“We have concerns about moving our applications to the Cloud”

This is a statement I have heard countless times from businesses large and small.  This post explores the key concerns, and addresses SAP’s solution.

Concern 1: “Is the Cloud as secure as hosting applications in-house?”


Quite possibly the single largest concern about moving to the Cloud. The common myth with IT Security Leaders is that hosting software in-house, is more secure than hosting in a controlled Public Cloud. And this reminds me of a tweet I recently came across:

Untitled.png

The fact is, there are not too many companies in the world who have invested over 40 years of experience and expertise into security.  SAP’s Cloud complies with the toughest and most vigourous certifications and independent audits.

  • Professional hackers are contracted to test and harden the infrastructure
  • Prospective Customers are able to review data centres – including certifications, and audit reports (under non-disclosure)
  • The largest banking institutions, government agencies and security companies are using SAP’s Cloud today – this is by far the biggest ratification of the Cloud.

Operating a data center usually does not fall under a given company’s core area of expertise. Increasingly, these companies are asking themselves which services should be run in the cloud. Ultimately, having invested €millions into it’s data centres on a continual basis, SAP’s Cloud Infrastructure is as secure, as if your company had an unlimited budget.

Learn more about SAP’s Data Centers here: SAP Datacenter

Concern 2: “What does SAP know about the Cloud?”


SAP’s Cloud consists of over 35 million paying subscribers.  There is no other Cloud Vendor on the planet with more paying subscribers to their cloud.

Typically, we think of Consumer Cloud applications such LinkedIn or Facebook who combined have over 1 billion subscribers – but how many of those subscribers pay for the service?  Not more than 35 million. We also think of companies such as Salesforce.com or Workday – again, not close to 35 million.

“But what does 35 million paying subscribers actually mean?”:

No software vendor can reach 35m paying subscribers by accident.  In order to do so, they must have:

  • Best in Class Solutions
  • Best in Class Infrastructure
  • Best in Class Security
  • Best in Class Quality Assurance
  • Best in Class Partners
  • Best in Class PEOPLE

With YOY triple-digit growth in the Cloud, SAP is not only a leader in the Cloud, it is THE leader in the Cloud.

Concern 3: “Can customers in the same cloud view each others data?”

Multi-tenancy is a game changer, not only by providing significant economies of scale, but also increasing the rate of product innovation to not only match, but usually exceed customer’s expectations.

In a public, controlled cloud, customers share a pool of computing, network, memory and storage resources. As these physical resources are shared, a common concern is that cloud customers are more easily subjected data dilution between customers using the same service.

Screen Shot 2014-07-27 at 16.54.35.png

The fact is, it is impossible for customer data to be exposed to another customer within a multi-tenant controlled cloud environment – such as SAP’s. Even while all customers share the same infrastructure and binary code of the application, the data is always kept separate in Memory as well as within the Database.  In-fact SAP’s Cloud Applications have been built from the ground-up as multi-tenant applications ensuring strict segregation architecture and best practices.  Strong login credentials or even Single-Sign-On capabilities protect the regular access to the application.

Concern 4: “We must host our applications within our country’s borders”


In light of the Edward Snowden revelations of widespread surveillance by the National Security Agency, the response from many IT Leaders will increasingly be that they are indeed uncomfortable with the loss of control over their data. In recent months, many countries have begun to explore mandating local cloud providers to ensure that domestic data stays in the country.


0202_ST_Sicherheitsgrafik_EN.jpg


This can be considered a show-stopper.  But is it?  I have heard IT Security Leaders raise this as a concern, but it’s legitimacy can be questioned upon further detailed research.


The fact is, SAP’s Controlled Cloud complies with the most stringent laws, certifications and data protection provisions. Data from cloud customers falls under the jurisdiction selected by the customer and IS NOT forwarded to third parties. SAP’s support services ensure that data protection is also maintained during required maintenance operations.


SAP’s Cloud data is not stored “somewhere in the cloud,” but in clearly agreed-upon locations. SAP cloud customers specify in their contract which data center they want to use as the “data location.” No one has blanket access to the data, and comprehensive audits ensure that all technical and organisational measures are complied with and implemented.


Concern 5: “We just don’t want to lose control of our applications”


Whilst the tide is turning, there will be companies and IT Leaders who are unwilling to take the leap into the Cloud. There may be genuine concerns, however I typically find this is more of an emotional response – especially in recent times.


We must be mindful of the fact that ‘moving to a vendor’s cloud’ equates to outsourcing.  The traditional CIO and CTO’s role is changing from being builders of business technology, to enablers and drivers of business strategy. The era of Cloud Computing, where the business leader brings new software and technology to the enterprise, means IT leaders need to hone new skills or risk being relegated to the role of IT order-taker.


In addition, due to the ease of adoption and consumption of Cloud applications, Line of Business (LoB) leaders are beginning to play an even bigger role in the procurement process.  IDC estimate by 2016, 80% of IT decisions will involve the LoB, and 53% of IT decisions will be lead by LoB.


Screen Shot 2014-07-27 at 17.24.59.png

Because CIOs and CTOs face competition in such completely new ways, they have to be much more responsive and agile in proving their value and worth. They must be better intermediaries in dealing with the variety of cloud services available today, and add value by coming up with a more responsive set of services and better overall value for the company – aligned to corporate strategies.


This significance of this change can bring an emotional response against Cloud, and we must be mindful of this.


However, moving to the Cloud does not mean the end of in-house development. It is vital for IT leaders to understand that the Cloud is not entirely replacing internal infrastructure, but augmenting it. It is due to this, businesses may need greater application development expertise across a broader range of skill sets, not necessarily less. Internal software engineers and developers must possess skills that span both the cloud and on-premise resources, securing and leveraging the opportunities inherent with Cloud without giving up the traditional processes that differentiate and deliver competitive advantage.


The Cloud is here, and adoption and migration continues to grow at a rapid pace.  These key concerns must be met with empathy and a consistent, researched response in order to obtain the key sponsorship that will be required to support adoption.


Kunal Pandya is a Senior Director at SAP, responsible for the Global Cloud Solution Center, enabling and evangelising Cloud to SAP’s Partner Ecosystem.


Screen Shot 2014-07-27 at 17.44.25.png


To report this post you need to login first.

1 Comment

You must be Logged on to comment or reply to a post.

  1. Joao Sousa

    I will suggest a sixth concern: Can I do custom developments in the Cloud? And if not, how do I make the software fit my specific business?

    (0) 

Leave a Reply