I love cloud computing — in fact, for what we are doing cloud computing really makes the world go around. Interestingly however, is just how little a lot of my friends really understand about cloud computing and the coined phrase “in the cloud” — so I set about explaining the entire concept in this simple post.

I love cloud computing — in fact, for what we are doing cloud computing really makes the world go around. Interestingly however, is just how little a lot of my friends really understand about cloud computing and the coined phrase “in the cloud” — so I set about explaining the entire concept in this simple post.

So what is cloud computing?

Cloud computing is essentially a method of delivering applications over the Internet directly using a dynamically scalable system of computers which can be quickly scaled upwards or downwards as demand changes for the delivery of the application. The term ‘cloud’ is effectively a metaphor for the word the ‘internet’ such that the cloud hosted applications are delivered through a large host of networked servers which are interconnected by high speed bandwidth connections at server farms around the world.

The hosting of a cloud computing system is typically provided by the Internet giants of the world — primarily because they have the financial resource capacity to purchase thousands of servers, strategically house them for optimal performance delivery and most importantly — develop the internal cloud computing software which allows the whole process to work. Amazon has one such service called Amazon Web Services which is a full-featured cloud computing service such that any application can be developed and delivered over the service and which supports multiple languages of code. Google also offered a service called Google App Engine — which is not a full-featured cloud computing service, as at the moment applications can be only developed in a coding language called Python (written in C). Microsoft are also developing a full-featured cloud computing platform that can run any Microsoft based software program and it’s called Microsoft Azure Services Platform — which is what Microsoft are basing a lot of their future strategy on.

Why use cloud computing?

The beauty of cloud computing in comparison to a standard application server configuration is the ability to scale resources indefinitely as demand changes through a simple click of a button. Under a traditional computing model, the application is delivered over a set number of servers and if capacity changes quickly — the speed at which new servers must be built, activated and added as additional capacity is quite slow — meaning that the application either crashes under heavy load or the application provider must stop the service until more capacity can be added. Then of course, if demand drops after the additional server capacity has been added — the application provider has paid for this increase which means that there overall CPH (cost per hour) of computing has sky-rocketed for a short-term increase in demand. A very ineffective use of resources.

So the obvious way to manage this is to only pay for the resources which are required at any one time — hence, enter cloud computing. The effective paradigm of cloud computing is its ability to create large economies of scale and facilitate a reduced cost opportunity (cost per hour of computing) for application providers. This infers that the ability to quickly add and remove capacity as required is simply handled through a custom interface which allows the cost perspective to be paid on a per-usage basis. Typically, this means paying for bandwidth and per-hour instances of server usage. So, if demand skyrockets — additional capacity can be rolled out quickly and the application load can be distributed over this additional capacity in an instant — ensuring that the application doesn’t break under the changing demands for load. Once demand falls, the added server instances can simply be switched off and the per-hour usage for the additional capacity can be charged to the application provider — who has potentially saved thousands in not having to build and deploy new servers which may not be needed again in the short-term.

Sounds great, so why isn’t everyone doing it?

Currently, while the benefits of cloud computing are numerous and the ability to rapidly up-and-down scale applications can occur at the flick of a switch — the data storage, security and privacy aspects are building resistance to wide-spread corporate adoption of cloud computing. All these aspects are effectively outsourced to the cloud computing service provider — which in my opinion is better, as it allows industry specialists to constantly maintain and upgrade security and privacy aspects of the service with the latest technology principles — aspects which are financially and operationally impossible for most companies.

Of course, a lot of service companies — such as financial providers, law firms, health services, employment providers — all hold extremely sensitive data which must have the highest privacy and security standards. Many executives balk at the thought of having all this data sitting “somewhere in the cloud” instead of at the bottom of their building in a server room — and in some regards this is not an baseless concern. Cloud-computing is still a very much cutting edge set of technologies which are rapidly evolving — and as it rapidly evolves so must the law — a key concern for companies. The litigious nature of our world now means that data security and privacy must be basically 100% guaranteed and this infers that cloud computing must provide a much better service than what is currently offered internally in the corporate environment for there to be a strong cost-security-performance argument to change.

In Australia for example, our Privacy laws are governed under the Privacy Act 1988 and the National Privacy Principals (NPP) for organisations who have a turnover of more than $3 million per annum. These laws do not address cloud-computing in any way, shape or form and so any privacy issues must be addressed under this legislation. Of course, when data is stored in the cloud — the data can be distributed across any number of servers in order to optimise performance — and it’s even possible for information to be cached at multiple distribution points across the world to increase performance delivery. All this means that while Australia privacy principles apply, the information may not actually be stored in Australian server facilitates at all — rather, it could be stored at any server farm around the world. The obvious concern for corporates is that they don’t want this to occur due to the legal implications which may arise — so cloud service providers must be able to facilitate jurisdictional boundaries and allow the provisioning of application data storage to occur within the confinements of countries using the Service — an issue that really requires detailed legal advice and may dip its toes into the world of cross-jurisdictional and international law.

The other main sticking point for many companies is SLA’s — service level agreements. Any company engaging in cloud computing must ensure that the service provider has 99.999% up-time guarantees — and this has also been a point of resistance for many companies moving their applications into the cloud. Most cloud technology at the moment is still developing quite rapidly and hasn’t matured to the level that many companies expect outsourced technology services to be at. At most, only one to two year development cycles have occurred at the largest and most well-known cloud service providers — with some offerings having cloud software development cycles at levels much less than this. This all infers that companies are simply starting to ‘test’ application hosting in the cloud — but in no way are committing heavy financial resources to it just yet. It is my opinion that this will change in the next 3–5 years as many companies see the amazing benefits of outsourcing server, application hosting and performance delivery into the cloud — but more development needs to be achieved before many CIO’s (chief information officers) will recommend cloud computing to their executive level counterparts. The cost-benefit ratio needs to not only exist but so does the legal aspects of cloud computing from a risk mitigation perspective in ironing out the data security and privacy aspects of such services. Only then will companies commission a serious foray into cloud computing and start moving their applications, services and data accordingly ‘into the cloud’.