Head in the cloud
A couple of recent announcements point the way to a changed landscape for local internet usage, even if that progress is slowed by recession or legislative hurdles.
Seacom has stated that it will have its new east-coast cable running by June. This will have a 1,2 Tbps (two 640 Gbps cables) capacity and avoid the latency that bedevils our satellite connections. That is a sizeable slice of the present capacity of lit cable in the world and something like 12% of overall global undersea cable assets, including dark fibre.
Tata Communications has announced that it is increasing its stake in Neotel, basically taking over the equity held by Eskom and Transnet – and making Neotel an even more serious competitor for Telkom.
Together, these developments point the way towards faster, cheaper connectivity for the country in the relatively near future.
This writer has had egg on his face before for making such predictions but, hopefully, the future will be egg-free and eventually offer the country the fruits of telecoms liberalisation.
Now it becomes meaningful to discuss what cloud computing is all about, without the usual caveat about connection costs and latency.
What is cloud computing?
The core concept is to put data and applications online, hosted on remote, reliable and secure servers, so that the client machine need not have a resource-hungry burden of software and productive access can be achieved from any suitable device – anytime, anywhere. This suits the trend for mobile workers and can greatly reduce costs for the customer. You don’t need the capital expense of servers or the staff and maintenance costs of running those servers.
Cloud computing is a bit of a nebulous concept – pun intended. The precise details of the technology and the business model that support it vary from one vendor to another. It has some confusing parallels with grid computing and utility computing. At its core, it is software as a service (SaaS) or, in the Microsoft formulation, software plus services (S+S).
This is not entirely new. It is just taking the client/server architecture to the next level, based on the availability of reliable, always-on internet access.
An amusing IBM slide presentation from 1975, promoting the use of terminals connected to the mainframe, covers pretty much the same territory. You can see the slides here (www.squareamerica.com/ib.htm) – but when they say “online” they mean “immediately connected”, as opposed to running a whole pile of punch cards through a reader to get a report. They definitely don’t mean “connected to the internet”. There were only about 50 computers on Arpanet in 1975 and the internet that would grow from that network experiment was years away. The selling points in the IBM slides are, however, perennial – save on costs, increase productivity.
What has really altered the picture since then is both the available technology and the demand from customers of all types to have working access from just about any location.
The major contenders in this nascent market are Google and Microsoft – both are targeting mass-market and corporate customers. Practically all other software vendors have a comparable offering. Even Amazon has climbed into this market. The majority of such offerings depend on some sort of subscription arrangement, a familiar scenario which has been around for as long as ten years in one form or another. This was established by the application service provider model and only the technical abilities have improved.
The differences regarding what Google and Microsoft offer are, on the surface level, all about the business model. Google aims at free or low-cost applications that will increase their user community and their advertising revenue. Microsoft aims at subscription licensing of their established products, combined with an array of (often free) live services that drive the use of those products and make for an easier and richer user experience.
What has really changed?
A lot has been learnt since ASP was a buzzword.
Broadband connections are commonplace and there is reliable encryption even when using the public internet. On the hosting side, we can do a lot more than before. We can host multiple, load-balanced instances of applications that allow for efficient handling of multiple users (tenants, in the trade jargon). As Microsoft puts it, the top maturity level of SaaS delivery is scalable, configurable and multi-tenant efficient.
Storage costs are far less than they used to be and it is possible to keep massive databases offsite in online hosted facilities, rather than running a private server farm.
A cloud computing offering can include service oriented architecture so that different applications can communicate efficiently and the host can take advantage of virtualisation to reduce costs and improve performance. The host’s ability to serve many customers from a simple infrastructure makes for enormous savings. This is where it is very different from ASP and other client/server models. Many users are actually using the same application without that being visible to the individual user.
Maybe the most important element is the one that is so obvious you don’t even notice it. Working in the cloud means the primary access point is just a browser – and you don’t need hefty hardware or client-side software to achieve that.
That aspect especially suits the mobile worker. At the same time, easy browser access opens up cloud applications to a far wider market – which is why most discussions of cloud computing will mention the Web 2.0 connection.
The rapid growth of social networking and user-contributed content on the internet is a trend which looks set to remain a dominant force. The spread of multimedia content will continue. These are common characteristics of what we call Web 2.0.
As with e-mail and instant messaging (IM) previously, what users are used to doing at home for convenience or amusement eventually becomes part of the work scenario also.
IM has mutated from a pastime and become a business channel that extends the communication abilities of e-mail to incorporate presence technology (you can know if the recipient is there), the ability to have a more focused Q&A session than would normally happen by phone and bulletin-style updates that are not even worth SMS monstrosities like “c u l8er?”.
Vendors already offering cloud computing services are often the ones that keep their fingers on the pulse of what consumers are looking for.
David Cearly, a Gartner vice-president, pointed out the advantage that consumer-oriented companies have in a report his company issued last year.
“The vendors are at very different levels of maturity,” he said. “The consumer-focused vendors are the most mature in delivering what Gartner calls a ‘cloud/web platform’ from technology and community perspectives, but the business-focused vendors have rich business services and, at times, are very adept at selling business services.”
The same Gartner report cautions that cloud computing is years away from maturity but opens with the forecast: “Cloud computing heralds an evolution of business that is no less influential than e-business.”
Will cloud computing be a game-changing technology? There are compelling reasons why it should be.
On the plus side, there is convenience, mobility, cost-saving and familiarity – in that it closely parallels the way we use the internet when not constrained by task-oriented, workplace restrictions. The opportunities are pretty wide-ranging. There is hardly any basic software which could not be hosted with only imperceptible impact on the user.
In fact, the scientific community has been doing this for years with some of the world’s largest databases and highly specialised, number-crunching applications.
What are the problems?
Assuming you have cost-effective connections that are reliable, the remaining risk is data security.
Another Gartner report summarises the risks along the following lines:
- Who has access? When you send data of any kind to a location outside your network, somebody can access it. You need to find out what security checks the hosting service has regarding its staff and what controls are applied to prevent unauthorised access. Get all the details on this.
- Are you compliant? Most countries today, including South Africa, have up-to-date laws that make companies responsible for the security, integrity and privacy of information they hold – especially if it is confidential or personal. These laws apply from source. It is still your responsibility, even if the data resources are stored on your behalf by a third party. Make sure the hosting service is audited and certified for this security aspect.
- Where is your data stored? Unless you ask, you have no idea what country your information is stored in. This might have a large impact on what legislation applies and what recourse you have in terms of litigation. In a best-case scenario, you should be able to choose a location and make sure the hosting service is contractually committed to the applicable laws of that country.
- Is your data segregated? Application and storage hosting in the cloud is a multi-tenant environment. The hosting service will encrypt your data but get more detail than just that. You need to know that whatever data segregation strategy is used is a fail-safe and tested solution. An information leak is bad but an encryption error that makes data unusable is probably worse. You might want to encrypt your data anyway before it leaves your network.
- What is the disaster recovery strategy? The hosting service should prove that it hosts your data in multiple locations to ensure disaster recovery. It should also commit to an acceptable time frame for getting the data and services back online if there is a crash.
- What is the tracking and auditing ability? This is the question that may not get a favourable answer. Can the hosting service offer fine details of how your data is stored, accessed and processed? If you suspect a leak, can they prove that it didn’t happen? If they say they can do this, can they offer proof that they have done this previously and successfully? Try to specify certain auditing and investigation abilities in the contract.
- What is your data lifecycle? Don’t assume that the company you deal with will always be there – it could shut down or be acquired by another business. You need to know what happens to your data, the service and the terms of the contract if that should happen. Don’t assume that whatever storage technology is used, especially for archiving, will still be available in years to come. Get the hosting service to commit to return data in a usable format for any foreseeable future period.
To be realistic about these risks, the vast majority of customers will only have to worry about some of them. Even where there is a risk, it may be involve only a small cost or loss if it happens.
Finally, many of the questions above are exactly the same ones you should be asking your own IT department and/or users. Even experts in well-funded, cautious organisations might fail on some of the above.
Already there
It may not be obvious, but we are already using cloud computing – just not in a conscious, business-like fashion.
If you store your family pictures in any of the handy online repositories, post or watch video content, if you run a widget that tells you the stock prices or weather forecast, if you use fax or SMS services on your favourite website – you are in the cloud already.
These online services are just junior versions of running productivity tools, collaborative tools, storage technologies or any other type of software online.
It is not such a great leap to move from running applications on a hard drive in your PC to running them on a remote server – no matter where it is geographically located.
Astrophysicists and nuclear physicists have been doing this for a while. They have at least as much concern about data quality and security as the rest of us. At least, we hope so.
EngineerIT
Loading ...