As I write this large parts of Texas, Florida and Georgia are still recovering from the effects of two hurricanes. Millions of people and businesses remain without electricity, phone service or even access to clean water. Some of these services will take months to restore.
Here in the Atlanta metro area, many of my friends were left without power for several days last week, even though we were only hit by the tail end of one of the storms, Irma, and she had calmed to tropical storm level with maximum winds of “just” 40 mph.
Numerous roads, including mine, were blocked for days due to fallen trees and most schools were closed for three days, with several of them forced to shut down for the entire week.
While being without power for a few days is an annoyance for households, for businesses it can be catastrophic.
A friend told me of his business – a wholesale distributor with massive operations in both Texas and Florida – that had been dead in the water (pun intended) for ten days in Texas due to hurricane Harvey, only to have their business in Florida, much of south Georgia, and parts of South Carolina grind to a halt with the arrival of Irma a couple of weeks later.
The main culprit?
Their servers had gone down, due to power outages and flooding, and they were unable to process orders, issue invoices, or check the account status of their customers.
Their warehouse distribution operations were fine once the storm had passed and their trucks were ready to roll. But this was of little use without knowing what products needed to go to what customers. Their efforts at digital disruption had experienced a bit of disruption by Mother Nature.
Just the cost to rebuild after both storms is estimated at over $200 billion, not taking into account lost revenue by business. Nor the scores of lives that were lost, and the pain and frustration of those left to rebuild.
With storms like Harvey and Irma becoming both more frequent and more powerful – and with it more disruptive and costly – many experts turn their eye to our nation’s infrastructure.
How can our cities be made to withstand storms like this better?
How can we harden our power grid, communications networks, and other basic facilities to reduce damage and speed up recovery?
Would underground power lines, like what we find in most of Europe, be a better alternative, despite their high cost?
And how can businesses improve their own IT infrastructure to make it more resilient?
Ironically, the best way for businesses to harden infrastructure may be to simply have less of it.
One of the amazing things about both Harvey and Irma was that, while homes and businesses flooded, roads became impassable, and the power went out, mobile phones and networks continued to work. Twitter, Facebook, and other social networks gave us a frontline view of the tragedy as it unfolded in real-time.
In many places, even the 911 emergency networks became inoperable or simply overloaded and people turned to their smartphones and social media to summon help. Ironically, while businesses couldn’t access critical systems, people in boats were able to update their Facebook and share pictures on Instagram.
That is because those systems, all running in the cloud, are often more resilient.
Even if a local data center goes down, others simply take over and keep the system running. Businesses who had their critical applications running in the cloud – as many increasingly are – saw far less disruption.
SaaS-based (Software as a Service) solutions like SalesForce, SAP S/4 HANA, and a growing number of content management (CMS), digital experience platforms (DXP), and more will take local or regional outages in stride.
They simply shift to other data centers to pick up the slack – a process known as load balancing or failover – to ensure maximum uptime for business-critical applications. Sure, businesses hosting their own systems could achieve the same level of resilience by operating multiple, redundant data centers in different locations, but this is often too costly and complex unless shared by others.
Of course, corporate IT – and often other departments too – will howl at the mere suggestion of switching to cloud-based SaaS solutions (please note that I use the term SaaS-based to encompass IaaS/Paas/SaaS for sake of simplicity) and bring up scores of reasons why this is a bad idea.
Topping the list will be “security” – I put this in quotes since it means so many different things to different people – and “control” (again, a nebulous term), closely followed by things like the ability to integrate other systems, customized solutions and workflows, and the loss of competitive advantage. Let’s look at these in turn.
Security can mean anything from maintaining control of critical client or corporate data to preventing unauthorized access and transactional integrity.
This is a red herring, of course, since cloud-based or SaaS solutions are in no way inherently less secure than those hosted by a business. Where a solution is deployed – provided it is with a reputable partner – has little or no bearing on the application or data security.
After all, all modern systems today are accessible from the outside in order to facilitate online access by customers and partners alike. Proper architecture, hardening, intrusion detection, and policies and procedures play a far greater role than hosting in ensuring security.
And having control over the hardware or network infrastructure is similarly not relevant. Reputable hosting companies offering cloud services, including Amazon AWS, Microsoft Azure, or Rackspace, are far more adept at maintaining secure hosting environments than most companies.
And reliable SaaS vendors not only work closely with these hosting partners, but they also ensure that their own applications – which they know intimately, having built them – are always up-to-date on relevant updates and patches. After all, this is what they do; their very existence depends on it.
If you need further convincing, then just consider that Equifax – recently in the news for the biggest loss of control and security breach ever – had full “control” over their custom-built solution that left 143 million consumers exposed.
And integrating with SaaS-based solutions hosted in the cloud using contemporary methods and interfaces is no more difficult than doing so for traditional systems hosted in-house.
In terms of the ability to customize a solution, it should be noted that today’s SaaS solutions are just as flexible, configurable, and adaptable than any software package you might implement yourself. In fact, many of them are far more so, since they were specifically designed that way.
SaaS vendors recognize the need to accommodate the unique business processes and specific needs of clients, for it is within those processes where a company’s competitive advantage lies. Certainly much more so than with their choice of platform or how their applications are hosted.
Unless of course, they are hit by a storm, a flood, an earthquake, or some other disruption. In that case, what you may have considered an advantage can quickly become a liability.
The bottom line is this: the migration to the cloud and embrace of shared SaaS infrastructure is the natural next step in the evolution of information technology.
Companies resisting this will quickly find themselves at a competitive disadvantage. Having seen computing transition from the mainframe to client-server, followed by the rise of the Internet, and now the move to the cloud and SaaS, we have seen companies resist change each time.
And each time nimbler, more innovative competitors would seize the opportunity to leapfrog them by disrupting their business.
Microsoft did it to IBM, only to have Google and SalesForce do it to them a decade later.
So whether your business is ready to move to the cloud and embrace SaaS or not, others are. And the threat they pose is real. When it comes to these concepts, let me (mis-)quote the poet John Donne, and encourage you to ask not for whom the bell tolls, it tolls for thee. You’d be smart to heed that call.