Lately I’ve been embroiled in a series of debates between colleagues on the topic of Cloud computing. These “active” discussions revolve around a few themes; is cloud new or just timeshare rebranded, is there a market for I.T. professionals after cloud, the security red herring, everyone is going to the cloud, and finally implications to businesses
First off Cloud has been partitioned into multiple capability models. Recently a Microsoft Cloud Evangelist provided a MS taxonomy of the market which included Hosting, IaaS, PaaS, and SaaS. This continuum is based upon the balance of maintenance and operational responsibility the customer must take on.
- At the hosting level a customer offloads the ownership and maintenance of the physical hardware. The vendor provides assurances that the hardware will be available for use; customers are responsible for the operating systems, servers, applications, etc. So basically the hardware costs more from assets (CAPX) to operational expenses (OPEX).
- IaaS takes responsibility to the next level having vendors provide the infrastructure for a customer. This removes the next layer of expenses from the customer’s capital expense side of the balance sheet and maintenance costs to operational expense (OPEX again).
- PaaS raises the bar of “capabilities” a vendor provides to a customer to a higher level, where an environment to develop and support applications systems that customers use to perform line of business activities. Again changing capital investments and maintenance costs to operational expense. This does come as a trade-off; AZURE as an example has multiple types of limitations as to what an organization can or the approaches used to develop. If the systems needed to be developed or to be migrated fit within this profile a PaaS model could provide beneficial to a corporation as these expenses could expand and contract in alignment to business operations.
- SaaS raises the bar still one more time by providing customers business systems that support line of business and business functions as a service. Examples of this have been around for a while such as Payroll and more recently Customer Relationship Management (CRM). This model removes the application maintenance responsibilities from the customer at the expense of customization and flexibility. A customer conforms to the application as opposed to the application conforming the customer’s way of doing business. The iceberg underneath this model is a customer is standardizing functions within its value chain. This could remove its competitive advantage by using a commoditized capability. If a customer doesn’t have a competitive advantage with those functions or does not see them as providing such, this model may be of value.
These services models promise benefits to the savvy CIO and Enterprise Architects should be looking at these as alternatives to on premise solutions. However, these need to be evaluated in balance with other enterprise concerns of security, flexibility, and risk. While the cloud I would profess has no more significant acess risk than today’s on premise solutions, you are placing YOUR data and information in the hands of another organization.
There are stories and reports of concern about Google reading everyone’s email for marketing purposes, as well as other provider’s usage of your intellectual assets. This topic should not be address lightly given there is no Fiduciary-like responsibility or standard these vendors are contractually or legally bound to. These service agreements are not much more than extensions to software EULAs. We all know how well those work for customers and it is the wise customer that investigates their purchase before the signature is made.
This would suggest that customers take an active part in owning their information as an asset, which infers the need for content strategy and information management competency will be a core capability all organizations will need to develop and explicity act upon at the executive level.