Author: Martin Dvorak

Translating Cloud Strategies into Actions: Cloud Context and Definitions

Poor decisions around the cloud and just simply moving legacy applications to the cloud with badly constructed migration plans and lack of clear objectives disappointed cloud enthusiasts in the first place. A new phenomenon showed up, whether on purpose or not, companies started with cloud repatriation projects by shifting away from the cloud and back to on premises infrastructure.

Having the first applications in the cloud and being affected by the uncertainty of the pandemic agenda, companies struggle with prioritization between pushing digitalization and predicting future business.

Cloud should be the correct destination for the correct workload at the correct time with the proper organization and ownership plan.

Cloud has a great potential and benefit impacts when implemented correctly and when security and privacy concerns are properly addressed. There is still a lack of regulations and standards which are not related to implementations but leave a risk when migrating to the cloud.

Cloud Context

Cloud computing is a style of computing where scalable and elastic IT related capabilities are provided “as a service” to customers using internet technologies. There are different opinions of what cloud really is and the same applies to strategy. We need to understand the different views of IT, Business and Dev Ops teams. Each of them have a different view and the objective is to bring business and IT together to agree on a comprehensive cloud strategy.

Cloud is a lot about technology, architecture and operations.

  • From a pure IT perspective, the advantage of using a cloud is for example the virtualization of data center infrastructures.
  • From a pure business perspective, the bridge to the cloud is with the packages used, i.e. SAP or Oracle in the cloud or cloud based CRM systems. It is about questions related to cloud adoption and data migration.
  • From a pure Dev Ops point of view, cloud is about architecture, infrastructure and data center strategy. Arising questions consist of which platforms to use, which vendor cloud solutions, i.e. Oracle Cloud, AWS, Microsoft Azure, Google, Alibaba, IBM or Tencent Cloud.

To put all three views in a neutral context we can say that cloud is about a scalable and elastic IT that provides capacities as a service using the internet.

The National Institute of Standards and Technology’s definition of cloud computing identifies five essential characteristics:

  1. On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
  2. Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
  3. Resource pooling. The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand.
  4. Rapid elasticity. Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear unlimited and can be appropriated in any quantity at any time.
  5. Measured service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service.

Cloud Definitions

What cloud has in common is that it is service based, scalable and elastic, shared, metered usage and based on internet technologies.

Cloud computing providers offer their “services” according to different models and depending on the requirements of the companies. Let’s look at the definitions and different deployment models from the National Institute of Standards and Technology’s and other sources.

Abbreviation and Name Definition, Advantages and Disadvantages Examples and Vendors
Cloud

 

compared to

 

Outsourcing

 

compared to

 

Managed Services

 Cloud Computing is storing and accessing data and executing programs using the internet on a cloud service provider’s infrastructure instead of a company’s own premises. As a basis for digitalization, cloud computing provides companies with IT infrastructure such as storage space, computing power or applications as a flexible service. Managing, processing and encryption of data is left in the control of a cloud service provider and offers the ability to operate real time data reporting and analytics. Generally used as needed, companies only pay for what they use and can scale up or down to respond to customer needs or business peaks.

 

We all use the “cloud” every day. Whether the old generation is posting on Facebook or the younger generation using TikTok for short form mobile videos, searching for something with Google, sending an email or backing up a document on an online storage device like OneDrive, listening Spotify, watching Netflix series – they all store data in the cloud.

 

The outsourcing of data and applications, or even of the entire enterprise IT to a virtual environment is called outsourcing.

 

If a company replaces parts of its IT with an offer from a provider, this is called managed services. Managed hosting, managed hardware support, and managed storage/backup will account for the biggest portions of managed service spend in 2020 according to Spiceworks.

 The cloud covers the entire spectrum of IT and includes Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS).

 

A company can use the managed services of a provider for data backup instead of performing the backup itself.
Private Cloud Private cloud is a cloud infrastructure set up and operated solely for a single organization or dedicated to a single business entity, whether managed internally or by a third party, hosted either internally or externally and is only accessible to dedicated groups of people.

As with other types of cloud computing environments, private cloud provides extended, virtualized computing resources via physical components stored on-premises or at a vendor’s datacenter, usually within the users firewall and traditionally run on premises.

 

The private cloud meets strict data protection requirements and regulations, and is therefore particularly suitable for sensitive data and highly regulated industries.

 

Undertaking a private cloud project requires significant engagement to virtualize the business environment, and requires the organization to reevaluate decisions about existing resources. It can improve business, but every step in the project raises security issues that must be addressed to prevent serious vulnerabilities. Self-run data centers are generally capital intensive. They have a significant physical footprint, requiring allocations of space, hardware, and environmental controls. These assets have to be refreshed periodically, resulting in additional capital expenditures. They have attracted criticism because users “still have to buy, build, and manage them” and thus do not benefit from less hands-on management, essentially lacking the economic model that makes cloud computing such an intriguing concept.

 

You may be running VMware or Hyper-V for a virtualized setup with limited physical boxes hosting many virtual servers. Since you control the connection, security, hardware, apps, and everything this is considered a private cloud. You also pay for everything upfront including cost of servers, licensing, and maintenance.

 The private cloud is set up in the company’s own data center or via a specialized provider – you maintain your own servers and infrastructure that hosts your applications and data.

 

Among the private cloud providers, VMware is the clear leader, with vSphere in the lead and vCloud Director in third place, separated by OpenStack.

 

Microsoft has a strong private cloud showing with System Center and Azure Stack, while CloudStack is a consistent presence and AWS Outposts – Amazon’s private cloud offering – is beginning to make its presence felt.
Public Cloud A cloud is called a “public cloud” when the services are rendered over a network that is open for public use. Public cloud services may be free. Technically there may be little or no difference between public and private cloud architecture, however, security consideration may be substantially different for services (applications, storage, and other resources) that are made available by a service provider for a public audience and when communication is effected over a non-trusted network.

 

The main differentiator between public and private clouds is that companies are not responsible for the management of the public cloud hosting solution. Public clouds have a strong security, however, the responsibility for data security is actually a shared one.

 

Your data is stored in the provider’s data center and the provider is responsible for the management and maintenance of the data center. This type of cloud environment is appealing to many companies because it reduces lead times in testing and deploying new products. However, the drawback is that many companies feel security could be lacking with a public cloud. Even though you do not control the security of a public cloud, all of your data remains separate from others and security breaches of public clouds are rare.

 

 Public cloud service providers like Amazon Web Services (AWS), IBM Cloud, Oracle, Microsoft, Google, and Alibaba own and operate the infrastructure at their data center and access is generally via the Internet. AWS, Oracle, Microsoft, and Google also offer direct connect services called “AWS Direct Connect”, “Oracle FastConnect”, “Azure ExpressRoute”, and “Cloud Interconnect” respectively, such connections require customers to purchase or lease a private connection to a peering point offered by the cloud provider.
Hybrid Cloud Hybrid cloud is a composition of a public cloud and a private environment, such as a private cloud or on-premises resources, that remain distinct entities but are bound together, offering the benefits of multiple deployment models. Hybrid cloud can also mean the ability to connect collocation, managed and/or dedicated services with cloud resources. Hybrid cloud service can be also seen as a cloud computing service that is composed of some combination of private, public and community cloud services, from different service providers. A hybrid cloud service crosses isolation and provider boundaries so that it cannot be simply put in one category of private, public, or community cloud service. It allows one to extend either the capacity or the capability of a cloud service, by aggregation, integration or customization with another cloud service.

 

Varied use cases for hybrid cloud composition exist. For example, an organization may store sensitive client data in house on a private cloud application, but interconnect that application to a business intelligence application provided on a public cloud as a software service. This example of hybrid cloud extends the capabilities of the enterprise to deliver a specific business service through the addition of externally available public cloud services.

 

Hybrid cloud adoption depends on a number of factors such as data security and compliance requirements, level of control needed over data, and the applications an organization uses.

 A hybrid model is where you also have some applications or servers based on business need running in a public cloud infrastructure like Microsoft Azure or Amazon Web Services. In this case you still may maintain your own datacenter for some legacy applications while moving other ones to the public cloud. In the public cloud you are still managing the virtual servers, connections, as well as the security. You are not managing the physical hardware. This is a pay as you go model meaning you are not paying upfront you are paying as you use resources.
Multi Cloud Multi cloud is the use of multiple cloud computing and storage services in a single heterogeneous architecture from multiple public cloud providers for the same purpose.  This also refers to the distribution of cloud assets, software, applications, etc. across several cloud-hosting environments. With a typical multi cloud architecture utilizing two or more public clouds as well as multiple private clouds, a multi cloud environment aims to eliminate the reliance on any single cloud provider. It differs from hybrid cloud in that it refers to multiple cloud services rather than multiple deployment modes (public, private, and legacy). Also, in a multi cloud environment, synchronization between different vendors is not essential to complete a computation process, unlike parallel computing or distributed computing environments.

 

Advantages are found in a number of reasons for deploying a multi cloud architecture, including reducing reliance on any single vendor, cost-efficiencies, increasing flexibility through choice, adherence to local policies that require certain data to be physically present within the area/country, geographical distribution of processing requests from physically closer cloud unit which in turn reduces latency, and militating against disasters. It is similar to the use of best-of-breed applications from multiple developers on a personal computer, rather than the defaults offered by the operating system vendor. It is a recognition of the fact that no one provider can be everything for everyone.

 

Several disadvantages and challenges also present themselves in a multi cloud environment. Security and governance is more complicated, and more “moving parts” may create resiliency issues. This is related to the different transparency levels of the different vendors. Companies must know when the vendor makes a change, upgrade or when events occur. However, using multi cloud requires matching of workloads to different cloud service providers and for example the same security concerns are communicated per vendor differently and leaving users confused with different alerts and notifications for the same kind of issues. If more IT experts are required to monitor and control each vendor separately, operational costs go up and automated governance is prevented. Selection of the right cloud products and services can also present a challenge, and users may suffer from the paradox of choice.

 For example, an enterprise may concurrently use separate cloud providers for infrastructure (IaaS), platform (PaaS) and software (SaaS) services, or use multiple infrastructure (IaaS) or platform (PaaS) providers. In the latter case, they may use different infrastructure providers for different workloads, deploy a single workload load balanced across multiple providers (active-active), or deploy a single workload on one provider, with a backup on another (active-passive).

 

Anthos from Google for example is a multi- cloud compatible platform supporting different cloud environments such as managing and maximizing existing applications and build cloud native applications (i.e. in AWS or Azure). Anthos repackages the Google Kubernetes Engine (GKE) and manages multi cloud environments, configuration and service meshes running on a private or public cloud, regardless of the cloud service provider.
Distributed Cloud A distributed cloud no longer provides resources centrally, but offers decentralized cloud services with less distance between the service source and the service user. The aim is to stretch cloud capabilities by distributing public cloud services (or a subset of services) to different physical locations where needed.

 

Operation, governance, updates and development of the services are with the responsibility of the originating public cloud provider. Customers can monitor, manage and maintain the distributed cloud from a central control plane, which is offered by the public cloud provider. The challenge is to manage a heterogeneous environment of different components and services (i.e. enterprise edge clouds, near neighbor clouds, on premises clouds, public clouds, urban clouds and community of cloud substations).

 

Advantages: Reduces latency of data transmission and increases the performance of services and better redundancy. Companies can still manage distributed clouds from a central control plane and can for example scale services or adapt services to user needs.

 

Disadvantages relate to higher complexity as it takes more effort to deploy, maintain, update and handling security and data transfer of different systems instead of managing a centralized system. Initial costs are higher and running costs may become higher due to increased processing overhead and exchange of information. It also takes more effort to manage security of distributed clouds as you control replicated data across multiple locations.

 The aim of the distributed cloud is to bring cloud services geographically closer to the user and reduce latency. For example, in the case of content delivery such as videos, the central cloud provides all services and receives or sends data from regional clouds or edge clouds. Regional clouds perform proxy and caching functions and act as intermediaries between the core cloud and the edge cloud or offer services themselves. Edge clouds are placed as close as possible to the user and provide cloud services with minimal latency.

Another example is personal data where the distributed cloud allows to keep this sensitive data in a specific location.
Cloud Native Cloud-native technologies are developed from the beginning for the cloud and empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, micro services, immutable infrastructure, and declarative APIs exemplify this approach. These techniques enable loosely coupled systems that are resilient, manageable and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil. A container based architecture is not cloud native. Architecture, applications and operations must be cloud native, otherwise it is not.

 

The main advantage of the cloud native approach is that applications run independently of the environment and the containers are portable. Containers can be executed in development, test or production systems. If the application design supports horizontal scaling, multiple instances of a container can be started or stopped.

 

Disadvantages relate to higher time consumption and effort of create cloud native applications in a re-platforming approach and once created to monitor and maintain load balancing between application instances. You need additional orchestration solutions and platforms such as Kubernetes, Apache Mesos and Amazon ECS to manage cloud native applications. You are not assured of a consistent performance if you migrate cloud native applications to a different cloud, i.e. moving from a private to a public cloud.

 Cloud native applications are typically made up of micro services packaged in containers. These micro services are designed as independent of each other and are optimized for cloud scaling. This ensures a continuous delivery that provides better performance, reliability and faster time to market.

 

Companies such as Netflix, Uber, and WeChat take the full advantage of the cloud native model by deploying micro services in a fast and agile way.
Edge Computing Edge computing refers to decentralized data processing at the edge of the network. This can be at the edge of a centralized system or a cloud.  In edge computing, computer applications, data and services are shifted away from central nodes (data centers) to the outer edges of a network. In edge computing, data is processed directly at the network periphery, i.e. where it is generated. The aim is to process data streams in a resource saving manner, at least partially on the spot (e.g. directly at the end device or within premises), but still benefit from the advantages of the cloud. Cloud and Edge are complementary concepts and not competing styles of an architecture.

 

Advantages: Edge computing delivers the decentralized extension of hyper scaled clouds and legacy data centers. Edge computing services significantly reduce the volume of data to be transmitted and therefore the data exchange and transmission distance, reducing transmission costs and waiting times. With edge computing, centralized data centers are required less often or not at all, eliminating a major bottleneck for data transfer and a potential source of error. Security is also improved as encrypted files are processed closer to the network core.

 

Disadvantages of edge computing arise when there is a very large amount of data to process or store or when computing or storage requirements are very irregular. The cloud does not work the same way as a datacenter does.

 

How does Edge Computing redefine the Infrastructure? IoT and immersive technologies will drive more information processing to the edge, redefining and reshaping what infrastructure and operations leaders will need to deploy and manage.

 Edge is a decentralized data architecture concept. Edge characteristics are: it is decentralized, intimate, independent, performant, data rich and contextual.

 

Edge Computing also means connecting Internet of Things (IoT): As these edge computing use cases take their place in our daily lives, businesses will have more and more reason to place their data as close to the edge as possible. This could be smart factories, connected cars and trucks, smart traffic and street lights, smart buildings and power grids, connected rail systems and airplanes, connected wind turbines and connected oil platforms.
Cloud Repatriation Cloud Repatriation is the shift of workloads from the public cloud to the local infrastructure environments, such as data center. Typically, these on premises data centers are in either a private or hybrid cloud.

Companies which assume that the cloud just works as their corporate data center got disappointed and those who have uncritically embraced Cloud First strategies have seen costs increase, performance drop, or compliance being challenged and are now moving workloads and data off a public cloud environment to their own private or hybrid cloud infrastructure.

 

Advantages of Cloud Repatriation is that in most cases it is not about going back to the architecture model used before migration to the public cloud. It is rather a way to improve cost, performance, legal reasons (data protection), security, flexibility (reduced vendor lock-in), reduced latencies, governance and control by moving to a more sophisticated architecture.

 

Disadvantages are found when the Cloud Repatriation is related to a painful lessons learnt when there was not attention paid to purpose and planning. The cloud became more expensive and less secure. Cloud Repatriation is then only a “ritorno” exercise as a result of poor initial road mapping and a botched migration.

 For example, you might have virtual machines hosted on a service like Amazon EC2 or Azure Virtual Machines that you migrate back to an on-premises data center.

 

You may replace a SaaS application running in the public cloud with one hosted on a private or hybrid cloud.

 

Companies built on public cloud platforms like Dropbox migrated back to on premises from AWS for cost savings and control reasons.

 
Container

and

Kubernetes

 Containers offer a logical packaging mechanism in which applications can be abstracted from the environment in which they actually run. This decoupling allows container-based applications to be deployed easily and consistently, regardless of whether the target environment is a private data center, the public cloud, or even a developer’s personal laptop. Containerization provides a clean separation of concerns, as developers focus on their application logic and dependencies, while IT operations teams can focus on deployment and management without bothering with application details such as specific software versions and configurations specific to the app. A container based architecture is not cloud native.

 

With the Kubernetes platform, you bundle and run your micro services and applications and organize them in groups of containers. The Docker engine is taking care of keeping your application running as you request.

 

The advantage of Kubernetes is that it allows cloud databases to interoperate across clouds and gives a control of the different services running in the clouds so that they can be centrally managed and look the same, regardless of the different cloud services provided.

 

The disadvantage of Kubernetes is that it does not include to manage the security across different databases and applications, authorizations and authentication such as monitoring concurrent users and logins. You still need a tool to harmonize security across different clouds.

 Popular container vendors / open source platform systems are Docker and Kubernetes.

 

Docker provides a toolset to easily create container images of applications.

 

Kubernetes is an open-source container management platform that unifies a cluster of machines into a single pool of compute resources.

 

IBM, for example, offers Red Hat Open Shift as the Kubernetes enterprise container platform empowering developers to develop and deploy faster into the hybrid cloud.
On Premises The infrastructure or hardware is stored in house and the software is purchased, licensed and installed on the company’s own servers and behind its firewall. All the software and services are run within the company and hence the company is responsible for hardware and software updates and has the complete ownership.

 

The advantage of on premises applications is that they are stable, reliable, secure, and allow the company total control that the cloud often cannot. There is no external dependency on a reliable internet connection or server downtime.

 

The disadvantage of on premises is that some cloud native applications can help companies to leverage to the new technologies and better achieve their business goals and they run only in a cloud. On premises deployment takes longer than in the cloud. From a cost perspective, managing and maintaining on premises solutions can be higher than in the cloud because you have higher capital expenditures by investing in server hardware, software licenses, configuration, integration and workforce to support these in house services. Any maintenance for hardware, software, storage, data backups and disaster recovery is performed on premises and is challenged with limited budgets and resources.

 On premises was the only offering in the past and there are valid reasons not to move to the cloud if there are no benefits.

 

Taking the analogy of a pizza, on premises means you make the pizza at home.
Infrastructure as a Service (IaaS)

 

Focus: hardware, storage, networks, servers, virtual servers

 In the IaaS model, the cloud service vendor provides all components related to the customer’s IT systems such as hardware, storage, networks and environment for various software applications such as a virtual servers on which users can run their operating system or applications. IaaS promotes access instead ownership.

 

The user transfers the company’s applications to the cloud and thus uses the provider’s infrastructure. They manage the data themselves, access their software via the cloud and remain responsible for data security. The service provider protects the virtualization platform against attacks and ensures availability.

 

The user is able to deploy and run arbitrary software, which can include operating systems and applications. The user does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).

 

The advantage is to use the infrastructure only on demand and there is no need to invest in IT infrastructure which is idle when not used, so companies only pay for what they use. IaaS makes really sense for creating virtual data centers for large organizations that require an efficient, scalable and secure infrastructure environment.

 

The disadvantage is that the internal IT has no direct control of the IT, security and governance provided by the cloud service provider. Companies need to review and understand the Service Level Agreements regarding the security obligations of their cloud service providers.

 

The challenges come with integration of IaaS to existing systems.

 

A downtime of the IaaS makes it impossible to access applications and data and companies are fully dependent on the IaaS provider. Problems occurred related to the virtual machine is in the responsibility of the end user.

 

Companies need to invest in IaaS technical training and skills as the companies’ IT team need to understand the IaaS provider’s infrastructure as they manage and control storage, servers, virtualization and networking whereas the customer’s IT teams and end users manage and control the middleware, operating systems, applications and data.

 The customer company transfers its MS Windows system from the local server to the Azure cloud and thus use an Infrastructure as a Service. It enables to control user access to virtual machines, servers, storage, load balancers, network, …

 

The Google Cloud Platform offers IaaS and PaaS.

 

Amazon Elastic Compute Cloud (EC2) is a part of Amazon’s cloud computing platform, Amazon Web Services (AWS), that allows users to rent virtual computers on which to run their own computer applications. Netflix uses Amazon Web Service (AWS).

 

Cisco is taking a network-centric approach to multi-cloud and hybrid deployments.

 

Oracle’s cloud business focuses on SaaS and autonomous database services.

 

SAP is leveraging a neutral approach with partnerships with all the leading IaaS vendors while converting customers to its HANA platform.

 

Taking the analogy of a pizza, IaaS means you are using a take and bake service.
Platform as a Service (PaaS)

 

Focus: virtual Infrastructure and Middleware

 PaaS allows customers to rent hardware, operating systems, storage and network capacity over the internet from the cloud service provider and allows frequent changes and upgrades to operating systems. This type of service is mainly used in the area of software development. The provider provides a secure platform for developing applications (development environment, program code and databases). The capability provided to the user is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider.

 

The user does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment. The cloud customer is responsible for the security and management of the content operated on the platform, i.e. the applications and data.

 

The advantage is both on cost savings and operational efforts because internal IT and developers can use a full virtual environment, including hardware and software. They can write code and test applications before deploying to the production systems. There is no need to have an internal set up and installations first before new code can be tested and deployed.

 

The disadvantages are security risks, governance and legal issues when developing new applications when it becomes subject to intellectual property and their exposures to the cloud service provider. If the customer operates already in emerging technologies and is used to cloud native applications, the potential risk is that vendors may not meet the needs of rapidly evolving startup companies.

 Controls of user access to the operating software and services needed to develop new applications such as execution runtime, database, web server, deployment tools, …

 

App Engine is the PaaS offering from Google Cloud and allows the building and hosting of applications.

 

Others are AWS Elastic Beanstalk, Windows Azure Cloud Services,

OpenShift, Heroku (Salesforce) and Apache Stratos

 

 

Taking the analogy of a pizza, PaaS means you are using a pizza delivery service.
Software as a Service (SaaS)

 

Focus: Infrastructure, Middleware and Applications

 SaaS is a web based application where the software is accessed and works via the internet. The capability provided to the user is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.

 

The provider is responsible for maintenance, availability and updates, while the customer (company) manages user access and the data stored in the cloud itself. Data and information protection is also the responsibility of the SaaS users.

 

The advantage is that SaaS vendors have the expertise in their field in running the data and applications the company is using. The vendor takes care of operations and (automatic) updates and there is no need for hardware, maintenance or installation and setup related to the use. Functions and capacities can be used or added as needed. Monthly fees or subscriptions replace software license and maintenance costs, providing more transparency. The access is possible from anywhere where an internet connection is available.

 

The disadvantage is a potential vendor lock-in risk. This is the case when the company wants to migrate their data to another system or move the data back from the cloud to their own on premises system.

 Classic examples of Software as a Service are publicly accessible mail applications such as Gmail, Google Apps, virtual desktop, Cisco WebEx, GoToMeeting, Zoom and other communications tools. Other SaaS products are Dropbox, CRM tools such as Salesforce, HR systems such as Workday or SharePoint Online and Office 365.

 

SaaS price structures are usually less complex than IaaS or PaaS billing models.

 

The vendor provides the software via the cloud and the user accesses it via the browser.

 

Taking the analogy of a pizza, SaaS means you are visiting an eat-in restaurant
Cloud Clients

 

Focus:

Data

 Users can use any devices linked to their applications to cloud computing storage and services through application programming interfaces (API’s) exposed to their applications and custom software. Services include user management, push notifications and integration with social networking services and more.

 

Advantage of cloud clients is that applications can be accessed from anywhere at any time via any device or a web browser. The importance of cloud clients has emerged with the increased use of mobile devices in business.

 Web browsers, mobile applications, thin clients, terminal emulators, laptops, tablets, smartphones…

 

Cloudy Waves: first and second wave

The business drivers

As cloud adoption increased over the years, the following reasons to move the cloud became clearer and easier to understand.

  • Focus on accelerating innovation. Instead of spending years on large programs to move the whole company to the cloud, deploy solutions quickly and change frequently.
  • Learn from others who deployed the same business area. Do not reinvent the wheel and follow best practice.
  • Customer comes first. Do not invest where there is no business advantage. Focus on competitive advantage customer benefit.
  • Location Independent. Cloud applications can be used everywhere. It enables you to follow better your business instead business adapting to IT.
  • Cost Control. With clear SLA’s with your cloud vendors, segregation of duties and KPI’s in place, cost become more transparent and enables you to growth with your business.
  • Cloud adoption is a prerequisite to the digital transformation. If you go digital, you need to build the foundation of an integrated cloud environment.

The lessons learnt (2000 – 2020)

Companies who started with their cloud journey 20 years ago made the following experiences:

  • To move from a best of breed approach to cloud suites.
  • To start with SaaS cloud application and enhance with PaaS and IaaS application to achieve a full cloud environment.
  • To change from cost related management to an innovation engine. (Although we see a current focus on cost savings as an impact from the post pandemic actions, the shift will come back to innovation in the long run).
  • From a cloud too to a cloud first approach. Nowadays, it is from a cloud first to a cloud best approach.
  • From an IT driven to a business driven mindset.

First and second cloud waves

Every company has a different architecture model. However, the things they have in common are

  • Applications in the back office, such as an IT infrastructure, platforms, ICT systems, ERP systems (finance, administration, manufacturing, logistics, supply chain, procurement and human resources).
  • Multi-channel customer front end applications such as marketing, sales, services and reporting.
  • Core applications, which are unique for every company managing their main businesses such as manufacturing, sales, marketing and services related to the products and services the company is producing and interrelated with their ERP and CRM systems.

The first two areas can be managed by standard applications such as SAP, Oracle, Infor, Workday and Salesforce. The third area are mostly covered by best of breed or custom made and branch / vertical specific solutions.

The architectural components of a cloud provider model as shown in the following diagram contains the various cloud services and how they relate to each other based on the three constituents: cloud consumers, cloud service providers, and cloud brokers.

Since most companies are using a hybrid or multi cloud approach, they use legacy, in house applications and data on their premises and have additional cloud based data and applications deployed in the cloud. Companies therefore should understand and optimize the different types of cloud based IT systems.

An example where to put cloud first could look as followed.

  1. Platform as a Service (PaaS).
  2. Service Execution. Allow worldwide subsidiaries and affiliates to work independently from where they are based.
  3. Multi-channel customer front end applications such as marketing, sales, services, and reporting to enable customer collaboration.

This approach is in line with the initial cloud initiatives. Most companies started with SaaS and moved to PaaS as the next step to move to the cloud. Moving core applications such as services to the cloud follows the business driven approach, where you move applications used daily by subsidiaries and affiliates to a common cloud application. The last but no least area relates to customer collaboration which follows not only a cloud first but customer first approach.

The next wave looks at applications which are considered to move to the cloud. An example to consider cloud could look as followed.

  1. Infrastructure as a Service (IaaS)
  2. ERP systems such as Finance, Administration, Logistics, Procurement and Human Resources.
  3. Sales Management.

Where to consider cloud is dependent on where the company has additional business benefit and customer intimacy after the first wave.

Considerations for the next wave

Most companies are using cloud in some forms today and the most popular ones are a combination of on premises and public cloud solutions. Multi cloud and hybrid cloud models are in the majority.

So what are the cloud services used today?

Source: McAfee

With the increase of remote work, cloud adoption, Artificial Intelligence (AI), Machine Learning (ML) and analytics became a higher priority but not a top priority. Companies recognize digitalization and business related outcome as their top priorities. The shift to digital has reached a stage where more companies are already operating in a digital environment and fewer companies are making plans for a digital environment.

Companies who moved their applications and IT infrastructure to the cloud in staged waves have following learnings and conclusions in common. Ask yourself where are you in your cloud adoption and transition?

  • Translating the IT strategy by finding the best balance between on premises and cloud solutions. This is different for every company and situation.
  • Make the cloud clearer and easier to understand. People became much smarter about the cloud and take advantage of their cloud expertise.
  • Cloud is not only about cost savings, it is about an innovation engine.
  • Constantly change and innovate. Approach in staged waves, i.e. cloud first wave, consider now a cloud best approach instead of cloud first.
  • Adjust your IT translation – stay flexible and agile. Fail fast – learn fast.
  • Pay attention to integration instead perfection.
  • Put an overall IT governance in place. How you control information and data are usually the root cause of failures in cloud transformation projects.
  • Avoid single business units and subsidiaries to sign up for cloud services independently as integration efforts into existing systems, data exchange and security risks are underestimated.
  • Avoid cloud silos, think about cloud suites first.
  • Reduce your vendors and select a few trusted key cloud vendors.
  • Vendors are growing in influence since they can now bridge the cloud with digital transformation programs.
  • Expand the set of use cases for the next generation cloud using analytics, AI, edge computing and cloud usage patterns.
  • Focus on vendors that can deliver transformative outcomes.
  • Establish good vendor relationships to avoid vendor locks. Ensure your vendor provides enough information about what is being changed and upgraded.
  • Put a vendor communication control framework in place. For example, if you use multi cloud, set up uniform reporting with common definitions to avoid different notifications and alerts for the same problem but coming from different vendors.
  • Build a good architecture and Dev Ops Team who understand and challenge the vendor’s ecosystem.
  • Your cloud vendor provider is not only a service provider, your vendor runs your business. Does your vendor take the same caution with your data as closely and carefully as you as the data owner? Challenge them.
  • Use standards from ISO, ITIL and the open source communities to have a common baseline with your IT, business and vendors.
  • Include input from the compliance experts to reduce time for audits.
  • Focus on a win-win approach since less vendors mean bigger lump risks.

These considerations are based on the first and second cloud wave and should help you to move forward during your next cloud journey. More companies are using cloud services for business critical functions.

Companies considering the next cloud wave want to eliminate the complexity of orchestrating end-to-end integration flows. Using different enterprise systems, whether cloud and API based ERP, CRM, HR and other systems on premises, in the public or private cloud – companies need to ensure their systems are integrated with customers (B2C), market places (B2B) and suppliers (P2P).

Since the multi cloud model is the most popular one, companies will move to cloud applications built from containers, use of micro services and multi cloud orchestration tools. This will enable companies to manage their workloads in the cloud and stay flexible for deployment in their private and public clouds from different cloud service providers to achieve better performance, cost control and other KPI’s.

In future, companies will use the cloud to enhance their digital business with Internet of Things (IoT), Quantum Computing, Artificial Intelligence (AI), Machine Learning (ML), Big Data, Augmented Reality and API’s.

Cloudy Waves: starting point and cloud concerns

Cloud strategies are moving now from a comprehensive business case to real transition projects which must align with business outcomes. We can see different waves of cloud adoption during the last 20 years.

A single cloud strategy such as moving all IT systems to the cloud does not exist. Moreover, views of what cloud really is vary too. Before moving to the cloud, companies need to address three questions.

  1. Where do we stand and where do we want to go in our cloud journey?
  2. What does cloud mean for us? How do we define it, considering our situation towards applications already in the cloud, moving onsite applications towards to a private, hybrid, public or multi cloud approach?
  3. What is a realistic end state?

For companies having a cloud strategy in place, the corresponding actions and steps are case by case depending on the unique company’s situation.

Most companies have a multi cloud strategy and that is the main challenge of the cloud strategy on how to handle it the best way.

A 2018 survey by analyst firm Forrester on behalf of Virtustream found that 86% of respondents (727 cloud strategy and application management decision makers in the US, EMEA and APAC) characterized their organizations’ cloud strategy as ‘multi cloud’, identifying most with the description ‘Using multiple public and private clouds for different application workloads’:

Respondents to the Forrester/Virtustream survey defined multi cloud in several ways, including:

  • Leveraging multiple cloud technologies at once (32%);
  • Using public cloud in parallel with traditional non-cloud systems (23%);
  • Using multiple public clouds simultaneously for different workloads (14%).

The following guidance gives you an overview of different starting points and a way forward using the best options to move to the cloud.

The starting point and cloud concerns

A couple of years ago, cloud was mostly not an option when it came to evaluation of new application and IT services. Companies more or less accepted high capital expenditures on their own on premises IT infrastructure such as servers, hardware, software, network, storage and additional costs on maintaining and upgrading the infrastructure. The resistance towards the cloud disappeared slowly due to the benefit of reduction of costs on IT infrastructure but also due to the increased security and improved services from the cloud providers. The idea of renting and paying on scalable subscription and fee basis became more popular also because vendors could provide a real benefit of economy of scale, IT expertise and a worldwide access through the internet. So we can see that the starting point was more IT driven and some business felt forced to the cloud or rushed ahead with their own cloud initiatives, which increased the “silo” thinking gap between IT and business. Later, hybrid cloud was being driven by IT and operations, whereas the public cloud was driven more by developers and business requirements.

Both IT and business understand the corporate goals, however, they have a different points of view because they have different roles. Nevertheless, it is crucial if both can incorporate the overall goals and achieve both IT and business benefits:

Business View – Focus: IT View – Focus:
Revenue growth Improved business continuity
Profitability increase Ensure availability, reliability and resiliency
Customer comes first Cost Savings
Faster time to market deployment for new products and services Increase transparency and transfer pricing of the IT costs
Support new business initiatives Faster response to scalability requirements
Increase productivity Benefit from new technology immediately without depending on rigid release cycles
Expand operations into new markets and regions across the world Move IT staff faster to where they are more needed

Many companies are struggling to match service delivery with the increased pressure for cloud use.

When looking at your IT landscape, IT must think like a business and go beyond traditional business partnerships. It is all about linking business to IT and IT to business. Without this cultural alignment, cloud projects will fail.

IT – Business alignment means finding the best solutions for a business transformation using different technologies and sourcing strategies. Not every application is worth moving to the cloud.

The question is: where do IT related capabilities provide the most business value when run “as a service”?

Business value amongst cost, flexibility, reassurance and volume is one thing. However, going to the cloud needs to consider the concerns about cloud computing such as

  • security and privacy of company data
  • quality and reliability of the cloud service provided
  • doubts about true cost savings or overseen hidden costs
  • cloud pricing structures must be simple and easy to understand
  • performance and insufficient responsiveness over network such as internet reliability, bandwidth and latency risks
  • difficulty integrating the cloud with on premises and the in house IT environment
  • software compatibility
  • overcome internal resistance
  • handle compliance in regulated industries, i.e. finance and pharmaceutical companies
  • managing legal and location risks, i.e. where is personal data stored?
  • lack of cloud skills

From an IT perspective and taking for example a large international organization, you are driving the evolution of global IT infrastructure, managing data center modernization by executing consolidation programs with the target to have the right combination of cloud services and regional infrastructure. Projects for example can include deployment of collaboration platforms, workplace programs and a global network strategy including global IT security aspects.

The majority of large international organizations started their cloud journey some 20 years ago. A typical journey could look like in the following table.

Year Business Area Cloud Adoption Example
2001 ERP – single instance ERP outsourced. Vendor managed cloud Oracle Managed Cloud
2006 Middleware Middleware outsourced. Vendor managed cloud Oracle Managed Cloud
2008 Procure to Pay Global procurement single SaaS instance Ariba
2009 CRM Global SaaS CRM Salesforce (Service Cloud & Marketing Cloud)
2012 HRM Global SaaS HR System, SaaS Talent Management Workday, Taleo
2015 Core Systems Global core system solutions as SaaS Company specific
2016 Office Office 365 SaaS Microsoft
2017 Datacenters Data center transformation program Oracle Cloud Services

One key thing in common is that cloud utilization increased over the years exponentially. This means that in the beginning of the journey, cloud usage was low whereas nowadays and in the future, cloud adoption will increase much stronger.

Moving to the cloud – what are the priorities?

Cloud based IT systems were part of the IT strategies already some years ago. With the recent global agenda caused by lockdown and working from home, cloud strategies were even more pushed by CIO’s.

However, there is a conflict in addressing the new situation. On one hand, companies were busy to set up business continuity management, ensuring that companies suffer minimum impact from the lockdown. Public cloud solutions became the most popular one because companies could switch fast and enable employees to work remotely from home.

On the other hand, budgets become frozen and working from home orders postponed new projects in the pipeline in a “wait and see” mode. As a consequence, growth and innovation projects are cut and projects dedicated to run the business are impacted from budget cuts.

Nevertheless, companies still plan to move workloads to the cloud also as a response to push above all the digital transformation agenda and increase the pace. The question is whether cloud resistant back end and core applications are ready to move to the cloud. Companies evaluate on top the advantages of cloud services such as machine learning, artificial intelligence and data analytics.

Public cloud has the highest priority and is the preferred model and becoming omnipresent. It is followed by Artificial Intelligence and Machine Learning initiatives, then followed by private cloud and multi cloud. Nevertheless, most companies follow a multi cloud strategy since they are using multiple public and private clouds for different application workloads.

Companies already decided to move the cloud a couple of years ago and more than two third of all organizations are using the cloud today, however, the priorities changed as seen above and the plan is to shift in parts. Focus is on a modernization approach of the IT landscape.

Where there was a general reluctance regarding security, data protection and risks of dependency towards cloud vendor providers, management buy-in became easier because cloud value propositions are now driven as cost savings initiatives, which reflects the current situation of focusing more on cost savings instead revenue growth.

The game has changed because business needs to provide a reason now why not to migrate to the cloud. Technology is overruling business priority. Even if there is “only” a lift and shift approach for an IT Information System to move to the public cloud, as long as it could save costs, the project is sponsored.

Another driver is the experience of towards remote work. The lockdown has proved that remote work is possible without large impacts despite the earlier doubts before the lockdown. This is another argument to move to the cloud.

Still, business continuity is top priority, but the mind shift from seeing cloud as a cost saving and strategic value only has moved to see cloud as the new standard to work in the future.

It is today easier to argue that business transformation is easier using cloud technologies and add customer value. Once the quick wins become visible, businesses will continue to move more applications to the cloud. The pandemic situation is only a trigger to pull technology forward.

For many companies that rushed into the cloud at the height of the pandemic, the primary goal was enabling employees to work from home, so business could still function. That does not mean that the shift was perfect.

The focus is more related to business continuity, process adaption to the new situation and working from home. Therefore, it is not a black or white approach towards the cloud. Companies will increase cloud adoption where necessary and not just because of a cloud dogma. Since the focus is on cost control, cloud business cases and prove of concepts will provide more value to move forward.

Existing cloud solutions will be optimized and restructured towards cost savings, the way forward is not only addressing new cloud initiatives but both. Every spending is on the radar, including technology.

Companies continue their journey to the cloud and we are now in the stage of translating the cloud strategy into real actions and steps.

The times of theoretical cloud school lessons are over.

Companies are now recognizing the opportunities for platform based innovation across the entire spectrum of cloud services including data center infrastructure management. Vendors respond with project pre-financing and security disaster recovery checks to make it easier for customers to continue with their cloud engagements.

According to Spiceworks, the top priorities where large companies expect support from cloud vendors are:

  • Maintaining data security: 47%
  • Complying with data regulations: 34%
  • Migrating workloads to the cloud: 28%
  • Managing multiple cloud solutions: 15%
  • Optimizing cloud workloads: 11%
  • Managing cloud spend: 11%
  • Modernizing cloud infrastructure: 11%

For cloud service providers, it is very important to respond to risks of data security, risks of vendor lock-in by focusing on solutions which keep organizations top priorities to remain flexible in uncertain times. With the increased emphasis on remote work, cloud has become more important than ever. Not only to support remote and mobile access, but also to improve collaboration.