“First they ignore you, then they laugh at you, then they fight you, then you win” – currently it looks as if this famous quote by Mahatma Gandhi will also be true of the cloud. Let’s take Amazon Web Services (AWS). They already make $ 1.8 billion in sales ($ 391 million profit) not only with a few small workloads, but with large-scale installations at enterprise customers. It really seems as if the critical voices which warn of dangers related to data privacy and security are becoming increasingly quieter. But the risks are still there, aren’t they?
Let’s have a more detailed look at developments in Germany: According to Crisp Research in around 75 percent of German companies, cloud computing is already an integral part on the IT agenda. There the cloud is either an active part of the productive IT operations and is used as part of projects and workloads or the companies are in the planning or implementation phase. Only about 25 percent of German IT decision makers do not have the cloud on their IT agenda. But the pressure by their own departments for more flexibility and short time to market of new applications is steadily growing. So from my point of view there will be no opportunity for CIOs to get along without the use of cloud services – in which category whatsoever. Because after all, who wants to throw away the opportunities of the digital transformation? On the AWS Summit 2015 – a Customer and partner conference of Amazon Web Services in Frankfurt – Werner Vogels (CTO of Amazon) also made absolutely clear that he does not consider cloud computing to complement the classical IT. For him it’s THE future model. “Being against the cloud as if you fight against gravity,” he said.
The growth of cloud computing and the progress of the Internet of Things are closely linked
And not to forget the Internet of Things (IoT), which will also boost the cloud market and will become a decisive factor for the future competitiveness of companies that have to deal with the related technologies. With projects on the IoT gaining speed, developers now have to create the right infrastructure. Public cloud environments – both infrastructure (IaaS) and platform (PaaS) – provide the ideal conditions to serve as supportive environments for IoT backend services and devices. In detail: Scalability and connectivity found in the cloud are certainly desirable features for an IoT platform. It can therefore be said that the growth of cloud computing and the progress of the Internet of Things are closely linked.
But this development should also be the occasion to reflect on risks. Market watcher Gartner for example is warning IT managers not to ignore the risks posed by the growing popularity of virtual personal assistants (such as Apple’s Siri or Microsoft’s Cortana, wearable devices and the IoT to the security of corporate data. The most popular public cloud platform today is Amazon Elastic Compute Cloud (EC2). Amazon EC2 provides a wide-ranging set of instance choices, with different platforms and availability-based pricing. Platforms range from compute-intensive to instances with GPUs and transactional platforms with SSD storage. Amazon provides a streaming data service, Kinesis, for big data processing. Public cloud resources like EC2 can be helpful in presenting backend analytics results, or archiving IoT data, or providing users an overview of what kind of data is coming from where. But for high performance IoT applications with many sensors, faster data rates, and split-second decision making, public clouds leave many concerns unaddressed:
Determinism: Most public clouds offer few assurances of latency, or quality of service. They handle web interaction measured in seconds, with a person in the loop. On the IoT, latency of more than a few milliseconds can throw a carefully orchestrated process out of control. In normal big data analytics tasks, real time might mean hourly or daily. IoT analytics are often looking for sub-second exceptions.
Symmetry: Unless a truly dedicated instance is purchased, most public cloud instances are on virtualized servers. When the application scales, a second instance could be on another processor on the same server – or on an entirely different machine hundreds or thousands of miles away, with different latency. A class of instance may provide the same type of resource, but what else is running on that virtual server?
Trusted execution: IoT applications likely take steps to authenticate sensors and gateways to prevent intrusion or hacking. A public cloud instance can introduce a random server into the mix, weakening the trust chain considerably. Even reputable cloud vendors can be subject to spoofing, DDoS, or other attacks targeting instances that are loosely trusted.
Data security: Where, exactly, is the data in the cloud? For example, to deal with compliance issues, Amazon introduced AWS GovCloud – an isolated, quasi-public region with specialized security and monitoring tools. Public instances often lack control over the physical location where data is stored. Is data encrypted, and how, and is it protected end-to-end or just at the point of storage?
Protocols, ports, and programming environments: The basic transport layer is usually TCP/IP or UDP/IP, but other protocols are of interest. Unless a fully dedicated network interface exists on a public cloud instance, supporting middleware can become challenging if port numbers are controlled or unavailable. Installing environments such as Java may be non-trivial, and unsupported by the cloud vendor.
But what’s the better choice? For most IoT applications of significant size, the best answer may be a scalable hybrid cloud. The deployment of converged modular servers in hybrid clouds is also part of Kontron’s overall strategy in hyperconnecting the IoT. If you want to learn more about it, stay tuned for my next week’s blog post and/or read the Kontron Whitepaper “Powering a scalable, hybrid cloud for IoT infrastructure”.
What is your opinion on the current development of the cloud as IoT platform? Do the opportunities outweigh the risks?