A recent survey conducted by Flexera revealed a startling picture. Yes, cloud computing is a growth area for enterprise IT as more and more businesses seek to shift the burden of administration away from internal teams and respond to customer demands for always-on digital services, but the growth is exceeding expectations.
According to Flexera, some 90 per cent of companies expect cloud usage in 2021 to exceed their prior plans. This is largely occurring in response to Covid-19. In addition, adoption is sophisticated: 92 per cent have a multi-cloud and 82 per cent a hybrid cloud strategy.
Management consultants McKinsey & Company, meanwhile, found that “across regions, the results suggest a seven-year increase” in the speed of cloud adoption.
The statistics may be global, but Ireland is no different. Indeed, the IDA is pitching Ireland as a natural home for cloud deployment, including research and development. Meanwhile, with the last year seeing working practices transformed by the pandemic native Irish businesses, too, have rushed to adopt the flexibility offered by cloud computing, from virtual desktop to backup, disaster recovery and more.
One person unsurprised by this is Grant Caley, chief technologist at NetApp in Britain and Ireland.
“There was a general growth in cloud anyway, as that was the strategy to adopt in some form for most businesses, frankly. Covid-19 has accelerated that, though, with remote working in particular,” he said.
Covid-19 was a bad surprise of course, but our networks did show resilience and the preceding investment in cloud and other online technologies meant many businesses were able to soldier on.
“They realised it’s not quite as hard to implement a remote strategy as it seemed to be,” said Caley.
Marc O’Regan, chief technology officer at Dell Technologies Ireland, said the numbers seem right, and that what is happening is a process of change facilitated by technology.
“I think it is accurate. I think the perception of cloud has changed: I think a lot of organisations were trying to take their services and see how they could digitise them across their operations. The pandemic has sped that up,” he said.
The positive side of this has been business continuity, but O’Regan cautioned that there have been real spikes, and they can mean massive cost increases.
“Over the last year to year and a half, with the pandemic we saw an increase in public cloud use with spikes of around 700 per cent,” he said.
As public cloud is based on a consumption model, costs are typically easy to predict. But events like the pandemic had the potential to spray red ink over the best run accounts ledger, especially if workloads placed in the cloud are new and relatively unknown.
“A workload that you do not understand and could explode: do not put that in the public cloud. That will cost you so much money. The second is a workload that wouldn’t be compliant in a public cloud,” said O’Regan.
A place for everything
Donal Byrne, director of technology, Triangle Computer Services, said statistics on cloud adoption do reflect a fundamental truth in that more and more businesses are using cloud services. They also tend to muddy the waters, however, as many surveys failed to note what base businesses were starting from when they trumped huge growth.
“The challenge is to get from what has built up over the years. The early adopters of cloud who were able to do it were those who were starting from scratch,” he said.
One roadblock is customisation, which can be incredibly complex in long-established businesses. “They start with the base install of an ERP [enterprise resource planning] system, for example, but it gets customised beyond all recognition as they go.”
While this can make migration complex it is not in itself a problem, as the point of enterprise IT is to serve the business, not the other way around.
“The business is serviced by technology, it’s not run for it,” said Byrne. “A typical business is not a technology business, even if technology is becoming more and more important. They are retailers or pharmaceuticals businesses or energy businesses. IT isn’t the raison d’etre, it’s the plumbing.”
It is not just about shifting IT away from the office, though. The cloud has created the opportunity to create entirely new business models.
IPS Cloud Print Services is one example. While managed print services have been around for a long time, often being the first managed IT service businesses encountered, and photocopiers even longer, IPS had used the cloud to make nuisances like printer drivers’ almond configuration a thing of the past.
John Jones, commercial manager at IPS said that in the context of working from home this became vital, as it brought office-grade printing, complete with granular security controls, into the home.
“There’s a huge difference between a home user using an app to wirelessly send a document to a home printer and the complex needs of a business,” he said.
IPS, working with Lexmark, manages printers and consumables. But it found clients wanted more. As a result, all device management was moved to the cloud.
“They ask: ‘how do we manage the infrastructure? Can we manage the servers? Can we take away drivers?’. With Lexmark Cloud Print Management we can, and do so in a compliant manner, as it is a global solution but we connect to a European data centre,” he said.
With compliance, notably the EU general data protection regulation (GDPR), straining under home-working regimes, this is more important than ever.
“Corporate print has been transported to the home office. Documentation, finance, office controls, these are not in place if you just go down the road and buy a printer,” he said.
Another obvious win for cloud is in backup. Filip Verloy, field chief technology officer for EMEA at Rubrik, said an awareness of the need to keep downtime to a minimum and long-standing worries about the reliability of tape backups have seen to that.
“We have definitely seen cloud blob storage take off as the default first option for storing long-term retention backup data, the discussions around tape and tape manipulation during times of Covid-19 have certainly accelerated that,” he said.
Choosing services to move to the cloud, hand-picking them even, is a sign that enterprise IT strategies are maturing.
“Generally speaking, I do see more pragmatism in the enterprise and a move from cloud-first to cloud smart,” he said. “It becomes an expected architectural option but one for which pros and cons are evaluated just like any other.”
Small business in the sky
One thing that should be taken into account is that the term ‘cloud’ is rather vague, covering everything from simply using web-based software to incredibly complicated and customised virtualisation setups.
Without a doubt, what small and medium enterprises (SMEs) are doing online is very different from large enterprises. There surely are some small start-ups, most likely themselves in the tech sector, doing development in the cloud, but the cloud starting point for most small businesses is software as a service (SaaS).
The Microsoft 365 suite in particular is now a key weapon in the arsenal of many small businesses, just as Office was in years gone by. Indeed, Microsoft is pushing customers very hard in the direction of 365, rather than a traditional Office install, for even basic office productivity applications.
But giants like Microsoft do not have the field entirely to themselves: among SaaS providers Big Red Cloud is a well known Irish success story, bringing small business accounts into this brave new world.
Paraic Nolan, chief financial officer at Big Red Cloud said that while many of its customers are already cloud-enabled, 2020 and 2021 have seen a real shift.
Big Red Cloud itself still offers both its accounting and payroll applications as traditional software, but the direction of travel for its clients has been clear: they are moving to the cloud.
“We’ve seen a big uptick in the last year, driven by the pandemic, particularly in terms of working from home,” he said.
Moving to the cloud was not the only option for Big Red Cloud’s customers, even during the pandemic: traditional software can still be used remotely, for instance, but the process is more difficult. “They could have VPNed-in, but it’s kind of awkward,” Nolan said.
The ability for users to be anywhere that has reliable internet access has proved itself to be essential in the last year, of course. “You can be in France, I can be in Dublin, and your accountant can be in Tipp. It’s a complete game changer for the accountants.”
Cloud computing has potential not just for business, but for the country as a whole, said Nolan. Not only is Ireland already home to important cloud providers, but there is the opportunity for the public sector to deliver more online services.
“We have some of the biggest cloud providers in the world here, Microsoft and Google. But our public services generally are not moving to the cloud. In general, the public sector should be looking to the cloud. If you are connected correctly the data can be secure.”
Michele Neylon, chief executive of data centre and hosting provider Blacknight Solutions said that in his view SMEs were taking a rational approach to cloud adoption.
“The average small business, they’re not going to be looking at extremely complex things. They want to do x, y and z, and ask what is the most cost-effective way of doing that,” he said.
Like everything, cloud has its place in the business IT mix. But the wildcard has been Covid, something he thinks will permanently change how we do business. The immediate need is to ensure as many business services as possible can operate remotely.
“Covid-19, like a massive wrecking ball, comes swinging through and everyone has to go online to survive, which we all know about: here we are 12 months on and we’re all still working from home and there’s no real clarity on when that will change,” he said.
It is long past time that this was done in a systematic, and therefore secure, way. “Companies have had to adapt. They’ve had to move into the cloud overnight. They’ve had to adapt because in the office environment you can control things: you know who’s in the building, you know who’s physically there, and so on. The same is just not true with remote working.”
As time moves on, SMEs will also find that they can do more than just subscribe to SaaS, even if they are unlikely to need containerised development environments or the rest of the bleeding edge of cloud technology.
“The reality is that we can do other things for these companies: website hosting that has a drag and drop interface builder, broadband connectivity and more. We can say ‘what do you have and what do you want?’,” said Neylon.
As you climb the ladder to larger businesses you find that cloud is used more and more, with just about every company trumpeting its cloud strategy. Just what they mean by cloud is not always clear, though.
“When people say cloud they don’t always mean the same thing. It could be a public cloud like Amazon AWS, Microsoft Azure or perhaps some other provider, maybe Oracle or IBM,” said Séamus Dunne, managing director, Interxion Ireland.
Dunne agreed with Neylon and Nolan that for the SME sector, cloud typically means SaaS. “Salesforce is the classic example of that and Workday has transformed HR [human resources] ,’’ he said.
Larger enterprises, however, typically have a hybrid strategy that includes some public cloud, some private cloud and some on-premise infrastructure, whether that is literally on the premises or in a data centre run by the likes of Interxion.
“The terms ‘hybrid cloud’ and ‘multi-cloud’ are maybe becoming passé, but that is the way it’s going,” he said.
Dunne should know: one of the world’s largest cloud-neutral colocation data centres, Interxion connects directly to every public cloud out there and its client roster reads like a who’s who of Irish and international enterprises.
From his vantage point, it’s no surprise that use of cloud-based services has increased dramatically over the past year. “It has accelerated what was happening anyway by, pick a number, three to five years.”
The risk of cloud computing becoming quotidian is that it would also become, well, quotidian. Dunne said that no one should underestimate the seismic shift that has occurred in IT as a result of the cloud, in what is really a very short time frame.
“The idea of the cloud only started in 2006. That’s 15 years ago. In the scheme of a life that’s nothing. And it’s at around the same time that the iPhone was launched. It’s phenomenal and it is transformative.”
The cloud is not the only game in town and traditional infrastructure is still there, working away. Indeed, while cloud does bring tangible benefits it is also a commercial proposition for everyone from vendors to cloud service providers to systems integrators so, naturally, comes with a sales pitch attached.
Dunne said businesses need to avoid taking a one-size fits all approach, but the good news is that however much they adopt cloud, their traditional infrastructure can still be facilitated and interconnected to the cloud.
John McCabe, managing director of Damovo Global Services and Ireland said he sees ‘cloud smart’ as the message businesses should take, not ‘cloud first’. Rather than rushing to revolutionise IT systems, a slow and steady, programmatic approach will pay dividends.
“When we say ‘cloud smart’ we mean understanding what you’re trying to get from a business point of view. Don’t let technology drive the strategy,” he said.
In almost all cases this means forgetting about notions of a 100 per cent cloud native strategy, something that really was only ever a possibility for ‘born in the cloud’ start-ups anyway.
Instead, systems and processes are evaluated and ported or rewritten for the cloud if and when it makes sense to do so.
“What we’re seeing is a hybrid approach: the simpler things go cloud and then you build from there,” he said.
“The key is don’t do it all in one go, no big bang. The system integrators need to come in and migrate the data. Unfortunately, a ‘flavour of the month’ approach to technology is a problem still.”
McCabe is not doing down cloud computing, though. There are very real benefits to be had from it, he said.
“Cost and flexibility are great benefits of the cloud and they are very much linked. You can flex up and down and that’s a massive advantage for an organisation. In addition there are no painful upgrades: the latest and greatest is always there.”
Donal Byrne of Triangle said some instances of cloud, such as infrastructure as a service (IaaS), require careful consideration and that in the long term private cloud often shows itself to be the best value.
“We’ve seen cases where when you stretch the cost of cloud over five years and soon it’s very much in favour of on-prem, even over three years in some cases. IaaS, like for like cloud vs private cloud, it’s either cost neutral or private cloud is cheaper,” he said.
There are costs beyond spinning up CPUs and disks, though, and Byrne said security needs to be factored in. “I do think security is one of the reasons why the cloud is growing. The cost of on-prem security can be eye-watering.”
Secure in the knowledge
No one reading this article can have escaped the fact that the IT story of the moment, perhaps of the year, is the ransomware cyber attack on the Health Service Executive (HSE).
At the time of writing the crisis is still ongoing and vector for intrusion into the HSE’s systems is not publicly known. However, wherever failures may come later come to light in the HSE or wider public service IT provision, there is no scope for schadenfreude: anyone in the private sector who thinks that a similar attack could not happen to them is very much mistaken. It only takes a glance at the list of global giants attacked in the last decade, from Sony to Target, to see this.
Damovo’s John McCabe is optimistic that rather than getting ready to point fingers, businesses have notebooks at the ready. “I think we will learn from the breach. Cloud is part of the answer to security, but it is only part,” he said.
One advantage the private sector does have is that it can pay higher salaries to security professionals without causing public outrage. Or it can in theory anyway.
In fact, there are two problems with this: firstly, salaries in the sector are so high that only the richest of businesses can really afford top people. Secondly, even businesses which can afford to pay for security staff are unable to recruit them.
“The truth is cloud is safer, full stop,” said Paul McEvoy, head of network security services at Eir Business.
This is because economies of scale come into play with cloud security professionals. “You can’t afford to pay them, and even if you could ,you can’t get them.”
Indeed, the shortage of skilled and qualified cybersecurity professionals is well documented. According to the International Information System Security Certification Consortium, the picture is improving: 2020 is the first year to have seen a decline in the shortage. But the skills pipeline is still not fully in place and there is no real prospect of there being a surplus of security professionals any time soon.
Covid-19 appears to be having an impact, too: PwC’s Cyber Security Strategy 2021 report said that, remarkably, 16 per cent of technology leaders are planning to “downsize” their security teams. At the same time, 56 per cent of respondents to the study said their organisations are at risk due to cybersecurity staff shortages.
There may be more to this than simple layoffs; cuts to security could indicate a move toward a managed cloud security strategy. Indeed, the PwC report found cloud security was the most in-demand skill set, with 40 per cent of respondents stating they plan to develop it over the next two years.
McEvoy said we need to recognise that data is not just kept on servers in the office: it’s hard to protect the crown jewels when, rather than being kept in the Tower of London, they are distributed goodness knows where.
“Where are the crown jewels? They’re everywhere. IT security used to be about the perimeter. Where’s the perimeter now? It’s gone. There is no perimeter any more,” he said.
Naturally, remote working has intensified this trend, with data flying back and forth, though hopefully not being stored on local devices. McEvoy said in today’s risk environment the only approach is one of so-called zero trust.
“Taking the security stack, moving that to the cloud and putting the same controls in place and, in fact, better controls. It’s all about zero trust, identifying the users, verifying every single time, protecting the user, protecting the device that they’re using, protecting the device they’re connecting to, protecting the data within the applications,” he said.
A tall order for internal IT departments indeed, probably impossible in fact. But it can be achieved through cloud security. As complex as it sounds, what is really going on is traffic visibility augmented by automation.
“You need visibility, full visibility on what’s going on on the network. No one can [manually] go over logs. There’s too much, so you need automation in there. The signal-to-noise ratio is just too low for someone to do it manually,” said McEvoy.
Paraic Nolan of Big Red Cloud agreed, and said the cloud allowed for multiple layers of security to be applied.
“We stand on the shoulders of giants ourselves. We’re sitting in the data centre and we build security on top of that. It’s not just the vendor,” he said.
Clear skies ahead
With lockdown apparently ending in a number of European countries and easing in Ireland, concerns about new variants of Covid-19 notwithstanding, there is not a business in the land that will not now be trying to plan for the future.
The sad reality is that some will not make it, but it is at least clear that enterprise IT, cloud in particular, long dismissed as a cost centre or necessary evil, is what allowed business to continue at all during the pandemic.
For those businesses that survive and thrive, then, the next question will be how can they build on their investment in IT to continue to futureproof their operations as well as drive new revenue.
Caley said the IT is out there and more and more possibilities are opening up.
“There is a rash of new services like AI [artificial intelligence], and scalability of course is the thing that really drives the cloud. For the future they need to see how they become more flexible,” he said.
In the end, the applications will drive how the IT is factored and designed and those applications should be driven by business needs, most notably responding to customer needs. What this will mean in practice will differ in every organisation. With one exception, that is: every business will need to evaluate what they are doing.
Most will find that a hybrid of public cloud and private cloud, alongside some on-premise IT, is not only popular, it’s the standard model, said Dell’s Marc O’Regan.
“Our point of view is that choice is critical. Choice is absolutely central. With on-prem we can decrease latency, reduce cost, comply with regulations and then public cloud will give you flexibility, but I believe that a model that had no trade off between the two is ideal,” he said
Keeping your feet on the ground
There are times when data and processes should not be moved to the cloud.
Dell’s Marc O’Regan said the reasons for this vary, but include things like the need to process closer to the edge.
“It may be a low tolerance of latency, in a hospital or an oil rig that can’t wait for it to come across the internet,” he said.
Interxion’s Séamus Dunne agreed, saying reasons to not go to cloud include cost, control and compliance. Another is that some applications simply can’t be moved. “Legacy is another one. In talking to clients, I’ve met some who are using one floor of the office for the data centre. They discover you can’t put it all on the cloud.”
What they can do, however, is ‘lift and shift’ to a co-location centre, where they can get direct access to the cloud.
‘You’re not starting from nothing so your project is getting from where you are to where you want to be. You have legacy: sometimes the best strategy is to leave it alone, perhaps physically move it but not try and port or migrate it. It’s just not worth the expense or the risk. By the same token there will be some cases where it makes perfect sense to migrate,” said Dunne.
O’Regan said the op-ex focused cost models that have played a major role in driving cloud adoption can be applied to on-premise hardware.
“We believe there’s a gap in the market where you’re consuming a service on your terms with a subscription model. We see organisations all over the world coming to us saying they want to foster innovation and modernise their IT. But to do this in the public cloud is constrictive, it’s restrictive [so] we’ve been building consumption-based models for on-prem for well over a decade,” he said.