So what does this do to the vision of IT infrastructure, investment and day-to-day management? In this article, our CTO Larik-Jan looks at the different aspects of Cloud: the management, but also the risks in consuming it.
Popularity of Cloud services
Access to applications is taken for granted by users. Every consumer has a smartphone full of applications that can be installed and used with just a few flicks of the finger. In business use, people expect to use these business applications with the same ease. However, a few things differ here: applications contain corporate data that needs to be protected, so in addition to accessibility, security plays a hugely important role. Also, there are many applications that are part of companies' core services, but are not “ Cloudborn”, i.e. those applications cannot easily be accessed in the same way as applications linked to a Software as a Service proposition. As a result, many companies are tied to legacy enterprise software and their management is also linked to having their own IT infrastructure.
Yet we see a lot of adoption of business Cloud services, Microsoft 365 being the most famous example. Productivity solutions that we have known for years from Microsoft Office are being made available through Microsoft Cloud and massively embraced. In Covid year 2020, we see that e.g. Microsoft Teams has grown from 20 million to 115 million users. Why? Because the ease of consumption: where a few years back Microsoft Office software was only licensable to install on a local device, it can now be used via a pay-per-use subscription model. So, no large investments are needed and it is easy to scale up and down according to the number of users in a monthly model: IT as a Service.
But what about those applications that cannot be purchased as a service from the Cloud? For these, Cloud can be a good solution, and with the attraction from the Microsoft Cloud, a clear trend towards the public Cloud is visible. The commercial, IT as a Service, model is basically appealing, but very often leads to discussion. Issues like daily management, ‘having’ the data, but also a simple comparison on cost is not easy to make, if you at least consider everything to the operation of Cloud IT.
But what is this Cloud now?
‘We have a Cloud-first strategy’ is a common quote within the management and boards of organisations. The choice of this kind of strategy is very often driven by cost. After all, large investments in hardware, hosting and software are no longer needed, making it a lot easier to balance the budget. This commercial argument is very clear, but what is less clear is the definition of ‘Cloud-first’ and then specifically the definition of ‘Cloud’? What would be better is to indicate that IT is purchased as a service model: pay according to usage and on demand availability. However, the subject of Cloud is often a discussion to be defined and fleshed out by the IT director or manager. What Cloud options are actually available? In this, we distinguish a number of types of Clouds, the core definitions being Private and Public Cloud.
Private Cloud
The Private Cloud is a Cloud that is not accessible to everyone. Access is generally not determined by a set of standard services that can be purchased on demand with a credit card, in fact, there is much more of a customised approach. You often see that the underlying technology is similar to that of the public Cloud, but the services are more often offered in customised solutions. Also, a Private Cloud is not necessarily accessed over the internet. At Fundaments, we offer this kind of - from the user's perspective - Private Cloud, where, in addition to standard infrastructure services, it is also possible to realise a customised Cloud via a pay-per-use model; very useful when those business-critical applications have specific hardware requirements, or there is a licensing model with certain game rules. Actually, the Private Cloud is characterised much more by ‘technical customisation’ and a ‘commercial model.’ As a result, there is a higher degree of customer intimacy . A feature with characteristics that we will highlight later in this article.
Public Cloud
The Public Cloud is much more characterised by public access over the internet. From the perspective of services, the public Cloud focuses on being able to purchase a service online - over the internet. This requires internet access. In addition, consuming according to use is the standard. Another standard is the set of services; these can be purchased and determined by the public Cloud provider. The best-known public Cloud providers are Amazon Webservices, Microsoft Azure and Google Cloud. There are also emerging parties such as Oracle Cloud, IBM Cloud, Alibaba and Tencent Cloud. All these public providers, in addition to taking services over the internet, are characterised as so-called hyperscalers: due to their scale and global coverage, these parties are ideally suited as solutions where applications and services have a huge variation in resources and location as a feature.
Hybrid & multi Cloud
In addition to the two main categories, there are combinations that can be made between Clouds. Hybrid variants consist of deploying a Cloud platform at different locations: think of a part of VMware Cloud at the business location coupled with a part at a Cloud provider like Fundaments.
But they can also be deployed from an enterprise location to a public Cloud, think of a VMware vSphere solution linked to a VMware on AWS solution. Typically, the technology used to manage the Cloud is kept the same and is independent of the Cloud infrastructure. This trend is very useful for being able to build bridges where e.g. traditional applications that cannot be hosted in the public Cloud can still make use of the public Cloud infrastructure. Looking to the future, this will be a temporary solution; the future will mainly lie in applying Multi-cloud: dividing the total application landscape across different Clouds. As a result, an application ‘lands’ in the best-suited Cloud and the focus is mainly on managing the different Clouds on costs, but certainly also on data security: both storage and exchange of that data.
Now that the ‘definition of the Cloud’ part has been discussed, each Cloud not only has a technical definition but also its own cost model. So, how to get a good comparison in that? When to make that choice right now to opt for a Cloudfirst strategy and once that choice is made, how do you compare the different Clouds available? So besides the why, comparing features and components of the Cloud platform is very important.
Why consider Cloud as an IT platform?
A lot of companies talk about costs when looking at the Cloud. Instead of large investments in proprietary - not scalable - IT systems, Cloud is mentioned as a solution in this regard. But is this the right argument? Partly, because moving an IT system from end IT infrastructure to a Cloud-based solution makes no difference to its usage. Moving that IT system does not create a transformation per se either. It is about a piece of flexibility obtained by using Cloud as a tool. For instance, what will a company's application landscape look like in five years' time? Hardly anyone can give a very concrete answer to that. And yet, investments in IT hardware are still made daily, based on current demand and an estimate of a slice of growth. This is not a very realistic estimate in the rapidly changing world of IT. So, Cloud is primarily deployed as flexibility of IT systems and therefore gives a basis to start doing things differently in the IT domain, to start thinking precisely about that digital transformation. For Managed Service Providers, this gives much more air to think about processes and systems that give improved satisfaction for the end customer; whether it's a chatrobot for frequently asked questions, as well as digital order processing or administrative insight, precisely by deploying Cloud as an IT platform, time and capacity is created to think about these transformations.
Ok, but how should we get started with this digital transformation?
That is a very good question. It also requires support from inside an organisation to want to do things differently. So, it is about processes and interaction with the end customer: where does an organisation want to deploy to improve things? If we take a general example like customer satisfaction, systems are often needed that provide customer information. This in turn requires a piece of unlocking internal information. It therefore involves IT systems with a certain availability, a piece of data exchange over networks, a continuity issue and often also a piece of data protection, both in terms of access, but also very often in terms of locations (where is my (customer) data?). These are very generic issues, which lead to choices in the use of IT and consequently also define parts of the use of Cloud. So what can we specifically name there?
The most common comparison is cost; and often the cost on basic IT: i.e. computing power, storage and connections. But very often there are many more components at play that on one hand are not taken into account in costs, and on the other hand are not highlighted in the ‘awareness’ of Cloud usage. Some examples:
- Back-ups: very commonly used, often untested. How often is it that a backup is made, but very rarely tested? After all, you only have a backup for one thing: to be able to retrieve data in case the primary process fails. So testing is important, but also very topical: is a backup in the right place if, for instance, there is an outage due to a cyber-attack? It won't be the first time that with a cryptolocker attack, the backup is also taken, as it was on the same network.
- Disaster Recovery: Backup and restore are important, but how long should outages actually last? With the huge data we are all generating, we are also seeing huge backup demand. Backups are getting bigger, but with that, recovery also takes longer. Just for those cases where time really matters, there should be a continuity plan in place. Disaster recovery services provide that.
- Protection of access: it is precisely to protect Cloud data that the utmost measures must be taken: access over the internet should be kept to a minimum, good firewalls that not only block access but also monitor who is requesting access and respond interactively are needed. Furthermore, Internet-enabled services also need extra protection; attacks such as (D)DoS attacks are the order of the day; so ensure protection therein.
- Data protection: how is the data protected? Besides redundant storage and the use of encryption, the application and the operating system that the application runs on are also very important. Understanding those environments and being able to act on weaknesses in applications and the operating system are key.
As you can see, there are a lot of things to consider when comparing your IT landscape. The things mentioned are mostly factual: technical components and features that, in conjunction, make up the platform with the application for the end user. A very important issue in this is still the contact question in case of problems: who is called when there is a problem on the platform? How quickly can they respond and what guarantees of solutions are offered? In short, what about support for a service? Ultimately, a Cloud-based service stands or falls on the resolution time of outages. And very often, being able to call a fixed contact person is then very convenient: after all, wasn't that how it was before? When problems arose, IT support was called and a problem had to be solved.
Comparing Clouds with existing IT is a complex issue, but certainly worth considering if there is a will within an organisation to go through a digital transformation. A good partner in this is crucial. Fundaments, with its rich experience in both technology and supporting ISV customers with their platform, is an excellent partner to start a digital transformation journey.
