“The future is in the clouds,” forecasted the newspaper Die Welt in March 2010, identifying cloud computing as the next important growth area for the IT industry. Looking back, this forecast does not seem particularly daring; after all, the term “cloud” has been circulating since the 1990s in connection with ideas for outsourcing IT services. In 2006, Amazon Web Services (AWS) – today’s market leader – was founded as a subsidiary of the e-commerce company Amazon. In 2018, the company generated an annual turnover of more than 25 billion US dollars. But competitors don’t sleep either. Microsoft, Google and IBM also recorded significant growth due to the booming cloud business. In Germany, software giant SAP has realigned itself in view of the promising market.
According to current analyses, companies will invest an average of 28 percent of their IT budget in cloud services in 2022. If the forecast of Die Welt was not already reality in 2010, it is now at the latest. In the IT industry, all signs point to the cloud. However, cloud growth would not be possible if users did not have a need to use it. Private individuals who want to expand their data storage or use web-based applications will benefit from switching to the cloud, as will companies that want to reduce costs and gain flexibility. But how can the cloud be grasped and which services can be accessed via it?
Everything as a Service?
The cloud is abstract and therefore difficult to grasp. Almost everyone has a rough idea of it, but very few can provide a concrete explanation. Although cloud services are almost everywhere these days, a binding definition is still missing. Experts usually refer to a definition presented by the US National Institute of Standards and Technology (NIST) in 2011. Cloud computing is therefore a model that allows a network to access a shared pool of configurable computing resources (e.g. computing power, storage systems, networks, servers, applications and services) anytime and anywhere that can be made available quickly, with minimal management effort and little interaction with the service provider. In less complicated terms, IT infrastructures are provided from a computer network – the cloud – without having to be installed on the local device of a user. Cloud services are offered and used via technical gateways, protocols and often via the web browser.
In general, cloud computing is divided into three different service models, which can be described as several levels. The Infrastructure as a Service (IaaS) level represents the foundation. In this model, basic IT resources such as computing power, memory or data storage are provided over the network. The level above is called Platform as a Service (PaaS). In this model, the service provider offers users a software environment that allows them to develop and run their own applications. The third, highest level, Software as a Service (SaaS), offers access to applications. In this case, the software can be used online as a service, while the service provider is responsible for its configuration, maintenance and updating.
Private, Public, Community or Hybrid? Cloud first!
Users can use each of these levels or each model separately depending on their individual requirements. The required resources can be retrieved via different channels. The definition of NIST names four deployment models for cloud offerings. In a Private Cloud, the cloud environment is provided for one company only. Hosting and administration can be handled either by the company itself or by a service provider. Via the Public Cloud, certain services of a provider can be used by the general public or a large group of users. In a Community Cloud, a smaller group of users, usually several companies or institutions with the same interest, shares a cloud environment. The Community Cloud is operated by one of the involved institutions or service providers. A Hybrid Cloud is a cloud where several independent cloud infrastructures (private or public) are shared via interfaces. In addition, there are other cloud offerings, which are in part mixtures of the described variants and which operate under other names. For example, the so-called Multi Cloud, in which cloud services and platforms from different providers are combined into a single large cloud from the user’s perspective.
Anything from the cloud – and then?
The cloud provides not only storage space, but also hardware and software. Through the access to memory, applications or virtual computers from the network, locally operated IT infrastructure becomes obsolete in part. The advantages for cloud users, especially companies and public authorities, are obvious: By using cloud services, investments in infrastructure, hardware and software can be reduced significantly. On the one hand, there are no high costs for procurement; on the other hand, there are no running costs for operation, maintenance and updates. All this is handled by the service provider.
In addition, cloud services offer a high degree of flexibility because they are easy to scale at any time. Users can adjust their booked services to their current needs and therefore only have to pay for those services they actually use. If necessary, storage space or computing power can be expanded at will – over the long term or for a limited period. If business is booming and additional IT capacity is needed, it can be quickly added. High misinvestment in the wrong hardware or in hardware that is barely used later will be avoided.
Cloud computing also gives companies more flexibility and agility regarding the use and exchange of data. Services from the cloud ensure that all users are always up to date, no matter where they are. All they need to access cloud services is a supported device and an internet connection. This gives employees the opportunity to handle disruptions of public transport, traffic jams or childcare without any loss of productivity. The more flexible working life not only increases efficiency, but also happiness among employees.
By now, even complex IT infrastructures such as contact centers, which previously had to be set up locally, are provided from the cloud. In this case, too, companies benefit from a massive reduction of costs and an increase in flexibility due to easy scalability.
Don’t be afraid of the cloud!
While cloud services are becoming more important, many German companies, which traditionally react sensitively to the issue of data protection, are still sceptical about outsourcing their data. In fact, companies that entrust their sensitive data to a cloud service provider are becoming somewhat dependent. The first step should therefore be to check the framework conditions carefully. It should be noted, for example, that data storage devices located outside the EU are not tied to European data protection guidelines. The Bundesamt für Sicherheit und Informationstechnik (BSI) offers guidance. The BSI has published a Cloud Computing Compliance Controls Catalogue (C5), which defines certain requirements that cloud service providers should meet in order, among other things, to fulfil the strict legal requirements on data protection.
Nevertheless, the data encryption can be a powerful protection. In addition, general concerns can be overcome by the fact that the use of cloud services also offers advantages in terms of security. Unlike on-premises solutions, users can rely on the provider to keep their cloud infrastructure and applications as well as their security standards up to date. In addition, the providers have a high level of expertise that is difficult for individual, even highly qualified administrators to achieve. And last but not least, the cloud offers better protection against data loss due to defective hard disks or other technical failures.
If cloud solutions are implemented in accordance with security standards – and possibly with the help of an experienced partner – they offer companies or authorities lots of great advantages. Current trends, such as the development of applications via microservices and containers or the downsizing of infrastructure through serverless computing, leave no doubt that modern cloud technology owns the future.