It’s still a buzzword. And it’s still, in the eyes of many companies, the ticket to big bucks. Confusion as to the nature of the cloud remains, enabling “cloudwashing” to remain as a marketing strategy and luring unsuspecting customers into arrangements that may be less profitable than the hype would indicate. So, where does the cloud really stand right now?
Defining the Cloud
For some, the cloud is synonymous with the Internet. Although there is a close correspondence in many cases, some differences do exist. Defining the cloud exhaustively is a difficult task, and a certain amount of “I know it when I see it” is required. The National Institute of Standards and Technology (NIST) offers a good starting point for a definition of the cloud. Although it shouldn’t be taken as authoritative in an absolute sense, it serves as a foundation for discussion.
The NIST definition addresses three areas: essential characteristics, service models and deployment models. These areas more or less break down into what the cloud looks like, what it does and how it does it. The essential characteristics are largely self-explanatory: on-demand self-service (automation, basically), broad network access (services are available through standard channels, like the Internet over a mobile device), resource pooling (“delocalization”), rapid elasticity (what you need, when you need it), and measured service (service allocation and billing capability).
The NIST service models include software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS). A cloud service can range from just providing users with the fruits of an application (SaaS) to simply providing the hardware remotely to run the software stack (IaaS). The cloud is essentially outsourced hardware with varying levels of software service added on: customers might simply interact with a cloud service using a browser, or they might run all of their processes from the application to the operating system on a provider’s hardware (servers and such).
The deployment models are fairly uncontroversial: private cloud (the entire service is dedicated to a single customer), community cloud (service limited to a particular set of customers), public cloud (think the Internet) and hybrid cloud (some combination of the above).
Again, this definition need not be considered authoritative or exhaustive, but it provides some grounding for a discussion of the cloud that prevents everything from becoming a cloud product.
Novelty is often a selling point, so naturally, companies will tout characteristics of their products that fit the mold of the latest trend. Thus, the phenomenon of “cloudwashing” was born. Because the cloud is this great new thing (or perhaps not so new—nothing in the NIST definition is fundamentally different from previous computing models), if the term can be worked into the product name somehow, it will garner more attention. A number of companies have become infamous for cloudwashing, such as Oracle.
A fuzzy example is Adobe’s Creative Cloud, which, according to Mashable, “is not exactly a cloud-based app. [The Adobe CEO] accurately describes it as a hybrid solution. You will still install local software. The subscription model…means you gain access to the latest software updates as soon as they become available in the cloud, as well as all the cloud-based services and integration.” This product has some elements of the cloud, but then, so do many products that don’t bear the name. Perhaps the key element is that the heart of the system—the software (Photoshop and such)—run locally on the user’s computer, and the default for file storage is local as well. The new Adobe model seems to center more on software subscription than the cloud.
A chief characteristic of the cloud, since it typically involves outsourcing of hardware at a minimum and software in many cases, is centralization of resources. Following the advent of the PC, the cost of computing power declined, leading to decentralization. But the cloud model reverses this trend: computing power (including storage and so on) is increasingly centralized in data centers that may serve a large number of customers. This trend raises a number of concerns—particularly, the effects of downtime (many customers are affected instead of just one, typically) and the potential for cascading failure. Other concerns include control of resources by fewer (and larger) companies, as well as the implications for privacy, particularly in light of the NSA scandal and the complicity of major technology firms.
Centralization does serve the mobile market quite well, however. Mobile users typically lack the same computing power of fixed users thanks to heat restrictions and limited space and power in devices. Also, storage becomes a concern. Cloud providers, thanks to their centralization and relative ubiquity via the Internet, can offer remote hardware for computing and storage, as well as the capability to sync data across a number of connected devices.
A major concern about a new product or business model is its newness—can it withstand the stresses of use (and abuse)? In the cloud context, security has been a major concern, but in many ways, the cloud has reached maturity in this area. To be sure, it’s imperfect, but no system is totally secure. The centralization of the cloud, although it creates a potentially bigger target for hackers and other malicious parties, also enables greater investment in security, so there is at least some balance. At this point, however, neither the cloud nor local computing is fundamentally more secure than the other (excepting the case where the local model is physically separated from the network).
The NIST definition of the cloud is a good starting point, although it need not be an authoritative or exhaustive one. This view of the cloud identifies fundamental characteristics, service models and deployment models. A good definition—or at least a tentative one—is necessary to filter through the cloudwashing that paints non-cloud products as cloud services to exploit the attention that the market is receiving. One of the chief consequences of growing reliance on the cloud, centralization, has both upsides and downsides. Although it can reduce costs through economies of scale and enables greater mobility, it also creates the potential for greater damage resulting from a single failure. Because of the NSA scandal, the cloud has gained some negative attention, and many privacy matters remain unresolved. But the cloud is a mature (or nearly so) model that, although it will be refined over time, offers value over localized computing in some situations. The key, as always, is for customers to evaluate their needs and determine if the cloud really offers value for their specific applications.