Let me begin by making an important disclosure: I sell and implement “on-premise business management software.” I sell business customers a software license and then install and configure those software applications on my customers’ file servers. Their software and, more importantly, their data are under their control. I have more than 30 years experience applying technology to accounting and business operations. I am a management accountant by trade and like some of you, I am hearing the constant drumbeat about the promising future of cloud computing. Although my primary vendor, Sage has various “software as a service” (SaaS) solutions, the economic incentives for me are greater if I sell on-premise solutions. I am forced to confess that I do have an economic bias to recommend on- premise solutions to my prospective customers. However, I have other biases, far removed from my own selfish economic interest.
As my customers’ “trusted business advisor” it’s important that I educate them about the risks and rewards of cloud computing, enabling them to take informed decisions. To be sure, there are risks and rewards, so it’s best to understand them both fully.
What is Cloud Computing?
What is cloud computing and why all the hype?
The following is a very simple definition. There are currently three deployment models for cloud computing known collectively as the Software Process Improvement or SPI.
- SaaS: Software as a Service are software applications accessible through a web browser and managed by a vendor remotely. They are typically rented and customers pay a monthly fee, as opposed to purchased licenses like on-premise solutions.
- PaaS: Plaform as a Service is the availability of providing programming tools so developers can create solutions without the headache of managing the underlying infrastructure.
- IaaS:Infrastructure as a Service is the availability of computing resources like processing power, storage, and other network components.
This past December, I attended a conference of the Information Technology Alliance. A guest speaker from Google presented a lecture titled “Get Ready to Switch, Cloud Computing, Not If But When.” The speaker made a very compelling argument about the benefits of the cloud model using words like innovation, scalability, radically reduced costs, faster application development, and happier end users. I must admit, it was powerful, true and correct. He made a very valid and persuasive pro cloud argument.
Jump ahead a couple months, and the news-of-the-day was how Google was hacked by students from Chinese schools. Apparently, there is some evidence that the attack was ordered by the Chinese government. Investigations reveal that Google’s computers were infiltrated as early as last April.
Does this event expose the Achilles heel of the whole model? I think, yes. Last September I attended an executive briefing on Cyber Security hosted by SECAF. Presenters from large federal government contractors spoke about government contracting opportunities relating to the United States Comprehensive National Cyber Initiative (CNCI). CNIA is a highly classified, multibillion dollar government program designed to proactively prepare our country for current and future cyber security threats.
What I heard in that briefing was very scary and sobering, the risks are real. At worst, foreign interests may already have the ability to shut down the internet and completely cripple our economy, and at a minimum, hackers are stealing and compromising valuable information daily.
Recently, FBI Director Robert Mueller said cyber attacks are increasingly taking a wider aim. “As the global economy integrates, many cyber threats now focus on economic or non-government targets as we have seen with the recent cyber attack on Google,” he explained. “Targets in the private sector are at least as vulnerable and the damage can be just as great.”
Modern technology is increasingly becoming a part of everyone’s everyday life. We use the latest gadgets and internet connections to communicate and transact business. The more we rely on the internet, the greater our risk. I believe that businesses and other computer users greatly prefer to retain control over their data, their mission critical information. That isn’t easy to do if you hand it all over to a third party.
What do you think? Are cloud proponents ignoring potential hazards? Or are they correct when they claim that on premise solutions are going the way of buggy whips ?