaked - Security by obscurity might not be a valid strategy but it is a cloud specific feature which adds to the overall security. Service provider admins neither know about the contents they manage, nor exactly which clients are hosted where. Therefore it will be much more of a problem for an attacker to perform social engineering attacks. Also there is less chance of unattended copies or backups as physical access to the machines is not even possible for your own operators anymore. If you trust in the quality of certificates and network devices – which are required to create sustainable and secure connectivity across the internet – there is a high chance that attacks will be more successful against a private datacenter than against an anonymous cloud service. As hardware and network protection are key service capabilities for cloud providers, it is likely they are providing a modern and secure network.
All in all, the degree of actual security depends on the efforts. Here, the economies of scale also enable a cloud provider to achieve a higher level of security with lower costs per unit than a small-scale data center or IT hosting. Therefore, the often cited notion of insecure cloud resources versus secure on-premise IT is not true per se, but depends on the specific facts of each case.
Comparing the computing costs of cloud-based infrastructure-as-a-service solutions to hardware on premise solutions, the cloud seems like a better deal. The reason is that cloud providers benefit from the fact that hardware resources are usually not exploit to their full extent. Server systems run idle around 70% of their time. Assuming this as a common scenario, you are able to run three virtual servers on one physical server and still have reserves. Cloud providers make use of this circumstance and sell every hardware resource (e.g. a CPU core) several times as a virtual resource, called "over-provisioning". Let's take a closer look at this central element of a cloud provider’s business case: