By Sramana Mitra and guest author Shaloo Shalini
SM: Let us take these points that you mention one at a time. First, what are your observations based on your analysis? Second, can you share your observations on the cost reduction gained through cloud computing? Related to that, are you seeing definitive cost reductions? What are the percentages observed?
DH: We have not done analysis that shows major cost reductions. We are a Gartner subscriber, and the other day I was on the phone with them. They told me that they were projecting a 10% cost savings from a cloud-provided infrastructure versus an owned, self-operated, on-premise one. To us, that is not a big enough return for the risks associated with cloud computing.
SM: Does that Gartner analysis correlate with your own analysis? Is that 10% number one that you are seeing in your own assessment?
DH: As I said before, we have two very small applications. I have been seeking to move applications to say a cloud provider primarily based on the factor of ‘time to deployment’ as opposed to costs.
SM: I see. So far, your cloud adoption or the cloud-based solutions that you have put in place, are based on time factor – time to roll out as opposed to cost savings, correct?
SM: What is your thought on the risks that you are encountering or experiencing in your cloud journey? Where do you see deployments reaching any road bumps or not making sense for your organization at this point?
DH: Again, what we have done in terms of cloud adoption is very low-risk stuff. It is very simple for the tax services; it is actually backed up by our provider. We have a Big Four consulting firm that does all the tax work for us. The application is not provided by them and not being operated by them. They are openly accountable and responsible for that performance and the results coming out of that application. On the payroll side, it was a decision that we made based on our comfort factor with the vendor. We don’t see a lot of risk in having our payroll with ADP, the world leader in that product.
SM: ADP is not even considered a cloud provider, right?
DH: Well, again, we get caught up in definition here. I would argue that any application that is provided to you through an off-premise consumption model qualifies as a cloud-based solution – it’s software as a service (SaaS). Now, I think about the cloud in three buckets: software as a service, platform as a service, and infrastructure as a service. That clearly qualifies ABP as a software as a service solution vendor.
SM: True, nobody buys payroll services now, right? Let me probe other risk factors that I’m hearing about from other people whom we spoke to as part of Thought Leaders In Cloud Computing series and see what you feel about those aspects. What are your thoughts about the integration risks involved with cloud adoption?
DH: I would say that the integration risk is extremely high. If you can’t draw a circle around that application and give it all over to a service provider that is going to provide you with a service-oriented architecture (SOA), then you should be thinking twice about it. In addition to that, there is risk around control of your data. If you have to be able to have integration between applications that are on-premise and applications that would be provided by a cloud provider, it is an enormous risk in integration, and there is a lot of costs and energy associated in identifying and mitigating these risks.
SM: What are your thoughts on cloud security?
DH: What concerns me most about security in the cloud is not what we know about security but what we don’t know about it. There is just not enough experience, and there is not enough security in some of the software tools and provisioning applications. A lot of cloud providers may be basing their infrastructure on IBM, Sun, Oracle, or HP and their integrated stack. Maybe the security risks are same as those that we have known in such areas. But there is a lot of customization of provisioning and management software that goes on in the background that you don’t get to see. So, we really don’t know the full set of areas of exposure when it comes to cloud adoption. I think that there may be at least one or two big shoes that will drop over this migration to cloud in terms of security that we are not even aware of yet.
SM: It looks like your steps into cloud computing have been fairly conservative; is that a fair statement to make?
DH: Yes, and we invite our clients to think the same way. If there are any solutions out there, if you can find the software as a service provider who can do that for you, better, faster, cheaper, and in a secure manner, then you should think very hard about adopting that. But a wholesale move to the cloud simply because you going to save 10% by moving all your applications there, well, we think it is a very high risk move without lot of return.