With cloud services mature enough to be considered for mission-critical services, CIOs now have an additional platform to look at when it comes to new service deployment or existing service migration. This adds new answers for CIOs, but also raises the question of exactly what should run where. In this article I’ll provide some thoughts on different kinds of applications that might be considered for cloud and why each is or is not a good fit. Unfortunately, the term “cloud” has come to mean pretty much anything running outside an organization’s boundaries, whether that means simple hosting or a real cloud.
Enterprise Resource Planning (ERP) suites
Coming from a higher ed backup, I’ve become keenly aware that colleges and universities live and die by their ERP solutions, most of which are monolithic software platforms that require significant resources. Today, many higher ed ERP vendors make available services to host ERPs for institutions. Keep in mind that simple hosting is not really “cloud” services, but as I mentioned, the terms have become almost meaningless.
While I might consider hosting my ERP in a vendor-managed data center, I would not move the service to a public cloud provider. The hosting option carries some attraction as ERPs can be notoriously finicky and require a lot of attention and, sometimes, a lot of hardware. I’d rather devote my staff resources to managing the software side as opposed to the hardware. The downside to hosting an ERP in a remote data center is the potential for integration issues. In many organizations, the ERP is the heart and brain of the organization, and all kinds of ancillary tools hook into the platform. These hooks are critical for many business processes to operate as they should. It is possible, of course, to hook into a hosted platform and vice versa, but there exists the more significant potential for integration interruption.
It would be possible to run an ERP on virtual machines at a cloud provider, but this is not a step I would take at this point. Doing so would be incredibly expensive, and the integration challenges present in a hosted environment would also apply to a cloud scenario. ERP applications are extremely I/O intensive, too, and the costs to move into the cloud would be staggering for many organizations.
ERP: The verdict
For the foreseeable future, based on what I described above, I would keep the ERP in-house if I had the staff to support it. Otherwise, I would host it with a managed services provider. I would not run it in the cloud.
Even though many people hate it, email remains the most popular way by which people in organizations communicate with one another. Depending on the size of your organization, your email environment might consist of a single server, but it could also require dozens of servers to support. It’s also one of those services that, while not particularly difficult to manage on a day-to-day basis, all of a sudden becomes priority #1 when it’s experiencing problems.
And, it’s mission-critical. Business can come to a standstill when email isn’t available. Remember, for most people “email” includes messaging, calendars, contacts, and more.
Running the email service locally can be an expensive proposition, but it’s a cost that most companies have come to expect and understand. However, with the rise of such services as Office 365, migrating this environment to the cloud is a viable option. In fact, for Exchange shops, Microsoft provides tools that greatly ease the transition from on-premises Exchange to Office 365.
Email: The verdict
On this service, it depends. In my previous position, had Office 365 been available in its current form, I would have jumped on the service in a heartbeat, especially since the base Office 365 academic plan is free to higher ed. However, there are a lot of issues to consider in such a move. For companies that have people all in one place with relatively little Internet bandwidth, running locally might make more sense. For those that are geographically dispersed or have a lot of work-from-home users, Office 365 might be a better choice. It also depends on your ROI expectations as well as what you’re integrating with Exchange. If you have a lot of custom services hooked into your Exchange environment, running on-premises is the winner. If you have a relatively untouched Exchange environment, Office 365 is a great option and can make life a lot easier.
Web sites serve many purposes for organizations. For some, they are the storefront and for others, they are a major communication outlet. In either case, they are almost always public-facing; internal needs are served by portals and intranets.
Even though a Web site might seem like a slam dunk for the cloud, if the site is constructed correctly, it will have at least some hooks into other systems and, as a result, may be somewhat sensitive to communications latency with those other systems. However, moving a site outside the organization – either to a hosting provider or a cloud provider – has a major upside, too. This critical tool then becomes mostly decoupled from anything that might happen internally, from a plug being kicked out accidentally to a data center burning to the ground. Coming from a higher ed background, I know from experience that during emergency situations the Web site becomes a critical communications outlet for parents and students, even when campus facilities might be unusable.
Web: The verdict
Host it or put it in the cloud. If a local, on-premises solution is necessary, figure out a way to cluster or synchronize an internal site with the external one.
Identity and authentication
Identity management and authentication are the keys to the kingdom for a lot of companies. These items control who has access to which systems and what credentials they use for such access. I’m a big believer in maintaining close access to these kinds of systems as they are foundational elements of an organization’s security structure.
When these systems are housed locally, they’re immediately accessible, and quick action can be taken in the event that, for example, a key employee is let go, but they also provide local authentication for the organization. When outsourced, these systems are still available, but if there is a hiccup at a provider, it could become a security issue at some point.
Furthermore, identity and authentication are sensitive areas of the environment. Misuse of this information can make for a really bad day, regardless of where it’s kept.
Identity and authentication: The verdict
Personally, I would never have an environment without some kind of local authentication source. Further, all identity management can be handled on-premises with hooks to any cloud or hosted services as necessary. Depending on the nature of the organization, I might consider, for example, running Azure Active Directory and integrating it with my local environment. Doing so could be useful for Office 365 and other Azure-based services.
Action Item: These are just a few different kinds of workloads that CIOs need to consider when they decide what to keep on-premises and what should move to the cloud. Although I’ve provided some of my personal guidance, every situation is unique. Some companies have other issues to consider, such as regulatory requirements, that may drive their decision in a different direction. Regardless, a move to the cloud shouldn’t result in a loss of services or a loss of control of critical systems.