There are many aspects you need to consider while deciding to change your vital IT system (like the project management system in a translation office). Some time ago I recommended that you do not even consider software without an API (DataBase Based Integration – a Sackable Offence). In this article we will concentrate on another important aspect which is the model of how your software will be run, managed and accessed: On-Premise or On-cloud.
Software Delivery Models
Specialized software requires multiple IT layers to run. Different services combined with business logic and a nice UI under the umbrella of one application provides a user with a unique and complex functionality he/she requires. These layers can be divided into three basic groups:
- Hardware and network access – including server CPU, memory, hard drive (often virtualized) active and passive network devices,
- Operating system and common services – file system, email services, databases, backups and other functionality that is shared by different applications, usually installed and managed individually,
- The actual application – a top element that users interact with, specialized code providing functionality built on top of the operating system, a common (often distributed) service and other applications.
The traditional software delivery model assumed the software buyer controls the entire stack for the software is installed on hardware and an operating system under his full control. Since cloud solutions gained in popularity, more and more services are moved outside the company office – not only physically also the control (and responsibility) is passed to cloud providers. Servers are more secure and better served in a data center so we started to keep our servers there. It became evident that it is faster and cheaper not to own servers at all but rather use the ones that are owned and maintained by the cloud provider. Hardware virtualization technology speeded up this process even more so now ‘your’ server can be up and ready just a few seconds after placing the order – that is Infrastructure as a Service (IaaS) – a cool thing saving your company a lot of hassles spread between advanced IT hardware knowledge, a screwdriver, and power outages.
Anyhow, using IaaS still requires installation and management of the commodity software – databases, email servers, file system sharing services and others as well as having to address scalability and security challenges. Platform as a Service (PaaS) vendors promise to provide you with all this stuff. They usually build their offering on IaaS and provide high expertise in a particular area so the resulting service is of the highest quality, hard to achieve by an individual IT specialist and even entire IT departments. We trusted them and gave control of many services (E-mail me if you are not using any :-).
The last element is an application – the core system your company uses to run your business – it may be offered as a Software as a Service (SaaS) and/or as on-Premise. You may decide to buy the system and run it on your own on an IaaS and PaaS infrastructure or let the application vendor take full care of it. There are a few factors worthy of your consideration before making the final decision: legal aspects, business continuity, IT security, deployment and maintenance and finance – they are described in the following chapters.
From the legal perspective there is a fundamental difference between on-Premise and Cloud-based software.
For on-Premise you need to licence the software. The licence gives you access to the application in the form of source code or binaries as far as an allowance to run/use it in the scope and areas described in the EULA (End User Licence Agreement).
There are multiple different software licensing strategies but at the end of the day you are given the software on an ‘AS-IS’ basis with permission to run it on your own. Except the legal limitations, you have full control over the software and any piece of data you generate while using it. XTRF for instance, enables you to run one production instance of the software which can be accessed by a limited number of users. You can also have additional copies for testing purposes – e.g. as a staging environment.
SaaS is quite different. From a legal perspective it is nothing else but contract for providing a service. You do not need any software licenses – you are granted a right to use a given service for a limited period of time. By signing-in to SaaS you grant a cloud provider rights to process your data so they can host your service. The service and the scope of your data usage is described in a document which is usually non-negotiable, called the Terms and Conditions which describes, as far as, the service functionality, usage models, and limitations.
XTRF and our IT partners are ISO 27001 / 9001 certified to provide the highest standard in data security and service quality.
Business continuity encompasses planning and preparation to ensure that an organization can continue to operate in the case of serious incidents or disasters. In the context of a system which is critical for a company’s operation, you should consider your business continuity strategies for both on-Premise and Cloud solutions.
Ask yourself two control questions: How do you know the system is not working? and What actions will be taken to solve the problem if it occurs? The first question is usually answered as:
- Somebody (a client, colleague) tells you there is a problem.
- You detected (experienced) the problem by yourself.
- You have been informed by a monitoring system that detected problems automatically.
The last answer is the least common for on-Premise installations. It means that if a failure occurs at night or during the weekend many hours pass before somebody even starts solving the issue. Moreover, the answers to the second question show that application outage time increases even more. Two of the most common answers are:
- You call your IT guy or department – it’s fine if he is on duty and confirms the problem. You are even more lucky if he can solve the problem in a minute… but sometimes after two hours IT calls you back claiming a master hard drive controller failure and asking to buy a new one with an express delivery of 48 hours. The system is down for 3 days.
- Sometimes your IT blames the system vendor – a bug in the software – so you call the system vendor and get a famous “it works for me” response. – after a few hours/days it finally turns out that one parameter of your server infrastructure had been changed and it resulted in a failure when the system was restarted. Two days passed before the system was up and running again.
What about a serious power outage, strong storms or a digger cutting off the internet to the entire office…
What about the SaaS model? Cloud providers offer service-level agreements (SLA) which guarantee a certain amount of uptime. In the case of a problem you can call/email/raise a ticket at your provider helpdesk and be informed that they have already detected the problem and provided an estimated time of system restore, which is usually far below the SLA agreed. If a problem occurs at night you probably will not even notice it.
How is it possible to achieve 5 minutes unavailability in a year? In mature cloud environments the monitoring system automatically informs about problems, it can detect the problem and reacts much faster than any user. SaaS providers operate in 24/7 serviced data centers that can fix broken hardware in minutes or automatically migrate the system to new hardware.
In the XTRF Cloud, we not only monitor our systems but also react to system failures in an automatic way. There are multiple rules defined that can automatically restore your system operation with minimum downtime. If the automation fails an SMS notification is sent to an administrator on duty.
Disaster recovery involves a set of policies and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. To recover from a disaster you need access to your data. You can buy new hardware, you can get all the systems and program binaries from vendors but access to your backed up data is essential for your company to recover from a real disaster.
You may have been told that your data are backed up – it is not enough – make sure one can restore the data from the backup. There were companies that made regular backups but in a critical moment, the restore process failed – nobody remembered the password to a backup copy or backups burned in a server room together with the servers. It is a matter of life and death for your company – check twice or go SaaS.
Deployment and Maintenance
SaaS service deployment and maintenance is easy – you order a service and it works.
On-Premise installation requires much more attention. The SaaS provider uses the optimal hardware and operating system configuration for the software it offers. Your IT may want to reuse an existing server (does it conform to the requirements?) and install the operating system, database and other services according to their preferences that do not fully match the software vendor’s recommendations. Having selected the hardware, the following actions need to be performed:
- configuration of a (new/rented) server (operating system, basic software, internet connection, security),
- installation of the new software (+ additional elements – database, proxy server, SSL certificate etc).
- testing, including performance tests,
- fine tuning of the system,
- configuration of a monitoring subsystem.
When the above steps are completed you should be informed about the stability of the final installation and what availability can be guaranteed.
All IT systems require regular maintenance. Server security has to be properly managed, system and software patches installed, monitoring alerts verified, system health checks performed, minor hardware failures, power and Internet outages addressed. All these actions take time and require competent IT specialists.
A cloud-based system can easily grow (and shrink) with your organization. Into every business, there will come spikes. Those days when suddenly everyone wants access to your data and they want it now. What to do? You can buy enough servers to meet the maximum possible data demand, but that’s a waste of money when the servers are sitting idle. Imagine you have a big project starting next month and need to hire 3 extra people only for this project for two months – would you invest in a server upgrade and 3 additional software licenses? Being able to scale up and down is a huge competitive advantage. It’s also extremely cost-effective.
There is a temptation to compare on-Premise and SaaS costs in a simplistic way. For on-Premise we assume one time spending on licences and compare this with yearly spending on the Cloud. Let’s make a comparison using the current XTRF Professional pricing for 10 users.
The above model is entirely wrong. It is like comparing buying a car and using a taxi but including only the total price of the car – forgetting about fuel consumption, service cost, insurance policy and parking costs. The right approach is to compare the Total Cost of Ownership. TCO is a financial estimate intended to help buyers and owners determine the direct and indirect costs of a product or system. So what are these additional costs of on-Premise?
If we include the above factors the TCO can be calculated over 10 years following the purchase date.
Even we do not include: interest rate on initial investment, Opex/Capex benefits, lower risk, flexibility, adaptability and SLA – the calculation clearly shows the cloud is cheaper and requires half of the initial investment. It includes some extra benefits not available (or not included in the price comparison), moreover in the ten years the following situations are of high probability:
As your comfort and sense of security are priceless, the final comparison gives the Cloud an even better advantage.
On-Premise installation requires significant spending, mature IT processes and highly paid professionals to ensure stability and security – full control has its price.
Cloud-based solutions can provide the highest availability and data security due to mature data protection policies and processes. Flexible pricing plans, adaptability, and benefits, gained from economy of scale result in lower TCO than maintaining your own software as far as decreased initial investment risk.
Moreover, cloud usage allows your IT not to concentrate on more server/software administration but instead, they can focus on business-value oriented tasks that better address your company’s mission.
“Continuity of processes and data security in a distributed translation management system.” Project co-financed by the European Regional Development Fund under the Operational Program Innovative Economy.