Cloud computing security.
Image: estherpoon/Adobe Stock

In the beginning, organizations always processed data on-premises. Or did they? You may be surprised to learn that cloud computing is a concept that dates back to the 1950s when the concept of shared, centralized resources was born.

But it wasn’t until the mid-1990s that enterprises formally began to “track and sometimes leverage what is now cloud computing with the rise of applications that were delivered over the internet, or sometimes via private network connectivity,” according to David Linthicum, chief cloud strategy officer at Deloitte Consulting. “This was the rise of what is now software as a service, which was really driven by core SaaS innovations providing enterprises with applications delivered over the open internet using browser interfaces.”

Since then, the cloud has added platform as a service and infrastructure as a service, which began to rise in 2006, he said.

SEE: Hiring Kit: Cloud Engineer (TechRepublic Premium)

Jump to:

Cloud makes inroads in the enterprise

The notion of being able to reduce or eliminate hardware and other operating costs became appealing to enterprises, with many moving toward subscription-based SaaS to replace expensive, on-premises systems.

Even before the global COVID-19 pandemic forced companies to shift toward remote work, there is little doubt cloud computing has significantly changed the way businesses operate.

“There are few absolute certainties in technology, but one subject that is beyond debate is the fact that cloud computing has permanently changed how IT is deployed and consumed within businesses,” noted Anurag Agrawal, founder and chief global analyst at research consultancy Techaisle.

According to Agrawal, cloud found its way into the enterprise before the Great Recession when companies were grappling with key constraints that included:

Infrastructure cost

To support new systems, businesses needed to purchase new products. These products required a detailed cost and benefit analysis, were subject to the available CAPEX budget and typically needed to be operated for a minimum of three to five years, a period corresponding to the depreciation cycle associated with the platform hardware.

Development and automation of business processes

IT was stretched in many directions, and much of its time and budget was consumed with maintaining existing systems. New automation projects might not require a lot of dedicated time, but because they were competing for scarce resources, the elapsed time between need identification and new system deployment was often measured in years.

End users beholden to IT for service

The grip of technologists was already starting to erode as new tech-savvy generations of end-users and managers came to the fore, but IT still controlled the servers and networks needed for the deployment of business-critical systems. End users could, in some cases, turn to outsourcers for help in accelerating the queue, but they were generally limited to deploying applications on IT’s infrastructure.

The ability to work remotely

While the use of technology to enable remote work began before 2009, the concept was still something of a novelty. Employees might be able to work from home occasionally, but most workdays were in the office, and few staffers worked primarily from transient locations.

“It is stunning to see how much corporate IT realities have changed,” Agrawal said. “Today, an increasing proportion of infrastructure is rented rather than purchased, sourced with OpEx funds from remote suppliers. Agility has become the watchword for new automation projects, and acceptable time frames are no longer calibrated in months.”

The promise of cloud computing

There were many benefits touted by the rise of cloud, not the least of which was cost savings on infrastructure, as well as buzzwords like scalability, reliability and elasticity. But that didn’t mean they ran straight into the public cloud where resources were shared among companies.

“For some corporate users, keeping the cloud in-house alleviates the security and privacy concerns that can come with running key applications and data outside the company,” said a 2009 article by the Wharton School. “However, cloud providers insist that data is safer and less vulnerable with them. Companies that provide storage and computing services maintain state-of-the-art facilities and implement security updates immediately.”

Today, end users can source applications, infrastructure and other needed services from various online resources, and workers are tethered to the corporate infrastructure by their smartphones and tablets rather than by the cables attached to their desks. Most of these changes are attributable in part or in whole to cloud computing.

Cloud infrastructure provides the basis for OpEx-based, flexible-time frame infrastructure rentals. SaaS providers can deploy new automation in hours rather than months. Mobility isn’t really a discrete initiative so much as it is a key attribute of ubiquitous infrastructure. And IT now competes for corporate IT influence and budgets — it is no longer the ‘final word’ on IT and business solution strategies.

Early adopters of cloud computing

Government agencies were early adopters of cloud computing, driven by their leadership in defining what cloud computing was.”

“However, in terms of who adopted it at scale, it was the financial institutions, such as banks, that saw the potential early on,” Linthicum said.

Banks were among the first to move to the cloud “because they had the capital to do it and they’re interested in trends,” agreed Yale Fox, an IEEE member. Other early adopters were big tech companies like Amazon, Google and Microsoft, especially around 2010, Fox said.

AWS was the first of the three major hyperscale cloud providers, which also includes Microsoft Azure and Google Cloud Platform.

Early use cases and sticking points

In the early days, the cloud was seen as an alternative to enterprise applications that ran inside of data centers, such as ERPs, CRM and accounting systems.

“It was much cheaper to consume them as SaaS services than host and maintain the applications and data yourself,” Linthicum said. “The applications were constantly being improved upon, and those improvements were released constantly. Thus you didn’t have to wait for version releases as with traditional enterprise software.”

File storage was another early use case of cloud, Fox continued, noting the arrival of companies like Dropbox and Box. Cloud storage was a lot more expensive in the early days, when the concept of not having to run your own servers and simply clicking a button to rent space on the cloud was a novelty.

Initially, the early sticking points were a lack of security, which was weak with the early versions of SaaS, PaaS and IaaS cloud providers.

“This includes support for compliance mechanisms, such as encryption, which was a requirement for healthcare providers and insurance companies,” Linthicum noted.

Other inhibitors included not having enterprise data in the cloud as well as the challenge of migrating that data, which Linthicum said was very difficult, as well as the perception that data placed into a cloud provider was made vulnerable to hacking.

Migration continues to be an issue, Fox said, especially for organizations that don’t want downtime, but virtualization has made it easier.

There was a misconception that data stored in the cloud was more secure, but Fox believes that continues to be a dicey proposition because the cloud is “that much bigger of a target. If you set up the cloud properly, it can be more secure.” But Fox said that even today, whenever he looks at a company that has set up cloud services for themselves, “it’s rarely done right. You can have so many instances of things running and not know what it is.”

Top cloud breaches

Cloud computing hasn’t been bulletproof. Several high-profile data breaches have occurred over the years, including:

  • Yahoo and Target (2013)
  • U.S. Office of Personnel Management (2015)
  • Equifax, Accenture and Verizon (all in 2017)
  • Marriott (2018)
  • Solarwinds (2020)
  • Kaseya and Cognyte (2021)

Reaping the benefits of cloud computing

It was just a few years after the initial adoption, around 1999, that the benefits were better understood.

“Most of the early cloud adoption occurred without the direct knowledge and approval of enterprise IT, but there were employees that used their own credit cards to sign up for SaaS systems,” Linthicum said. “They understood the personal benefit to them, which led to IT adopting cloud computing as a result of grassroots interest in this technology.”

Resilience, especially during the pandemic, has been another benefit of the cloud.

“If you were on the cloud, set up properly, it was much less likely you’d have an incident during a massive peak of traffic,” Fox said.

Subscribe to the Cloud Insider Newsletter

This is your go-to resource for the latest news and tips on the following topics and more, XaaS, AWS, Microsoft Azure, DevOps, virtualization, the hybrid cloud, and cloud security. Delivered Mondays and Wednesdays

Subscribe to the Cloud Insider Newsletter

This is your go-to resource for the latest news and tips on the following topics and more, XaaS, AWS, Microsoft Azure, DevOps, virtualization, the hybrid cloud, and cloud security. Delivered Mondays and Wednesdays