Tech nerds refer to data[21] and applications hosted at a remote site “in the Cloud[22].” No, your applications are not running up in the ether. I have written many articles about why those professionally run data centers – which is where your applications are running—are to be preferred, especially for small and mid-market-sized organizations. In general, they offer higher levels of security[18], data privacy[11] protection, and computer and networking hardware management and remove the need for technology upgrades from the individual client.
The concept of cloud computing[8] and the use of the term to describe networked computing resources goes back to the 1990s, but the first time I remember hearing the term was from Google’s Eric Schmidt in 2006 in a description of services that run on the internet. Businesses moved from client-server implementations (where the client user[23] or application[12] requests data or services from the server that responds to those requests) to hosted or “Apps on Tap” applications, as Oracle’s Larry Ellison referred to the concept. The change was seen as the means to eliminate the costly software and the ensuing hardware upgrades that followed each new release, in theory, ending the major issue of customers being very far behind current software releases. It was also billed as a way of tailoring required computer usage to the customer’s needs, adjusting for growth or attrition more easily than does on-premise software[5] and related computing and network support. Most software companies with software applications that failed to move to cloud computing failed.
Initially, hosting was perceived as risky. Companies were accustomed to owning their own expensive data centers, company-specific intranets, and retaining all their data on-site. Hosting meant that the application was somewhere else, tended by others rather than the firm’s own IT gurus. The related concept of “multi-tenant” made it sound even scarier. That perception has totally changed with time.
A multi-tenant architecture[13] implies sharing: a single instance of the software serves several distinct user groups, known as tenants. The key point: each tenant’s data is isolated, but they share the same application infrastructure[9].
A common example is to think of an apartment building, where every tenant has their own apartment (data and customization[14]) but they share the building, lobby, elevators, and amenities (infrastructure and system resources).
This is what constitutes today’s Cloud Computing. It may sound simple, but there are still considerations once a customer purchases the license for a new application.
Cloud Types
If you purchase enterprise human capital management[3] applications today, you will likely be licensing a cloud solution. Rare indeed is a major application that still runs solely on-premise. To make it a bit more confusing, there are different types of clouds: public, private, dedicated, and hybrid.
Public Cloud
A public cloud refers to a computing model[24] where services like storage, applications, and infrastructure are delivered over the Internet by third-party providers. These providers manage and maintain the physical infrastructure, allowing businesses to scale easily and only pay for the resources they use. Back to our analogy, it is like renting an apartment rather than buying a house—flexible, cost-effective, and maintained by someone else.
In addition to supporting customers, public clouds are often used by developers and offer substantial tools and services for building new applications.
Public Cloud Examples:
- Amazon Web Services (AWS)
- Microsoft Azure
- Google Cloud Platform (GCP)
- Oracle Cloud
- Alibaba Cloud
- IBM Cloud
- ServiceNow
- DigitalOcean
- RackspaceCloud
- SigmaVMware
- NetApp
- Cisco Cloud Solutions
- Red Hat Hybrid Cloud
Like any other technology, there are advantages and disadvantages to a public cloud. Advantages include ease of scalability[19], the cost efficiency of pay-as-you-go pricing models, access to your data and applications from any internet connection, access to the latest technology and services without having to implement them yourself, and the alleviation of software and hardware maintenance[15] as the cloud provider manages system upgrades, network, and data security[16]. These last two points in themselves are sufficient reasons for adopting cloud applications.
The disadvantages of a public cloud are directly related to the customer’s need for total control: there is less ability to control security and possibly compliance with specific regulations. For the majority, this is not a problem, as these data center providers are experts in these areas. In some cases, however, there may be latency[25] of data speeds, variable performance, or possible higher bills with unexpected usage spikes.
Private Cloud
A private cloud generally supports the infrastructure and software applications of a specific vendor. Major enterprise vendors generally have multiple data centers providing private cloud services to their customers worldwide, noting particularly their ability to support the data sovereignty required in many countries (employee data must be maintained in the country the worker works in). The majority support multi-tenancy[17] with high levels of security and privacy. Private clouds are likely to be vendor-specific, solely for the support of the infrastructure and software provided by that vendor to its customers.
Dedicated Cloud
While a private cloud is likely to be multi-tenant, a dedicated cloud is a single-tenant cloud infrastructure. A dedicated cloud is a computing model where the cloud infrastructure is used exclusively by one organization. (Think buying a house rather than renting an apartment.) The dedicated cloud may be managed internally or by a third party—and the fact that it is dedicated does not necessarily mean it is on-premise. It may be hosted within the organization or totally off-site. Similar to owning your own home, the organization has more direct control over security, customization, and compliance (which may or may not make it better), but comes with more responsibility, staffing needs, and cost.
A dedicated cloud is like the concept of an Intranet—solely for the purposes of one organization. The concept is important to regulated industries, government, and many financial institutions. Full control of the infrastructure, software, and security and compliance settings comes with the requirement for dedicated IT staff, less flexibility for scaling, and can delay innovation as the internal staff has to manage all upgrades, testing[26], and deployment.
Hybrid Cloud
A hybrid cloud is a computing environment that combines both private and public cloud services. It allows data and applications to be shared between them, offering flexibility and more deployment options. In general, hybrid cloud users keep sensitive data in a private cloud while utilizing the public cloud for operations perceived as less critical or less proprietary. The hybrid concept generally supports the sharing of data and applications, in theory offering more flexibility and options for deployment. If you have some applications running on-premise and others supported by the data center provider listed above, you have a hybrid environment. The responsibility for integrations between the applications is very likely up to you.
The advantages of a hybrid computing environment is in its flexibility and cost-efficiency. Your HRIT[27] professionals can move workloads between the two clouds as needs and costs change. Scaling is supported in that public clouds facilitate upsizing and downsizing more readily than in-house infrastructures do. When hybrid environments are used for redundancy, improved disaster recovery[6] and business continuity can be achieved.
There are, of course, complexities from managing two environments: managing and optimizing costs across different clouds can be complex, ensuring consistency in security can be challenging, integrations issues ensue, and there is the potential, again, for latency in data transfer between the two clouds.
HR Solutions Providers and Their Cloud Support
Today’s HR software providers often provide their solutions on their own Infrastructure as Software as a Service[4], very often augmented by PaaS—Platform as a Service for its customers’ developers to build new or expand applications on. This means the software you license from them is provided on the data centers managed by those vendors. Some provide their software solely on one of the public clouds mentioned above.
There are a variety of reasons as to why a vendor would support its application on a public cloud, for instance. Smaller companies and startups can develop and market their applications in a proven and stable environment without incurring the expense of an internal data center. Established companies often prefer this model: consider the talent acquisition firm iCIMS which provides its solutions on AWS and Microsoft Azure[10] rather than spending its revenue on an expensive private cloud for its customers.
Several vendors, especially the larger enterprise solution providers, offer a multicloud strategy. Most offer Infrastructure as a Service[1] (IaaS) to their customers while also supporting public clouds, although not necessarily all the provider’s product may run on the particular cloud. SAP, for example, supports its private Business Technology Platform platform-as-a-service (PaaS[28]) and its own HANA cloud, a multi-model database management system[2]. Customers can also avail themselves of SAP solutions running on AWS, GCP, Azure, and Alibaba. Workday, as another example, runs on AWS, GCP, and Microsoft Azure, which helps support the company’s global reach. Oracle Cloud Infrastructure (OCI) offers support for varying cloud architectures, with public, hybrid, dedicated and multicloud options. Oracle database[20] runs on OCI in AWS, Microsoft Azure, and Google Cloud Platform (GCP) data centers.
When Does it Matter
For the most part, HR professionals do not need to spend time wondering where their applications are running. However, HR should be able to address constituent queries regarding where personal data is stored, how it is accessed, and how sovereignty is addressed for the organization. In case of data breaches in a public or private cloud, HR will need to know if the breach might apply to its organization’s data and be able to respond proactively to constituent concerns.
Katherine Jones, Ph.D.
Unique as a thought leader for her ability to make theory actionable and technology comprehensible to non-technologists, Dr. Jones is a sought-after writer and speaker in the U.S. and internationally. Moving easily from the academic world to the worldwide technology stage, she has repeatedly created value propositions bridging technology and theory with the practical world of today's business. Whether working with systems integrators in the Federal arena, consultants in oil and gas, or small business owners, her clarity and wisdom – as well as her wit—has been appreciated and commended. Now an independent high-tech marketing analyst, she was previously responsible for the creation and provision of thought leadership content for a web-based membership program as a partner at Mercer and spent several years at Bersin & Associates both before and after its acquisition by Deloitte, where she was the VP heading the HCM technology research practice in Bersin by Deloitte. She became an industry analyst at Aberdeen Group in Boston, covering the ERP[30] space, then human capital management in Palo Alto. Later, as marketing director for NetSuite, her efforts coincided with one of the more successful IPOs of that year. Before becoming an analyst, Katherine was in the Boston-area high-tech companies’ product marketing and strategic alliance management, specializing in data communications and network management. She spent several years in marketing education at a minicomputer company. She created new programs in high-tech sales and system engineer training and sold them to the Federal Government, leading a DDN certification project[29] in the company’s Federal System Division. She had left a career in higher education administration and teaching, which included the assistant deanship in the School of Education at the University of Connecticut and responsibility for the Master of Arts in Teaching program in the English Department at Cornell University, where she was instrumental in the Improvement of Undergraduate Education project in the Provost’s office. An industry veteran and independent high-tech analyst, she is widely published on talent management and personnel-related technologies, cybersecurity, ERP and HCM systems implementations, change management[7], and the mid-market, totaling over 500 works in print. Her master’s and doctorate degrees are from Cornell University. She can be reached at katherine_ics@msn.com or @katherine_jones. See Full Bio
Defined Terms
1. ↑ Infrastructure as a Service [IaaS] ( Infrastructure as a Service )A form of cloud computing that provides virtualized computing resources over the internet. In an IaaS model, a cloud provider hosts the infrastructure components traditionally present in an on-premises data center, including servers, storage and networking hardware, as well as the virtualization or hypervisor layer.
2. ↑ database management system.A set of software applications combined with a database whose main functions are to create the database; insert; read; update and delete database data; maintain data integrity and security and prevent data from being lost by providing backup and recovery capabilities.
3. ↑ human capital management.Human capital management (HCM) is the comprehensive set of practices for recruiting, managing, developing and optimizing the human resources of an organization.
4. ↑ Software as a Service [SaaS] ( Software as a Service )A model for the distribution of software where customers access software over the Internet. In SaaS, a service provider hosts the application at its data center and a customer accesses it via a standard Web browser. Three characteristics that apply to most SaaS vendors are: updates are applied automatically without customer intervention, the service is purchased on a subscription basis and no hardware is required to be installed by the customer.
5. ↑ On-Premise Software ( on-premise software )A type of software delivery model that is installed and operated from a customer's in-house server and computing infrastructure. It utilizes an organization’s native computing resources and requires only a licensed or purchased copy of software from an independent software vendor. In the case of on-premise software, the purchaser capitalizes the expenses of the software.
6. ↑ disaster recovery.Disaster recovery deals with protecting an organization from the effects of significant negative events, events that put an organization’s operations at risk such as cyber attacks and equipment failures, or hurricanes, earthquakes and other natural disasters. A disaster recovery plan (DRP) documents policies, procedures and actions to limit the disruption to an organization in the wake of a disaster.
7. ↑ change management.A structured approach to changing the mindset and perceptions of individuals, groups and organizations to accept and implement new ideas and processes in an organization.
8. ↑ cloud computing.The use of various services, such as software development platforms, servers, storage, and software, over the Internet, often referred to as the "cloud." Cloud computing enables companies to consume a computer resource, such as a virtual machine (VM), storage or an application, as a utility (just like electricity) rather than having to build and maintain computing infrastructures in house.
9. ↑ infrastructure.The generic term to include all application software, operating systems, network communications and database management systems with an organization.
10. ↑ Microsoft Azure ( Microsoft Azure )Microsoft’s cloud computing platform that offers a range of services and tools for building, deploying, and managing applications and services in the cloud.
11. ↑ data privacy."Governs how the data is collected, shared and used. It deals with the ability and legality an organization or individual has to determine what data in a computer system can be shared with third parties, both internally and externally, if data can legally be collected or stored, and regulatory restrictions such as GDPR and HIPAA."
12. ↑ application.A set of software programs designed to achieve a specific task.
13. ↑ architecture.The fundamental design of a system that integrates all the parts into a formal and visible structure.
14. ↑ customization.A feature or an extension in software that requires custom coding to create a modification of a software application. It differs from configuration, in which native tools that are part of the software solution are used to change behaviors in the software.
15. ↑ maintenance.The ongoing task of operating and maintaining a new system after the initial implementation including auditing, updating and upgrading.
16. ↑ data security.Protective measures aimed at preventing unauthorized access to computers, databases and websites. Data security also protects data from corruption. Examples of data security technologies include data masking, data erasure and encryption.
17. ↑ Multi-tenancy ( multi-tenancy )An architecture in which a single instance of a software application serves multiple customers. Each customer is called a tenant. Tenants may be given the ability to customize some parts of the application, such as color of the user interface (UI) or business rules, but they cannot customize the application's code.
18. ↑ security.The protection of information assets through the use of technology, processes, and training.
19. ↑ scalability.The degrees to which the system, network, or process of a computer’s hardware or software can be expanded in size, volume, or number of users served and continue to function properly. The ability of a system or network to handle increasing workloads and data volumes while maintaining performance and responsiveness.
20. ↑ database.A set of data. A permanent, self descriptive store of interrelated data items arranged in a logical way that can be accessed by various computer programs.
21. ↑ data.Numbers, characters, or images in a form which can be assessed by a human or (especially) input into a computer, stored and processed.
22. ↑ Cloud ( Cloud )The cloud is a general metaphor that is used to refer to the Internet, a network of connected computers. Instead of accessing files and data from a local or personal computer, you access them online from any Internet-capable device.
23. ↑ user.Any person who uses the business application whether they input data, view information, create or receive reports.
24. ↑ model.A graphical representation of a real-world event or process that needs to be communicated to all parties involved in system development to understand roles, steps, activities and outcomes associated with business events.
25. ↑ latency.The delay or time lag between the sending and receiving of data or information in a network or system.
26. ↑ testing.The processes around making sure that changes to systems are implemented correctly. This includes running programs, entering data and viewing system results.
27. ↑ Human Resource Information Technology [HRIT] ( HRIT )A common name for the department that manages the Human Resources systems for an organization.
28. ↑ Platform as a Service [PaaS] ( PaaS )A cloud computing model in which a third-party provider delivers hardware and software tools, usually those needed for application development, to usersover the internet. A PaaS provider hosts the hardware and software on its own infrastructure.
29. ↑ project.An interrelated set of tasks with a beginning and an end that is bounded by time, resources, costs and desired results.
30. ↑ Enterprise Resource Planning [ERP] ( ERP )A collection of software programs that is typically tightly integrated, which ties together all of an enterprise's various functions - HR, finance, manufacturing, sales, etc. This software also provides for the analysis of this data to plan production, forecast sales, analyze quality, and so on.
Source: https://tinyurl.com/56r8bf43