The Cloud - for democratization and innovation and security at lower costs image 23

The Cloud – for democratization and innovation and security at lower costs

The IT evolution discussed in my previous article, also resulted in the concept of the cloud. Hard to define exactly, there is general understand that the cloud refers to offering and consuming IT facilities through a network connection from an unspecified location, based on a pay per use model with largely step-less scaling up and down of capacity. It is assumed that because cloud providers operate at cloud scale – i.e. they provide services to a large community – they can achieve economies of scale and balance peaks in demand across customers, allowing an efficient and profitable operating model that results in a lower TCO (total cost of ownership/operations) for customers.


(Note: the predictions and numbers included in this article are sourced from Mark Hurd’s Keynote presentation during Oracle OpenWorld 2016.)

Research shows that organizations spend 80% of their IT budgets on maintaining existing infrastructure and applications. From corporate data centers, hardware and platform software to custom applications, 3rd party COTS and integrations between all of them.

The average age of infrastructure is 5.5 years and applications are over 20 years old, on average. Just keeping stuff running – in a secure, supported way is a huge challenge. Less than 20% of budgets are available to innovate – create additional business value from IT, over and above what existing applications are offering. And any incident or new government regulation that needs attention needs to come out of the 20%.

The cloud promises to change this. Organizations should be able to focus their IT efforts on those aspects that make a difference to the business – and therefore bring IT closer to the business and make IT much more relevant to the business. Usually that is not the data center or the hardware and operating system. It may not even be the database or application server – but only the custom application running on top of the platform. Anything that is not differentiating to an organization can be outsourced to the cloud provider who should – through cloud scale operations – be able to do a better job at lower costs and without long term investments especially for very infrequent peak demands . The corporate IT staff can focus on the areas where they can make a difference to their organization.

The cloud also promises faster innovation. In two directions. Cloud providers such as Oracle can make their latest features and services available much faster to customers around the world. An upgrade to the cloud is far easier executed than a rollout of software that hundreds to thousands of IT departments will evaluate, test and eventually roll out through extensive manual labor. By consuming cloud based IT services, changes will flow much faster from provider to subscribers. Innovation in companies can be much faster as well. Venturing into new areas, trying out new capabilities is easy. No investment required, quick ramp up with for example Big Data facilities or Internet of Things platform running within hours and instant company-wide, even global, accessibility of environments. Any IT based innovation can be achieved rapidly and cheaply – allowing fail fast or quick success.

A popular turn of phrase is how the cloud democratizes IT. This means that through the cloud – anyone anywhere in the world with a browser and a credit card can get access to high end IT facilities. Through free tiers, trial subscription and stepless pay per use subscriptions, individuals and small organizations can use what they need – without making large investments. They can handle leak loads too – again without having to invest for such a high-water mark. Small businesses can use facilities that used to be the prerogative of large enterprises – in areas such as machine learning, data visualization, speech recognition and text analysis, location based services. A small company could never afford to buy the machine required for complex data mining, even if they would need it for only a day. However, renting a time slice for such infrastructure is within reach. And the knowledge and skills required to run the complex IT infrastructures required to run these advanced functions – that were clearly not available within small organizations – are no longer required because the cloud provider takes care of these. This gives rise to the citizen developer and citizen data scientist.

Democratizing IT is not just making high end services available to small and medium sized businesses – it is also making these services available anywhere in the world. As long as you are not in North Korea or Syria and have access to the internet – you are good to go: most cloud services are or will be available.

In addition to making services available from the cloud – small business and individuals in addition to large companies can make their services and products available on the cloud – offering them to a global market. This is another important element in the democratization: the world has become a single marketplace that the cloud allows us to access almost instantly.

In turn this means that software products for which there may exist only a small local market – not justifying the costs of development – can now be offered to a global market, possibly a 100 fold increase of the potential customer base. It seems likely that the cloud therefore will give rise to wide and varied collection of niche SaaS solutions – standard products for very specialized use cases. As a consequence – the need for custom applications may further decrease: with so many niche SaaS solutions, odds are that a much better fitting standard solution for an organization’s challenges may be available than was the case in the past.


Some years ago, security was a major reason for organization to not want to go to the cloud. That sentiment has changed considerably. It is widely recognized that cloud providers operating at cloud scale can afford – are forced and able to – implement strict security measures at all levels, from physical buildings and infrastructure to personnel and procedures. Automation, authorization and auditing can all be at advanced levels. Regular security audits and period certification are all feasible for cloud scale providers – much more so than for any but the largest of individual enterprises.

Confidentiality is one aspect of security, Integrity and Availability are the other aspects. The facilities that cloud providers can typically provide for High Availability (redundancy and fail over within a data center) and Disaster Recovery (complete resumption in a different data center in case the primary data center is completely wiped out) are beyond what most organizations can organize on their own. The fact that cloud providers organize these services for many customers using their standardized approach and [hopefully] tried and tested high end facilities allows them to offer H/A and DR at infrastructure level under attractive conditions. Note: part of H/A have to be zero downtime operations; when the ops activities are required on the data center, the hardware or operating systems or the platform instances on which applications run, these actions should not result in the applications incurring any downtime. The applications themselves need to satisfy certain requirements to be able to go through fail over without any consequences at all for consumers.

So corporate data centers will rapidly become a thing of the past. Like water wells and electricity generators:


The development and maintenance of custom applications as well as their roll out and implementation requires a very substantial investment for most organizations. The configuration, customization and implementation of a standard ERP application is a similar big deal in terms of effort and costs. By adopting a specific standard product and selecting a vendor’s technology stack for developing the custom application, an organizations enters into a relationship from which there is no easy escape. Given the investment – there is typically no easy way out. There is no easy migration path away from a specific technology stack nor from an application that is used by hundreds or more business users. You cannot just rip it out. There typically just isn’t an easy exit strategy.

That situation is largely the same in the cloud. Once you select cloud provider, you start creating a dependency. And getting away from that provider will be painful. Depending on the technology stack used for custom development of applications or integrations, there may be migration scenarios to similar stacks offered on other clouds. In general, any migration will be hard. One aspect organizations should really take precautions for early on as core element of their cloud exit strategy: ensure that all your data – including documents, meta-data and source code – is yours and is accessible to you and can be exported in a format that makes the data accessible and usable.


Provided you have an exit strategy – there seem to be many convincing arguments for moving to the cloud.


Download the AMIS OOW16 Highlights for an overview of announcements at OOW16.