Skip Links

Is the cloud ready for mission critical apps?

Organizations are gaining confidence in cloud computing, although questions still swirl around everything from basic security and compliance controls to issues regarding supplier viability, ROI and, given the prominent outages of late, simple availability. 

Moderator

John Dix, Network World Editor in Chief, sets up the debates and recruits the experts. Contact him with thoughts and ideas, jdix@nww.com.

The experts

Alexander Pasik, Chief Information Officer of the IEEE

says the cloud is ready for prime time and concerns about security and even availability are overblown. His organization, in fact, is already  living the dream.

Sanjib Sahoo, Chief Technology Officer at tradeMONSTER and OptionMonster Holdings, Inc.

argues that cloud has a ways to go before it earns the right to host mission critical apps, and the bar is particularly high for financial services companies like his.

For most companies, yes.

Cloud computing is ready to support mission-critical applications. Providers’ track records of reliability, along with the fact that IT management is their core competence, should allay fears about the perceived stumbling blocks of security and availability.

Reliability and continuity, particularly in the face of major natural disasters, is in fact much better in the cloud.

More companies are realizing the economic benefits of moving mission-critical applications to the cloud and taking advantage of the chance it affords them to focus on their own core competence, which for most companies is not IT management. These early adopters have also recognized that the appropriateness of cloud computing varies by the "flavor" of the service, from Infrastructure as a Service (IaaS) to Software as a Service (SaaS).

 

Moving along the spectrum from on-premise computing to IaaS and ultimately to SaaS brings increasing economies of scale as greater portions of the technology stack are shared across the client base. Whereas IaaS saves businesses money via shared hardware, real estate, and power, SaaS achieves even greater economies of scale with shared applications, some key examples being Google Apps, Salesforce and NetSuite.

Many leading SaaS vendors have strong track records of reliability and security. Delivering this value is their specialty. To perpetuate that reputation, they invest far more in securing their environments than most non-cloud-computing companies do securing their own data centers.

[ALSO: 10 most powerful cloud computing companies]

Given this dedicated attention to security, trepidation about the safety of the cloud is largely unfounded. It's a psychological fear, akin to believing money under the mattress is safer than money in the bank. Overcoming this fear, both by understanding the provider's capabilities and by negotiating the appropriate service-level agreements (SLA), will allow companies to reap the savings associated with moving mission-critical applications to the cloud.

Economic arguments may not be as strong when it comes to justifying the use of IaaS, but the advantages lie in provider resilience - the ability of these vendors to offer greater performance in terms of reliability and scalability than customers do on their own. While individual companies have to build out infrastructure to handle peak loads, cloud providers offer an elastic approach of scaling resources that is more efficient and cost effective.

Reported outages and cloud service disruptions, however, are increasing potential users wariness. Not long ago, for instance, an Amazon data center went offline, affecting popular websites like Reddit, FourSquare and Pinterest. Wide reporting on this event - which unluckily affected social media sites, and hence a large number of users - has driven concerns about potential lapses in availability among cloud providers. But such problems are particularly visible because of their high-profile nature. Outages of this kind are far more common in enterprises that manage their own infrastructure.

Reliability and continuity, particularly in the face of major natural disasters, is in fact much better in the cloud. At IEEE, for example, we were fortunate enough to have moved many of our applications to cloud providers prior to Superstorm Sandy, the late-October storm that ravaged the mid-Atlantic and northeastern states. In New Jersey, where IEEE's operations headquarters is located, widespread power outages were accompanied by a fuel distribution crisis that stymied not only motor vehicle traffic, but also back-up generators. However, since part of our business continuity strategy included the use of SaaS and IaaS for many applications, our management of key applications was far easier and more reliable.

To further alleviate concerns about security and availability, companies can often negotiate SLAs with the cloud provider. These contracts are promises to address the chief concerns of businesses, whether they be performance, response time, scalability or some other metric. Specifying these parameters in an SLA provides the security of recourse if the levels are not met. Though many cloud computing companies don't immediately offer SLAs, it is typically a point for negotiation.

In summary, businesses that are hesitant about moving their essential applications to the cloud should not let fear stop them. They should evaluate providers' track records of reliability to deliver secure and consistent services, and negotiate SLAs so they can begin to take advantage of the economic opportunities offered by mission-critical applications in the cloud.

IEEE is the world’s largest technical professional organization dedicated to advancing technology for the benefit of humanity. Through its highly cited publications, conferences, technology standards, and professional and educational activities, IEEE is the trusted voice on a wide variety of areas ranging from aerospace systems, computers and telecommunications to biomedical engineering, electric power and consumer electronics. 

View More

Not yet

The cloud is not fully ready for mission critical apps. While the technology is rapidly maturing, it has catching up to do in terms of reliability, bandwidth management, latency and performance, security, cost of data storage and several other aspects.

To make this entire platform agnostic and build separate clouds of integration points with network integrations will only lead to a nightmare and increased costs.

Cloud computing is increasing in popularity, and rightfully so, but it is not ready for every organization, and especially not for financial trading organizations like ours -- tradeMONSTER, a top rated online brokerage firm. Even though there are some clear benefits, we are not moving to the cloud yet.

 

In evaluating cloud viability, organizations should categorize their applications into mission critical and non-mission critical and clearly assess the pros and cons. For trading companies like ours, the most important thing is getting guaranteed trade execution. Right now, that means dedicated lines to execution vendors and market makers, and those must be closely monitored.

Due to the difficulty and high cost of managing a private network within the cloud and lack of a guaranteed quality of service, critical trading apps have not taken to the cloud. Also, with no control over where servers are deployed geographically, latencies can't be controlled, which is a serious competitive disadvantage for trading firms.

There is a perception that the cloud reduces costs (both resource and money) compared to deploying your own infrastructure. But consider our case. The cost of handling high volumes of market data (almost 8 billion quotes during a 6 ½ hour trading day) and transactions would add up to a huge expense in the cloud.

Market data is not only I/O intensive but also exhibits tremendous message rate spikes due to market volatility, requiring substantial, instantaneous bandwidth expansion. Supporting market data transmission in the cloud would not only be more expensive, but it would add latency, which diminishes the value of the data and reduces the trading firm's quality of service.

Another related cost disadvantage of the cloud for our application is that much of the historical data must be stored so it can be used for charting and analysis tools. This dataset can go back 20 years. Data storage in the cloud is generally more expensive than storage on your own servers.

Brokerage firms like tradeMONSTER are subject to substantial regulatory oversight, including regulations regarding storage and protection of customer data. Storing sensitive data like Social Security numbers and and date of birth in a cloud infrastructure would raise serious issues with regulators. Another important concern is that the regulations require regular back-ups as well as keeping continuous off-site backups. This becomes a huge issue especially when several transactional and other data including logs have to be archived for regulatory reasons.

High availability is absolutely critical in trading applications because any downtime causes not only financial exposure but legal liabilities. The application systems are designed in such a fashion that they are clustered and highly available. More importantly, they are hooked into enterprise monitoring systems where the production support team is constantly monitoring network load, CPU, threads, memory, etc.

[ALSO: 2013: The year of hybrid cloud]

Super high availability requirements are more difficult to achieve when mission critical apps are deployed in the cloud. The recent outages at Amazon and cloud sites not only raise questions about the cloud model, but introduce new risk for organizations that have their destiny dependent on an environment where there is only limited monitoring and control.

This requires a substantial level of trust in the vendor, because trading firms cannot independently verify assurances of redundant power, disk, network, backups, etc.

At tradeMONSTER we have to integrate with many different third parties including clearing, execution vendors, market makers, market data vendors and business partners. To make this entire platform agnostic and build separate clouds of integration points with network integrations will only lead to a nightmare and increased costs.

While the cloud solution really comes with several positives, like consolidated hardware footprint, resources sharing, etc., it is still not ready for mission critical apps, particularly for organizations like ours. A tradeoff may be deploying some non-critical apps to the cloud to try it out. Also in the near future, organizations with hyper critical apps like ours might build private clouds to gain flexibility, more control and more options to scale.

Rated "Best for Options Traders", tradeMONSTER is setting a new standard of excellence and innovation in the online brokerage industry. tradeMONSTER was the first online broker to deploy a streaming desktop-like trading experience in a web-browser, featuring professional grade tools in a dynamic and customizable interface combined with integrated investor education, transparent commissions and an extremely knowledgeable and dedicated customer service team. 

View More

What's better for your big data application, SQL or NoSQL?

One of the critical decisions facing companies embarking on big data projects is which database to use, and often that decision swings between SQL and NoSQL. SQL...

Shadow IT: Boon or burden?

Shadow IT is defined as IT systems and/or services brought into the organization without IT approval. While it is often perceived as sneaky and potentially dangerous,...

VDI: Has the time arrived?

Is it time to virtualize and centralize the resources so users can access “the desktop” from anywhere using anything, or does the venerable old workhorse still...

Is IT's influence expanding or eroding?

Some contend that BYOD has taken off because employees want experiences that IT can't deliver, and the BYOD success is a sign that IT's influence is eroding. Poppycock,...

Cloud sourcing: Consolidate suppliers or go best of breed?

If you are going with public cloud services, there is a certain appeal to centralizing your apps with as few suppliers as possible to minimize the management overhead....

View more debates