An essential part of cloud computing is service provision via the Internet, delivering IT and communications services via a pay-as-you-go model. It seems highly desirable and cost-effective, but there are commercial risks that might not quite make it to the negotiating table for consideration.
That service provision has also become known as SaaS (Software as a Service) from an ASP (Application Service Provider), with the umbrella phenomenon of supply and demand often now called Utility Computing. Many of the biggest players on the planet – Google, Microsoft and Amazon included – are investing heavily in their own particular flavour of cloud services and SaaS delivery ideas.
Organisations can now consider renting applications from ASPs and access them over the Internet, saving the capital expenditure – and subsequent depreciation – of their choice of hardware and software. All the management, security and housekeeping issues are taken care of by a host company: end users just connect to the services they sign up for via a secure Web browser more or less as, when and wherever they need them. The network of computers that supports this attractive and highly flexible model is, collectively, the eponymous cloud.
The SaaS eggs might be very cost-effective to rent, but the basket has to be sufficiently robust, namely: the broadband connection that delivers them. Ensuring a resilient broadband connection depends a lot on geography – it is far easier to achieve it in the US than in Europe. In the UK, there’s BT’s ADSL service, Open Reach with a cable alternative in some cities, which almost certainly involves a single point of failure: not ideal for the customer with a mission-critical application.
Never explain, never apologise?
If an enterprise chooses to embrace cloud working as its norm, then it will essentially hand over its data to the ASP to be housed on a server somewhere in the host’s network. UK legislation in the form of the Data Protection Act 1998 places restrictions on taking personal data beyond the EU without the destination having a suitably vague “adequate” level of protection in relation to processing personal data. Pandora’s data protection box is all set to burst open.
A cause for concern further down the line in a cloud relationship is the agreements being drawn up by ASPs with their customers. The signs are that the ASP is about to turn out like the insurance company with its small print and wiggle room: in effect, no responsibility for a customer’s failure or loss adheres to its bright shiny surface. So the prudent client needs to consider how it will extract itself and its data resources from the deal in the event of a serious problem, such as ASP bankruptcy.
All that said, the reality is that cloud work is a great idea here to stay. Like dynamite, LSD, uranium and lots of other potentially lethal stuff, it just needs careful handling to deliver the benefits.
For last 10 years I have worked with Independent Software Vendors in the UK that traditionally built applications deployed on customers premises. I have watched them grapple with ASP, SaaS and now Cloud Computing – in part driven by demand from customer and in part driven by their own desire to become more efficient, more agile and more profitable. But its a huge change/challenge for an existing ISV to move to SaaS or the Cloud and hence some of the efforts have been rather poor. A big part of the challenge is about building the right quality of infrastructure to offer a great service to customers with good SLAs around it. I think in the last year we have seen significant changes which should make this easier to get right. Companies like Microsoft (www.azure.com) and Amazon (AWS) have delivered highly capable infrastructure which ISVs can use to deliver their applications using a SaaS model. This should be a good thing for customers. The ISVs should be able to focus on their core skills (building business functionality) while the cloud platform vendors worry about scalability, availability, data privacy, local laws etc.
A good recent video to watch is http://bit.ly/cloudin21st. It tackles head on areas such as privacy and trust.
Good reading mainly because of the answers and questions raised during the presentations and comments. Being a reseller of SaaS apps, we realize the issues to take an app to market. You have to be in front of as many SMB as possible inside the shortest period of time to produce the awareness. Thanks for the blog. Richard http://www.cloudcomputingleaders.net