In the manufacturing and operations sectors, the decision to move to the cloud or keep critical services within on-premise infrastructure is complicated by the need for real-time connectivity.
Large to mid-sized companies still lean towards the on-premise model because it affords them more control. And, since they have more staff and typically bigger budgets, they can employ people that understand how these solutions work. A small company with a single IT person might have to run a variety of different systems, and is not in a position to singlehandedly build a security operations centre (SOC).
Smaller firms and the cloud
Smaller companies are often much more willing to instrument their network to a secure private cloud, which removes the threat of multi-tenancy. Private clouds effectively wall-off the firm’s IT so that access can be better controlled to among a smaller pool of internal staff. They can also scale immediately, so a company that sees a spike in demand or production is not tied to possible constraints of an on-premise solution.
Additional benefits include the ability to remove the burden of server maintenance and software updating from IT, and overall lower cost of ownership. In a manufacturing setting, the cloud allows firms to implement software much more quickly, a capability that is especially important for firms that need to desperately upgrade their operations. The cloud enables the manufacturer to select and implement compatible software instantly, instead of waiting for a lengthier on-premise install process.
In an industrial setting, a firm that is instrumenting their network to the cloud will also need to monitor that environment carefully, especially when it comes to sensitive data. So consider a manufacturer that’s handling various industrial control systems (ICSs), and is thinking of putting sensitive data onto the on-premise network, or using a third-party to protect and manage the data.
Instead, they might find a more elegant and cost-effective solution is to pull the information out of the ICS environment and take that data to a private cloud instance. It becomes a different consumption model, where the firm is taking data, capturing it, moving it to a third-party detection and monitoring platform.
For smaller firms, avoiding the capital expense of building an SOC often makes sense as they simply flow data to the private cloud. They do not have to take on extra internal staff to manage the SOC, or waste valuable time training current staff who instead could be working on revenue-generating projects.
Mid to enterprise-level businesses
Firms in the mid to enterprise-level size are still heading towards on-premise solutions, largely because that’s the “way it’s always been.” Larger firms are traditionally risk and change adverse, so a movement of critical systems to the cloud is naturally met with skepticism and review.
However, improvements in cloud security, reliability, and speed within cloud services and the maturation of the entire sector are driving a shift. Recently, the US Department of Defense (DoD) recently approved the use of Amazon Web Services (AWS) for the management of select DoD applications and data. Amazon received provisional authorisation to host Level 5 data, which often comes from the Pentagon, military branches, the NSA, and other agencies that manage some of the world’s most secretive data.
This move has provoked discussions amongst other sectors that deal with very sensitive data such as healthcare and financial services. The DoD’s move is part of a larger government program to push itself into the 21st century through technology tools, a move away from paper documents, and more connectedness. Government agencies are realizing they can leverage this technology for its strengths, which are the ability to complete tasks faster and cheaper.
Utilities and other infrastructure-based organizations will be watching the DoD/AWS closely to see if any breaches occur and if the Federal Government actively expands the usage of cloud services. This could take a few years, but it will greatly impact adoption of the cloud (assuming it goes smoothly) for firms that manage sensitive data or processes.
Even still, there will be some businesses that cannot move all of their control systems to the cloud due to the need to eliminate connectivity issues and ensure 100 percent reliable real-time data.
Movement to the cloud is restricted by firms having some applications that need to happen in real or near-real time. There’s some debate as to whether certain types of actions or processes controlled by these applications will ever be cloud ready.
Consider a Tesla Model S rolling down the road that uses the lines in the road, the stop sign, and a variety of information to perform auto pilot driving. Much of this information can be built into a database, so the car can effectively “map out” the potential stops and route. But if a road worker presents a hand held stop sign, then the car needs to stop immediately.
You need the instrumentation to perform computations at the local level, and cannot risk having that data go to the cloud and experiencing a connectivity issue. For electricity providers that are operating the smart grid where production can be scaled up or down, there are legitimate questions if all facets of this can be trusted in the cloud. A water or wastewater facility will have multiple industrial control systems that must work flawlessly and on demand.
>See also: Making a business’s data cloud-ready
It will take impressive strikes in cloud reliability and connectivity, and use cases such as the DoD’s initiative to convince water suppliers to move into private clouds to manage controls.
A similar dynamic happens in manufacturing, where certain processes require always-on capabilities, and delay can be costly and possibly even dangerous. The market isn’t at the point yet where a cloud connection is as immediate as a desktop connection, and perhaps it will be once we reach 10G or similar connectivity, but for now there are legitimate concerns.
Given these conditions, the cloud vs. on-premise debate will still remain an “it depends” situation, where the size of the company, and their actual processes and needs will largely determine the right infrastructure.
Sourced by Matt Morris, VP of Product Strategy at NexDefense
See also: How to deliver the benefits of the public cloud experience on-premise – In the hybrid cloud era, CIOs are increasingly targeting cloud-like infrastructure in the enterprise.