The cloud is a hot topic which is regularly on the minds of enterprises all over the world. The way we work, lead and build companies is changing, and it’s all thanks to the cloud. We present an interview by Malgorzata Zabieglinska – Lupa – ICT Product Manager, with Krystian Chorzępa – Business Solution Architect Comarch, and Lukasz Lacniak – Business Solution Architect Comarch UK. We had the opportunity to discuss some of the most important questions regarding the challenges and latest trends that will influence the cloud industry.
Malgorzata Zabieglinska – Lupa: When talking about computing, many people are immediately concerned by resource sharing, multi-tenancy, compliance and security. What are your thoughts?
Lukasz Lacniak: These were prominent challenges a couple of years ago, when cloud foundations were quite unstable. Cloud-like products were neither well defined by the industry nor well understood by the client base. Cloud industry standards were basically non-existent, the product portfolio was broad, but immature, and even basic functionalities like true multi-tenancy, separation and security were difficult to implement and maintain due to the poor tool-set. But we are now in 2017 and most of these childhood illnesses are long gone.
There is a variety of both open source and commercial tools in the hands of cloud service providers. Cloud products and security requirements are well defined by the industry, customer awareness is also on a much higher level compared to previous years. Regulations like GDPR are finally making it as well. Last but not least, the available tools are now mature enough to meet and even exceed these requirements.
In conclusion – these are no longer issues, but features. Some of them, like multi-tenancy, are now the core features of cloud services. Other challenges like security and compliance can be leveraged by cloud providers to differentiate themselves from the crowd. Comarch is a good example of a provider addressing client security and compliance related requirements with its tailored security services portfolio.
Malgorzata Zabieglinska – Lupa: Every business is now a software business. The cloud affects every industry and location. That’s why companies must rethink how they create value for their clients. Cloud transformation is a business and technology priority for most service providers. It’s obvious, but moving business into the cloud is complex and many are taking a cautious and pragmatic approach. Is the cloud the ultimate future for each enterprise? What benefits does it bring?
Krystian Chorzepa: It all depends on the kind of enterprise you have and its products and services. For start-ups, the cloud is the place to go to secure necessary infrastructural resources that are easily scalable to current needs. You can also use cloud-based apps, such as business e-mail and file repositories, to improve your business. Importantly, no large capital outlays are needed to start off. As you pay for actual resources used, your company’s infrastructure maintenance cost is low. Cloud resources and services are available on demand, which helps you reduce the time you would usually spend on purchasing, installing and deploying.
Time to market is cut down to a minimum. It is also significant that all resources and services are accessible online and you can use them virtually anywhere and anytime. Since such operations are cloud-based from day one, the knowledge of cloud services and possibilities gradually builds up, and as you grow more experienced with cloud technology, you become more likely to support your future activities and business growth with cloud solutions too. Today’s cloud providers are capable of delivering their resources all over the world and reach more and more customers and new markets.
Malgorzata Zabieglinska – Lupa: Most CIOs understand how powerful cloud solutions can be and they maximize benefits, but they are also worried about their ability to secure the cloud and protect the most critical company data. Is cloud security still a concern?
Lukasz Lacniak: Cloud security is certainly a broad topic, and makes it to the top of the list of IT challenges each year for good reason. After all, the cloud is a synonym of “someone else’s computer”. Put that in perspective of the overall evolution of IT’s role within the organisation – it used to be back-office mainly, now it’s often central – and you see right away why security matters more than ever before. Even banks are now basically IT departments with a “bank” label on top. Yet they adopt cloud services, as does everyone else. If they don’t, they are essentially out of business in this hyper-competitive economy.
This is the perfect environment for the IT security industry. The former unwanted child now seems to be the primary asset in a never-ending battle to keep companies’ precious secrets safe. So yes – it still is a concern, but there are a variety of tools available to identify and mitigate most of them.
There is still a broader challenge though, related to global cloud market dynamics. Leading slash core cloud providers, like AWS and Azure, are growing. The market is certainly getting closer to being an oligopoly, rather than a zoo of cloud providers. That begs the question of what happens if a “black swan” event, like AWS going out of business, strikes the market one day? After all, political and economic tensions have been building up since 2008 / the global crisis, and someday an earthquake could strike again. In my view, it is yet another reason to get IT strategy shaped towards favouring multiple cloud providers instead of putting all your eggs in one basket, even if it’s still a more convenient choice.
Krystian Chorzepa: Security is one of the most important issues discussed in relation to cloud services. Cloud-related security risks are increasingly accepted these days since more and more businesses want to tap into cloud advantages. The security from cloud providers is greater, as they have learned from mistakes made by themselves and their competitors.
Every cloud provider seeks to ensure the highest possible level of security for their cloud services. They hire the best security specialists and work with the largest security providers in the market. This issue is of crucial importance because any security failures or data leaks have an adverse impact on the providers’ image and, consequently, their sales. There is great competition in this industry and a myriad of organisations and web portals monitoring and updating the market on any problems with cloud providers.
Cloud platform security is ensured by the providers themselves, but we should provide for the data security and environments by ourselves rather than assuming a cloud provider can protect us against all kinds of security issues. Every business should evaluate their risks, available tools and mechanisms that they can use to ensure the highest security of their cloud-based data.
Malgorzata Zabieglinska – Lupa: To transform their companies into digital businesses and meet fast-moving business requirements, CIOs refactor their system and application landscape and move to the cloud. This relates to increasing reliance on cloud platform providers. How can you select the best cloud provider? What advice would you give to companies who make a move to the cloud? What should they pay special attention to?
Krystian Chorzepa: Currently, the market has many providers of cloud resources and services. With this amount of players, it is difficult to choose an appropriate provider. By ‘appropriate’, we mean one that will meet your expectations. You should start by defining your needs, i.e. what resources and services you are after and what the availability level of the platform should be. Based on this information, you can look for a provider who will address most of your expectations.
Then you should look at service price-lists and choose the one that is most fitting for your business. It might be that the final price is lower if you scale down your expectations a notch. It is also essential to check how the potential provider ensures a high degree of security on their cloud solution. You should check if they employ security measures such as firewalls, anti-virus, multi-step user authentication and data encryption, and learn of the frequency of audits carried out for their cloud platform.
You should also learn beforehand who will be authorised to access your cloud data and if the solution comes with anti-leak features. It is also worth enquiring about the legal compliance of a cloud solution for specific countries and industries. Another useful piece of information is the data storing location. It often happens that providers mention just a region or city rather than detailed addresses.
Another essential factor is the Service Level Agreement (SLA), stipulating guaranteed service availability and response and repair times and the availability of support lines to users, including the manner of providing such support. It is worth checking if contractual provisions address data loss or the unavailability of any of the provider’s services. Does the provider offer damages in such cases? Is it satisfactory? It would be natural to ask if the provider offers dedicated mechanisms to prevent such situations.
You can also ask about the history of platform failures. Let’s also keep in mind circumstances under which we might want to terminate the contract in future. It is worth addressing the process of a possible migration of your data from the contracted provider to another. Sure, you are just about to sign a contract but it is essential to define a contract termination procedure beforehand. We have covered just a fraction of the major issues in this interview.
Each company should focus on and address themes that they deem the most essential from their own perspective.
Lukasz Lacniak: The answer is surprisingly simple yet not really surprising – businesses aren’t choosing just one provider and the “right” provider. That’s actually the reason that we are seeing hybrid cloud hype taking off this year – successful enterprises seem to prefer having more options, and there are plenty of them. Well established providers, like AWS, Azure or Google are certainly safe bets.
The ongoing price war between them doesn’t hurt either. Incumbents / smaller players could also be useful when there is a need to address specific technological or legal requirements. The challenge from the client’s perspective is not to lose control over such landscapes. Today’s cloud is hybrid and can be likened to ‘cloud islands’. When there is a glue-like product available with capabilities like vendor management and an overall know-how of multiple cloud providers, its products and operations will be in high demand. Former system integrators including Comarch will become cloud integrators, helping businesses in designing and maintaining fit-for-purpose systems, but cloudier than ever before, IT systems.
Malgorzata Zabieglinska – Lupa: Your previous reply leads us to another important issue – one of the most important cloud trends – Hybrid Cloud. Regarding the report “Hybrid Cloud Market by Solution (Cloud Management and Orchestration, Disaster Recovery, Security and Compliance, and Hybrid Hosting), by Service (Professional Services and Managed Services), by Service Model (IaaS, PaaS, and SaaS) – Global Forecast to 2021″ the hybrid cloud market is estimated to grow from USD 33.28 Billion in 2016 to USD 91.74 Billion by 2021. A current hot topic is Hybrid Cloud, and if I am right, the hybrid solution is the most perfect solution for companies that are moving data from a legacy architecture to the cloud and managing fragmented data scattered across the enterprise. What’s your view and why? What is the future of the hybrid cloud?
Lukasz Lacniak: Hybrid clouds do seem to be the next big thing. It’s certainly a new opportunity for emerging cloud vendors searching for their place in the new and cloudy IT ecosystem among the core cloud services providers like Amazon and Azure. It’s been visible at every industry conference this year.
I’ve witnessed this trend finally taking off at the recent Cloud Expo in London, which is undoubtedly THE event of the year for UK IT service providers. The word “Hybrid” could be seen on every banner and heard on almost every panel discussion. But, first and foremost, the hybrid cloud is a concept of taking advantage of the broad cloud market product portfolio and dynamics both strategically and tactically by the cloud consumer. In principle, it is similar to the benefit of having a single vendor.
Avoiding vendor lock-in used to be considered as diversifying IT hardware/software/service providers. Now this strategy can be applied to the cloud services market as well. This is the kind of cloud that clients are looking for this year. Experienced system integrators like Comarch can help as today’s hybrid cloud is still closer to being just a bunch of separate/incompatible clouds over anything else.
Krystian Chorzepa: Hybrid clouds are the key approach when it comes to cloud computing. Hybrid clouds are a kind of cloud computing solution that combine and use owned infrastructural resources and services or a private cloud with a public cloud. This model offers businesses great flexibility in using the most relevant solution at any given time since hybrid clouds blend the features of all models that provide necessary computing capacity and infrastructural services.
You can use your own resources, which you have invested in, whilst keeping the option to quickly resort to public cloud resources should an urgent need arise for more computing power. Anyone who would like to start using cloud solutions should determine if their organisation and its applications and services are cloud ready.
For young companies that have started off with the intent to use cloud computing and support all of their solutions with cloud computing, the answer is simple. What about large enterprises that have been in the market for years, though? Many of those have monolithic solutions based on traditional design models.
These solutions can be migrated into the cloud but it tends to be labor-intensive, and keeping those solutions within the cloud is much more costly than installing software locally, and this might undermine the viability of using and migrating into the cloud.
Lukasz Lacniak: The client’s desire to consume cloud services in a hybrid way also comes from the fact that there still are (and probably will be for quite some time) many legacy enterprise applications that are not even close to being cloud ready. It’s likely that many of these systems will never be ready to migrate to the public cloud. This really is THE elephant in a cloudy room, who is not leaving the room anytime soon. The industry has already figured this out and is trying to address this challenge with various forms of public and private cloud integrations, glue-like products and on premise cloud platforms.
Krystian Chorzepa: Another important factor relating to large enterprises is that by developing a hybrid cloud environment, organisations can deploy the cloud step by step or tap the cloud potential where possible. Firstly, you should consider setting up an encrypted backup of your data in the public cloud to ensure extra data loss protection. You can then migrate your non-critical environments, especially developer ones, which will be used whilst developing new and extending pre-existing functionalities in our solutions, into the public cloud whilst keeping sensitive and production environments locally.
You can use these environments as needed and switch them off as the work is completed to no longer pay for booked resources. Another area where the hybrid cloud comes in handy is all Big Data tasks. Rather than investing in an on-premise hardware and software Big Data solution, you can make use of tools and computing power available in the public cloud. When you are done with the data processing, you can forward the results and shut down the environment.
Businesses often use hybrid clouds to ensure business continuity. Basic environments are provided by the customers themselves whereas disaster recovery services are kept in the public cloud. New versions of owned solutions can be developed that can be used in clouds, whist simultaneously offering two models of their own products. This creates the possibility of providing your solutions in new markets. It is just part of the capacity offered by hybrid clouds. Each organisation needs to decide for themselves what they are capable of using and want to use. Based on market trends and insights from customers, the hybrid cloud is and will be the most often considered approach to cloud computing in all kinds of organisations.
Malgorzata Zabieglinska – Lupa: One final question. What is one exciting industry innovation or breakthrough you are excited about for 2017?
Lukasz Lacniak: There is a lot going on in the cloud industry, and it’s never been easy to filter out buzzwords and true innovations and it’s no different this time. The accelerating pace of cloud adoption is quite astonishing, for many years it’s only been a few percent of the market and now even the most conservative enterprises (e.g. government) are starting to shift their IT to public cloud providers.It was unthinkable in 2010, and now it’s common practice.
In retrospect, I recognise the widespread desire to replicate public clouds on company premises as one of the former exciting trends that didn’t really take off. Many companies, especially big enterprises, invested their own money to have public cloud-like platforms. It was supposed to have most of the advantages that public clouds have, in particular ease of use, whilst allowing users to retain control over the company’s precious IP and data. This proved to be close to impossible, and that’s why public/hybrid cloud adoption is now the top priority of CIO’s.