Note: This article is intended for a business audience. For a technical explanation of cloud computing, see the sidebar below the business article.
To the non-technical among us, “cloud computing” may sound like something vague and amorphous. After all, it’s a cloud, right? So that means it’s something that’s insubstantial, floating in the sky.
If you imagine clouds as the Internet, then you can imagine cloud computing as using computers over the Internet. That explains the origin of the phrase, but it doesn’t tell you very much about what cloud computing is – or why you should care.
Another Step in the Evolution of Technology
The concept of cloud computing is simple. It’s another step in the evolution of technology. When business first adopted technology for business processes, everything ran “in-house” on company-owned equipment. Gradually, business realized that it’s not very efficient to devote specialized IT resources and computers to basic business processes like accounting and payroll. After all, it makes more sense for a company to spend its money creating value for its customers. This is a perfect argument for outsourcing some of the technical aspects of basic business processes.
Step 1: Outsourcing
Outsourcing is great for processes that are standardized and repetitious. Payroll is the classic example. But there are other day-to-day processes that require managers and employees to interact with data. And classic outsourcing — sending the whole process out the door for someone else to do it — isn’t very conducive to significant employee interaction.
Companies are caught in the middle, with a desire to outsource a process, but also to allow employee interaction with the process. What to do?
Step 2: Outsourced Hosting
Until recently, the only solution was to outsource the “hosting” of the process. In hosting, the company hires an outside vendor to set up one or more computers, install the desired software, and then manage the “back-office” technical activities. The company’s employees use the software by connecting remotely to the hosted computers. In the early days of hosting, employees would connect using a phone line and a modem. Now companies connect to outside systems using the Internet, usually through an encrypted connection via Secure HTTP (HTTPS) for security.
Outsourced hosting has advantages, but companies still have to buy a fixed amount of computer capacity and run dedicated computers and software. It’s a lot like in-house computing except for the location of the equipment. If the company needs more capacity, they must purchase it. If the company needs less capacity due to a decrease in demand, it’s not very economical to cut back, since the computers have already been purchased.
Step 3: Software as a Service (SaaS)
Enter “Software as a Service” (SaaS). SaaS lets companies share hosted computing resources with other companies, with each company’s data secured separately. It’s as if each company is logging in to the same (virtual) computer but using a secure ID that keeps your data separate. For example, each of Amazon.com’s customers is able to see the orders they’ve placed, but they can’t see the orders of other customers. That’s like SaaS.
A company using an SaaS vendor isn’t purchasing dedicated hosted computers. The company is essentially sharing computer capacity with other SaaS customers. The company gets nearly all of the security of owning computers, without buying a fixed amount of computer capacity. It’s like the way mobile phone service works. Customers don’t have to buy their own cell towers — they just share the towers that exist, taking advantage of the buying power of all of the other customers who share their resource. Customers who make a lot of calls pay more. Those who make fewer calls pay less. Customers can sign up for different types of contracts based on their planned usage, and the price varies based on their contract and their usage.
There is a small compromise in security levels for companies using SaaS, since there is slightly more risk in sharing computers. But a reputable SaaS provider builds a software wall between customers, and in practical terms a company’s data is very, very safe.
Step 4: Cloud Computing
How is cloud computing different from SaaS? The difference is in the back room where the computers reside. Cloud computing distributes the computer capacity across multiple computers that may be in multiple locations. It’s like setting up your checking account with an overdraft option. If you accidentally write a check for more money than you have in your checking account, the overdraft option will automatically move money from your savings account to make up the difference.
Similarly, cloud computing allows processes to run on one set of computers, but automatically “farms out” work to other computers when there’s an unusually high need for computer resource. This helps alleviate the response-time problems that come with peaks in demand. In car terms it’s like a turbo-charger — kicking in when you need it, but sitting quietly in the background when you don’t.
Software as a Service (SaaS) allows a company to outsource a process but still interact with the outsourced systems. SaaS provides a great deal of flexibility and variable pricing. Cloud computing turbo-charges SaaS, giving a company the power of SaaS with the flexibility to support periodic peaks in demand. Both SaaS and cloud computing allow access to data over the Internet, and both keep data secure. Most importantly, both approaches allow you to pay for the results you need — not for the cost of the technology it requires.
Sidebar: A Technical Explanation of Cloud Computing
The definition of cloud computing is evolving, so don’t expect to see a single definition that everyone agrees with. In 2008, Gartner defined cloud computing as:
“a style of computing where massively scalable IT-enabled capabilities are delivered ‘as a service’ to external customers using Internet technologies” [Gartner G00156220: Cloud Computing: Defining and Describing an Emerging Phenomenon]
In the same research paper, they pointed to four key aspects of cloud computing:
- “Delivering services (that is, as opposed to components) …Included in this concept is payment based on usage, not on physical assets.”
- “Massive scalability”
- “Delivery using Internet technologies”
- Services “provided to multiple external customers, leveraging shared resources to increase the economies of scale”
More recently the National Institute of Standards and Technology has developed a draft definition of cloud computing:
“Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.”
Their five “essential characteristics” are:
- “On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service’s provider.”
- “Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs).”
- “Resource pooling. The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines.”
- “Rapid elasticity. Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any time.”
- “Measured Service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported providing transparency for both the provider and consumer of the utilized service.”
Their three “service models” are:
- “Cloud Software as a Service (SaaS). The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through a thin client interface such as a web browser (e.g., web-based email). The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.”
- “Cloud Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations.”
- “Cloud Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., host firewalls).”
Their four deployment models are:
- “Private cloud. The cloud infrastructure is operated solely for an organization. It may be managed by the organization or a third party and may exist on premise or off premise.”
- “Community cloud. The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be managed by the organizations or a third party and may exist on premise or off premise.”
- “Public cloud. The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services.”
- “Hybrid cloud. The cloud infrastructure is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load-balancing between clouds).”
4 Common Threads between the Two Definitions
While the NIST definition is more specific, it doesn’t contradict the Gartner definition — it just elaborates on it. The common threads between the two definitions — and most other definitions I’ve seen — are:
- Use of Internet technologies, with most user interfaces being browser-based
- An incredible amount of flexibility and scalability
- Virtualization of large amounts of hardware and software so that the complexity of flexibility and scalability is hidden from the user, thus making the service very simple to use
- A payment model which hides the actual resources from the user so that pricing is based on the results achieved rather than the resources required
SaaS and More
As I indicated in the business article above, I view cloud computing as an evolutionary step in a progression of increasingly sophisticated technology. Early outsourcing used colocation (outsourced hosting). Then security and control software evolved to the point where SaaS and multi-tenancy became practical — running multiple customers on the same software on the same computer at the same time. Cloud computing goes one step further and virtualizes the computing resource used for SaaS, giving you the flexibility you need to cope with irregular demand and workload.
PaaS and IaaS
Although my business article focuses on cloud computing and SaaS — what I feel is the primary business use of cloud computing — the other two service models described by NIST will be extremely useful to IT organizations. PaaS (Platform as a Service) and IaaS (Infrastructure as a Service) can be used as the next logical step in the virtualization of company hardware and software, and will ultimately offer us a way to get away from in-house infrastructure when we want to. These two service models are less visible to a business user, but are just as important as SaaS to IT organizations.
Note: For an interesting and insightful commentary on cloud computing and its evolution, see Daryl Plummer’s excellent blog.