Whether looking at cloud business apps or cloud infrastructure options for your business, cloud is a business conversation with a weight of inevitability; a conversation you’re going to have to have sooner or later.
The architecture, engineering and construction design industry has very few fully featured business management apps with cloud capability, though there are many basic generic offerings – green apps that scratch the surface of true architectural practice and engineering business needs. Yet small SME’s in the AEC space (most AEC businesses are SME) are often reluctant to consider cloud.
This ‘cloud computing’ conversation raises consistent questions and concerns for SME’s: security and privacy of data, sovereignty of data, costs and support, for example.
Here at Total Synergy we offer cloud services to our Enterprise users. Over a third of our architectural, engineering and design clients now have cloud-hosted databases synchronised with their on-premises databases. Some of our clients are also leading the charge with advanced cloud infrastructure solutions such as virtual private cloud set-ups. Cloud synchronisation allows these clients to take advantage of cloud back-up and disaster recovery systems – something one or two have benefited from to great relief (some have not, to great cost).
As a leading technology provider to the AEC sector, cloud is a conversation we have often. In order to answer some of the questions and concerns, we took the opportunity to talk to some people who know a little about infrastructure-as-a-service (IaaS), and cloud solutions, from a well-known operating system and productivity suite developer (also now dabbling with hardware).
The senior cloud and technology specialists we interviewed said there are various security concerns that come up regularly when talking about cloud security: not being able to touch and see the hardware; whether the provider is trustworthy; security from ‘hackers’.
The spread of these fears is referred to as “FUD” – fear, uncertainty and doubt.
Most of the FUD comes from the unknown – it’s not widely understood how data centres work, for example.
One of the big questions people have is how can they trust the cloud provider not to misuse the data. This is answered by it simply not being in the provider’s interest to misuse data.
When it comes to security of the actual data centres, the measures taken in this regard are of a scale that’s hard to comprehend relative to a small or medium enterprise.
The largest cloud storage providers have ‘armies’ of people who do nothing but focus on data centre security. The reality is no SME can secure its data to anywhere near the level the biggest data centre providers can.
Security in these digital installations is also regularly tested by international standards boards using the best penetration testers and security engineers available.
You’ve got mail. The thing about cloud software – or software as a service (SaaS) – is it’s not as new as the trend suggests. Did you ever (or still) have a Hotmail account? Hotmail, launched in 1996 and, now known as Outlook.com, is Microsoft’s original cloud-based email-as-a-service (known as webmail, back then). Yahoo! also offered webmail back in the nineties, still does, and is apparently making a comeback under new stewardship. Then of course, there was the internet giant that was AOL and the eponymous phrase ‘you’ve got mail’ – perhaps conjuring up images of Tom Hanks and Meg Ryan. These were/are all software-as-a-service and based in the cloud.
This evidence says Microsoft has at least 15 years’ experience building and running large-scale data centres, so it comes as no surprise that Windows Azure is one of the leading cloud infrastructure providers alongside Google and Amazon Web Services (AWS).
Couple that with the fact that Microsoft.com was at one stage  the second most attacked website in the world, it has a lot of experience in security (the most attacked website was the little known United States Department of Defence).
Many people, and small businesses, worry about ‘being hacked’. It’s suggested the level of concern should be based on the business’ ‘threat vector’.
The reality is that anyone with the capability to seriously challenge large cloud data centre security is really not interested in small business data.
Our expert says SMEs, in general, live somewhere near the bottom of an attacker pyramid (with nation states at the top). It’s highly unlikely this level of attacker would be concentrating on SME data.
Even if they did, they’d probably have a much easier time hacking into an on-premise set-up than into a fully-fledged cloud data centre.
Data sovereignty is the concern that data stored in the cloud in other countries is subject to those countries’ laws. The nearest Windows Azure data centre to Australia is in Singapore, for example, though Microsoft announced in May 2013 that it will be opening Australian data centres.
Many organisations already using Microsoft Office 365 aren’t concerned (or even aware) that this software and storage is hosted in Singapore (and Hong Kong, several locations in the USA and Europe), not to mention Hotmail and Outlook.com.
There’s also the matter of Mutual Legal Assistance (MLA) treaties where ‘friendly’ governments can ultimately share sovereign data if there is a clearly identified need and due legal process has been observed.
Once the landscape of how these things work is more clearly understood, it loses traction as an opposing argument. That said, having datacentres in Australia removes the question from the table altogether, something AWS has already established, for example, and something Microsoft is working on.
Drivers of change
There are many benefits to working with cloud infrastructure – speed of innovation, scalability for development and testing, no capital investment and low overall costs.
Cloud means businesses are seeing immediate savings in hardware and service costs, while developers are able to turn ideas into businesses with low initial risk because the start-up IT costs are minimal.
A significant benefit of using infrastructure-as-a-service is the server ‘up-time’. The up-time statistics from cloud providers are generally touted around 99.9 per cent. Over a year, that would equate to around 4.36 hours of down time. On-premise servers requiring patching operations would potentially experience more down time than this on a monthly basis.
Cloud infrastructure is well underway in Australia. Amazon Web Services has data centres up and running along with Rackspace. Windows Azure data centres were announced in May 2013 and are reported to be scheduled for opening in early 2014.
There is also a host of smaller data centres and virtual private cloud providers already offering various services.
Online data and cloud computing is inevitable. It’s time to look into the risks and weigh them up against the needs of your business.
Synergy users can immediately take advantage of cloud software developed specifically for architectural and engineering businesses. The transition can begin with Synergy cloud services meaning your business can enjoy the power of AEC specific software and the security of cloud back-up and productivity efficiency.