In talking with customers and prospects over the last few months, three themes that seem to be barriers to Cloud application development have repeatedly emerged. The first is that of Cloud security, the second Cloud performance and the third Cloud technology requirements.
The first theme, that of Cloud security is pretty easy to understand. Many organizations are reluctant to put what they consider sensitive or competitive information on servers not fully controlled by their organization and protected by their firewalls and other security procedures. Cloud providers like salesforce.com and NetSuite have done a good job of demonstrating that data can be safe and secure while stored in the Cloud and that is helping to overcome this concern. What many people don’t realize is that according to RSA, the security division of EMC, “Insiders are a greater threat to corporate IT security than hackers.” Most reputable SaaS and PaaS providers today are very aware of security requirements and go to great lengths to provide highly secure environments for their customers. That’s not to say there won’t be security breaches, because as the Cloud business grows, it will become a more and more interesting target for criminal enterprises. I do believe, however, that Cloud operating environments will be every bit as secure as most internal IT shops, and perhaps more so, particularly as the sector matures.
Cloud performance is another significant concern for many organizations. Application users are notoriously demanding when it comes to fast response times and IT shops everywhere have learned and relearned this lesson. In general, Cloud applications have more “working parts” than traditional applications because they involve transmission over the Internet (or intranet) and thus involve firewalls, web servers, security protocols, and web browsers in addition to other technology components that don’t necessarily exist within traditional applications built up over the last few decades. This overhead is constantly being reduced by technology improvements such as faster hardware, rapidly improving network bandwidth and more efficient software. Even so, most early Cloud (web) applications, and many being built today, have bare bones, primitive looking human interfaces that don’t reflect the rich desktop applications most users have come to expect and demand. That is because simplistic interfaces run much faster that complex ones in a browser-based environment. Building complex interfaces with fast response times requires a high level of programming skill, employing specific browser techniques such as AJAX, and utilization of recent and rapidly evolving browser technologies that were not even widely available a few years ago. Performance concerns are well founded but can be overcome by good software design and development practices, adequate delivery network bandwidth and robust Cloud server configurations. Most top-tier SaaS offerings today including salesforce.com, NetSuite and Central Desktop, for example, provide good user response times and performance along with rich and attractive graphical interfaces.
The third recurring theme, Cloud technology requirements, while quite obvious, took a while to dawn on me. I have been living and working with Cloud technologies and their predecessors for many years and have a comfort level and understanding of them that comes from “growing up” with those technologies. None of this “Cloud stuff” suddenly appeared one morning in a puff of smoke. Rather, like most wide-scale technologies there has been a lengthy evolution dating back many years. What I didn’t take into account is that many IT professionals have been busy creating and maintaining traditional applications that are vastly different from Cloud applications. They have honed their skills in languages and techniques for the environments that support those traditional applications and have had little time or opportunity to become comfortable in the new set of tools and techniques used for today’s Cloud applications.
As we move forward, Cloud applications won’t be created and maintained just by Cloud SaaS vendors. As private clouds become more prominent, those same technologies used to build SaaS systems today will be used to build private cloud applications tomorrow. And, as more SaaS applications become available, many of them will need to be somehow customized to fit the specific needs of organizations. Today, either the SaaS vendor gives you “parameters” to customize your preferences, or you learn a new language like Apex Code (force.com‘s programming language) or at least a new set of vendor web service APIs as well as JavaScript, HTML, XML, and CSS. Few of these technologies are common experience for the bulk of programmers in IT shops today. Hence, there will be learning to do and investments to be made to make the leap to Cloud Computing. I have been surprised how uncomfortable this makes many IT shops. Savvy CIOs and programming teams inherently understand this, but there seems little time available to them to look at productive, high ROI Cloud projects or to find the cycles to learn about and experiment with Cloud technologies.
It is time for both business leaders and IT leaders to step up and recognize these barriers to Cloud application development and to formulate plans and policies to manage past them. Why? Most organizations find the environments in which they function changing at an ever-increasing pace. New products, markets and competition. Globalization, new regulations and reporting requirements. Increased pressure to lower costs and do more with less – all while making change happen with shorter deadlines. Collaboration and innovation are more important than ever before. Meanwhile, these expensive IT resources are required to spend more and more time just maintaining the critical applications the organization has built over the last decade or two. IT just doesn’t have enough time or budget to keep up with the existing demands from every segment of the organization. There is a way to break out of this complex, time consuming and expensive cycle of catch-up. But, it requires everyone to invest some of their most precious asset – time – to learn about the economics and effectiveness of Cloud applications and it requires the organization to look at things in a new and different way. A way that is likely as unfamiliar to IT teams as it is to the rest of the organization and as everyone knows, change is disconcerting and often a little scary.
Whether you deploy Cloud applications on computers inside your own organization or choose the new, low initial investment software-as-a-service ways of getting started doesn’t matter. What does matter is that you get familiar with the lingua franca of the Cloud and give this new technology an evaluation.
