“Do we want to host this on-prem, or should we look at moving to the cloud?” is an inevitable question that comes up in today’s discussions regarding new software implementations, or upgrades to currently on-premise solutions.
‘To host, or not to host’ is a decision that should be carefully made. The answer will not be the same for every organization, even when two companies are implementing the same software solution. There are several things that need to be taken into consideration when deciding where your software is best placed – whether on your own locally hosted servers or in “the cloud”. In this article, we’ll briefly touch on four primary areas of focus regarding the hosting of enterprise software solutions: Compliance, Control, Security, and Cost.
As you explore hosting options for a new software deployment or upgrade, weigh the pros and cons of each of these areas to determine the overall impact for your line of business.
COST
The first thing many organizations consider is cost. On-premise costs can be easier to calculate up front as it pertains to the raw cost of hardware, software and energy costs, and space. It can be more difficult to calculate what costs will be incurred in the cloud, often requiring competitive bids from multiple hosting providers. While you may not pay for the hardware or space in a cloud/hosted environment, you will pay for the resources and computing power used. If the software in question is a highly utilized and visible application for your business, the costs for compute time will often be higher than for another application that may not be as heavily utilized or vital to operations.
Knowing the demand for compute time, CPU cycles, and storage requirements for that application are key in determining what costs will be incurred over time in the cloud - and how that cost will go up the more heavily should the solution be utilized more in the future.
SECURITY
Security concerns remain among the largest barriers that prevent most cloud deployments. Organizations that have extra sensitive information, such as the banking, healthcare, and government industries, demand a level of security that an on-premises solution typically provides more simply than a cloud-based solution.
Some large organizations like Microsoft, DropBox, LinkedIn, Home Depot, Facebook, Capitol One and Yahoo have each been subject to malicious attacks - just to name a few. IT departments around the globe are challenged with determining just how secure their data will be if the move to the cloud is made. From Personally Identifiable Information (PII) to intellectual property loss, the security threats are real.
Security is of utmost concern to many hosting providers, who often offer differing hosting and security packages (and costs) to best suit a business need. In general, the “security” question should not concern whether the cloud is more secure than on-premises, but how businesses can best use the cloud to improve their security.
CONTROL
In an on-premise solution, there is no question of who's in control of the data. All the data resides on servers in a datacenter that is owned and operated by the organization. That organization is in full control of that data - for better or worse. Highly regulated industries are generally far less likely to leap into the cloud with solutions, as maintaining end-to-end control and visibility into all application data is of paramount importance (next to security, of course).
In a cloud environment, oversight of that data is shared with a third-party hosting provider. The data and encryption keys all reside within the third-party providers’ environment, and your access as a customer may be limited or nonexistent. If something unexpected happens and causes application downtime, you may not be able to access your data in a timely manner until the third-party resolves the root cause. This is an important piece to discuss with any hosting providers – some may allow remote access into your application servers, though most will not.
COMPLIANCE
Many companies today operate under some form of regulatory control. The most common are the Health Insurance Portability and Accountability Act (HIPAA) for private health information, and the Family Educational Rights and Privacy Act (FERPA), covering detailed student records. However, there are other government and industry regulations that organizations may operate under that should be considered when hosting an application solution. It is imperative that these regulatory controls are complied with and that an organization knows where its data is at all times. If those organizations do in fact move to the cloud, due diligence in ensuring that the provider is “up to code” and compliant with all of the mandates surrounding the securement and storage of your data is critical.
In conclusion, these are just a few factors that should be considered when weighing the benefits and risks of hosting a software solution internally or leveraging a cloud environment. Cost is certainly an important factor, but there are other considerations that should be made to ensure a holistic hosting plan is in place for your organization. It is everyone’s responsibility to keep information and data safe.
Shamrock Solutions works with many customers utilizing both on-prem and cloud-hosted software solutions. If you have additional questions or concerns about what on-prem or cloud hosting means for your organization, please contact us and we’ll be happy to help!
Nathan Wust
Software Engineer