Cloud customers are market beneficiaries

There have been shifts in the cloud market recently. Large IT vendors have been adjusting their approach to catch up with the early movers. Providers generally have improved their offerings and terms, and the early promise of cloud is starting to be truly realised. Customers are benefiting from these developments, with those in the mid-market particularly well-placed to capitalise.

Cloud has developed

In early 2011 “cloud” was the IT industry buzz word, a label for all things revolutionary in IT. Undefined and broadly applied, it was a metaphor and cliché for everything from the internet to virtual servers, data centres – indeed any technology outside a buyer’s firewall. Those who attended presentations back in the day may recall the majority of the talk being taken up simply trying to define cloud!

Several years on, and highly specific cloud solutions have replaced the broad metaphors of years gone by. Cloud is now, rightly, one of the cornerstones of IT (along with big data, social media, mobility and security).

IDC forecast that this year nearly $100 billion will be spent on cloud globally, with $3 billion of that in Australia and New Zealand, primarily in the “consumption” space (infrastructure and software as a service). Cloud spend in A/NZ is expected to jump to a whopping $6 billion by 2016 and will account for 85% of incremental IT spend, as it will in the US.

Cloud has posed challenges for the big IT players

An associated and lesser known statistic, which has not been music to the ears of the large vendors, is that this growth in the cloud market has come at the expense of their more traditional revenue streams, like outsourcing, software licensing and hardware sales. This cannibalisation of existing revenues has been significant and ongoing.

Traditional software licensing and hardware sales deliver vendors immediate profit, allowing them to “recognise” the revenue upfront and report it to the market. Under a cloud model this revenue becomes “rateable” over the full term of the cloud contract, meaning they can only recognise the revenue over time.

And where traditional outsourcing and systems integration deals deliver committed, high revenue over 2, 5 or even 10 years, under a cloud model, this annuity revenue is generally uncommitted and much lower because capital costs remain with the supplier (and are defrayed over a larger customer base).

This explains why traditional vendors were slow to come to the party on cloud. Embracing the future first required them to reorganise, restructure and re-tool their businesses for cloud and to accept decretive revenue in one market segment in the expectation of growing revenues, over the long term, in another.

By the time the large vendors did get serious about cloud the early waves of public cloud infrastructure as a service were well established by Amazon Web Services, Rackspace and a number of pure-play organisations and cloud was already on the path to commoditisation.

Rather than join a market already competing on price, those organisations late to the party targeted higher value cloud services, like platform, software (such as analytics) and even business process as a service, so as to compete on value.

Initially this happened at the expense of their base level cloud offerings, where they fell behind on technology, price and service levels. In positioning themselves to reap the benefits of tomorrow’s demand for higher value cloud (which is more familiar territory) some overlooked the present market for more vanilla enterprise technology.

But over recent times, this situation has been remedied. The large vendors have invested heavily in on-shore data centres, more sophisticated cloud technologies, higher service levels and pricing and today those organisations have offerings that compete with Amazon and Co. Many have adopted a “cloud first” approach to in their sales strategies and some have publicly staked their financial future on cloud.

Buyers benefit

The winners in all this are undoubtedly the buyers, both large and small. Cloud has fundamentally changed how technology is accessed and consumed, across all segments.

But, while regulation and general concerns about giving up control have limited cloud take up by banks, telcos, utilities and airlines somewhat, none of these concerns necessarily restrict the mid-market.

For mid-sized organisations, cloud is a means to access enterprise grade, highly configured, automated, secure and social/mobile-ready infrastructure at previously unavailable levels of sophistication and affordability. A recent study by KPMG Australia Modelling the Economic Impact of Cloud Technology in April 2102 found cloud could reduce operational expenditure by up to 25% and capital costs by 50%.

Contracting for the cloud

Recently, many, if not all, large IT vendors have adopted “ease of doing business” as their cloud sales mantra, which is in part a statement about transparency and simplicity of technology and contract structures, and about speeding up the negotiation process.

This has meant greater transparency about their cloud technology, security standards, redundancy and data handling practices, including data sovereignty issues. In one case, a large vendor reduced its cloud contract from a dense, lengthy document to just three pages. Does transparency and simplicity in contracting mean a greater willingness to negotiate service levels, IP ownership, risk allocation, data handling and security? In the case of public cloud, the answer is, unsurprisingly, “no”.

It’s hard to argue with the vendor’s view that in a self-managed, automated service delivered from a globally (or regionally) centralised, multi-tenant, shared environment, at a relatively low price point, the terms are the terms are the terms.

Customers may find some of these terms hard to accept, like vendors retaining the right to unilaterally vary terms, not committing to confidentiality or to comply (contractually) with privacy law and not offering IP infringement indemnities (remember the litigation between Salesforce.com and Microsoft in the US over cloud based patent infringements?). In light of this, buyers will need to invest the time to understand what they are buying and the terms on which they are buying it, and then make their own (comparative) assessment as to suitability for the use they plan to make of it.

It is some consolation for buyers to know that there is a developing market standard when it comes to public cloud terms (vendors having recognised the competitive disadvantage in having their terms fall behind the “market”). However, differences remain in important areas, such as use of encryption and back-up, data segregation and willingness to identify physical location of data.

Variation in terms

Ultimately, switching vendors will always be a customer’s best response to bad service, so a large part of this analysis should consider the “stickiness” of a vendor’s offering. Technically, customers should ensure their chosen cloud provider uses protocols that facilitate, rather than limit, portability. Contractually, customers should consider the extent to which a vendor will or will not assist on disengagement.

For instance, although nearly all vendors contractually agree that “content” uploaded to the cloud is owned by the buyer, many differ on how they treat this content when the agreement comes to an end – for example, will they preserve the data for the customer and if so, for how long?

Do the periods differ depending on the reason for termination? Will the vendor itself retain the data, or will it undertake to delete it from its systems?

Similarly, there is generally a variance of approach to liability between the US providers and those from Europe and elsewhere, with US-based vendors typically restricting their liability exposure to the customer to a greater extent.

If security and data sovereignty are a particular focus for a customer, the circumstances under which a provider will disclose customer data following a government request or a court order or similar should be closely examined.

More scope for negotiation on private cloud terms

The situation is very different when it comes to private cloud, whether hosted or on premise, where the buyer has much more room to negotiate.

The more a cloud solution moves along the spectrum from standardised, commoditised, multi-tenanted, vendor-owned, to the bespoke, higher spec’d, single-tenanted (basically outsourcing), the greater the scope for negotiation on terms.

Those who followed the CIA’s decision last year to award a USD600 million private cloud contract to Amazon, and not to IBM, and the public review of both companies’ bids that followed, would have seen that in highly bespoke private cloud technologies, contract terms and pricing are entirely a matter for negotiation.

While transactions in the mid-market are not likely to scale the heights of the CIA deal (nor indeed would many cloud transactions in the large enterprise space), the principle stands.

Which type of cloud?

Experience suggests that organisations tend to use public cloud for less critical tasks requiring immediate, short term scalability (test and development functions, projects, for instance) and private cloud for more sensitive, critical functions. And today many vendors are offering hybrid cloud solutions, in various forms, combining the public and private cloud in an overall solution.

This enables customers to hold non-essential data in the public cloud and confidential information in a private cloud.  Often different contract terms apply to each offering.

This co-mingling of cloud and legacy technologies, often in a multi-vendor environment, increases complexity and buyers must ensure they understand not only the specifics of each category but how they “hand off” to each other, contractually and technically. It also necessitates an understanding of the different types of data being stored and processed – e.g. what data is particularly commercially sensitive, what contains personal information or sensitive information (e.g. health information) and so on.

Security practicalities

Data security is often cited as a hurdle for moving to cloud-based technologies, and the recent, high-profile leaking of nude celebrity photos iCloud accounts, certainly won’t have done the image of consumer cloud services any favours. Interestingly however, a Government report Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide from 2013 states that “[d]espite common perceptions, cloud computing has the potential to enhance privacy safeguards used to protect personal information held by Government agencies”. This reinforces the point we made earlier – cloud is marking higher spec’d technology far more accessible for enterprises.

Useful industry reports are available on security also. For example, in its 2014 Data Breach Investigations Report, Verizon analysed a large number of data breaches to facilitate a greater understanding of the various types of security risks and to give practical guidance on how best to protect organisations from them, for example which security controls are likely to be most beneficial for each industry. Again, buyers need to be across these issues and ensure what they are buying is appropriate in managing their risks.

Conclusion

While there are complexities and some work is required to fully appreciate the differences between the various cloud offerings, the many advantages, including affordability, flexibility and scalability, provide compelling opportunities for users of IT. Now is a better time than ever for medium sized enterprises to embrace the advances and accessibility being driven by cloud.

And up next…

The traditional software houses are also under pressure to reinvent themselves in a similar manner to meet customer demand for vertically integrated, on-demand, pay-as-you-go SaaS models. We will report soon on this and some of the opportunities this opens up for customers.