Many people see in cloud computing only the people-centric, mobile-first, and analytic-driven applications which can be purchased with a credit card. This would undervalue the transformative power of the cloud.

If your cloud vision is narrowed down to SFA (sales force automation) or even any cloud CRM, then you need to accept that your applications will be siloed and integration with the rest of the business will be ad hoc at best.

A quick fix cloud application can become a long-term business problem when there is no integration between the application and the rest of the organization, especially at a process level.

To truly leverage the cloud for your business, cloud applications need to be considered in conjunction with a modern platform (PaaS) AND flexible integration capabilities. SAP h as taken this kind of holistic portfolio approach (more details ).

Among the predictions about the future of the cloud offered at a recent technology event in San Francisco: The role of IT will become more business-focused as routine operations are off-loaded. Some very large companies will migrate all of their technology infrastructure to the cloud, sooner rather than later. And computing power will follow the same trend as electric power did a century ago, becoming a utility delivered from industrial-grade plants (an idea popularized by Nicholas Carr’s 2008 book, The Big Switch ).

Significant progress toward some version of this future already is in evidence, as shown by our study, Unlocking the Cloud. And companies are moving quickly to further their cloud presence–92% of our survey respondents expect to achieve moderate to significant improvements in speed and efficiency of processes via the cloud.

As the chart shows, key business functions such as HR and finance will see rapid cloud adoption in the next three years, and companies expect to see significant gains in productivity, innovation, and efficiency as a result.

Our boldest prediction, made in the paper “Connecting the Cloud,” concerns the power of networked clouds. We say that cloud-derived advances to date are “only incremental gains compared with those promised by the merger of disparate clouds, whether operated by different groups within the same company or by external business partners.” Integration of cloud-based operations into business networks promises a variety of payoffs, including better performance across functional areas (e.g., supply chain, purchasing, payments); increased ability to partner with other firms and take advantage of new technology; and access to new markets and customers.

Nobody who works in technology thinks this will be a picnic. Chuck Hollis, chief strategist for VMware, has posted at his blog a litany of cloud-related woes suffered by vendors and customers in the early days of the transition. But he also sees a way forward, to a market where services tailored to business needs become essential to enterprise users. Here, high-level capabilities, not price, will emerge as the key differentiator. Writes Hollis, “As an IT vendor, you’re known by the quality of your people; I can’t [see] it being all that different in an enterprise public cloud world.”

The reward from open and integrated cloud networks is return on investment that is greater than the sum of its parts.

Cloud integration will dictate the benefits or setbacks cloud users see from their investments, but capitalizing on cloud-integration strategies requires a significant amount of groundwork. Cloud leaders typically share several good habits when it comes to cloud networking, including:

  • Building vendor networks. Leading organizations look to build vendor networks rather than taking a one-off approach. One of the benefits of building cloud platforms is the simplicity of adding services. Without adequate planning, however, a random collection of solutions can emerge as a problem. In many cases, organizations benefit by selecting a vendor as a core cloud provider and filling in additional needs with boutique solutions. The integration of services is crucial.
  • Engaging in ongoing reviews. Maintaining an inventory of cloud services and understanding what is in place at any given moment is essential. It is also important to identify any unauthorized services that a department or employee might procure. In the end, IT executives must ensure that all services are in sync and security does not fall between the cracks.
  • Centralizing controls and end-to-end visibility. It is critical to put monitoring and controls in place in order to gauge performance and understand how systems and data are being used. It also is important to validate service levels and confirm vendors’ claims that their systems are realizing the terms of service-level agreements.
  • Relying on KPIs. Key performance indicators are an essential component in cloud environments. Although every organization is different and each must determine which KPIs are most critical, common yardsticks include availability; capital vs. operating-expense costs; workload compared to utilization; SLA response error rates; and revenue efficiencies.
  • Recognizing that governance and security are critical. Strong single-sign-on authentication is essential, as are security tools, including firewalls, intrusion detection, data encryption, and endpoint security. An enterprise must also embrace a lifecycle approach to data—assigning tiers and classifications—so that it can be used effectively while managing costs.
  • Building a pool of IT talent. It is critical to hire and develop talent that matches requirements. Clouds represent different challenges than traditional client-server environments. Finding talent that fundamentally understands clouds and how they integrate with existing IT assets is indispensable.

Cloud security is a challenge, but businesses can take steps to reduce risks.

Originally posted on on September 18, 2013

Security remains the primary concern for businesses turning to cloud computing. According to a recent article from CIO Magazine , many CIOs are reluctant to adopt cloud services because of security threats. Several CIOs who spoke at the Security Insights forum (held in April in Sydney, Australia) explained the reasons behind their conservative approach to cloud platforms. Ramsay Health Care CIO Mick Campbell cited data leaks and the resulting reputational damage as a barrier to cloud adoption, and others expressed similar concerns, along with nervousness about inefficient government regulation and confusion over how and where data is stored.

These concerns are in line with the fears expressed by executives in a study conducted by Oxford Economics for SAP, Protecting the Cloud. Survey results show that security is the top concern among business leaders adopting cloud platforms.

Protecting data is an ongoing challenge, but there are ways to mitigate security risks:

  • Map out business processes to understand potential vulnerabilities.
  • Classify data and know how it is being stored and shared.
  • Recognize the potential cost of a data breach.
  • Identify gaps in existing compliance and security policies.
  • Increase the use of education and training to keep up with rapidly morphing security threats.
  • Avoid a locked-in approach—do not let vendors dictate a rigid set of proprietary tools and technology.

CIOs who express concern over cloud security have already taken a step in protecting their businesses: They are aware of the potential costs—financial and reputational—of a security breach. Armed with this awareness of their vulnerabilities and of the value of their data, CIOs should be able to outline a strategy for protecting cloud security that works for their organization’s unique needs. With a tailored and flexible approach to cloud protection, they will be able to experience the benefits of cloud computing.

“While there is a tremendous opportunity for CIOs and other top executives to be champions and brokers of cloud computing, there are also tremendous compliance and security risks that line-of-business executives don’t want to handle—and many aren’t equipped to deal with.”

–John Considine, Chief Technology Officer at Verizon Terremark.

Security is the top concern among executives moving business functions into the cloud. The use of mobile environments is an increasing concern for companies. Internal and external sources both pose a threat—companies must be fully aware of how vendors are migrating and storing their data, and they also must prevent internal breaches, whether accidental or planned—this risk is heightened by the advent of BYOD policies.

The most successful cloud vendors take a holistic approach to security, building defenses into the fabric of their cloud platforms from the beginning and constantly reevaluating their needs as technologies and business requirements change.  Here are a few approaches cloud leaders typically take to their security strategies:

  • Tearing down silos. In many instances, gaps and breakdowns occur when different departments or divisions procure cloud services—sometimes in a haphazard or ad hoc way. An organization must integrate services and platforms to ensure that tools, systems, and strategies function comprehensively.
  • Adopting strong integration tools and practices. Well over half (58%) of respondents have purchased integration tools. Almost as many (55%) have a dedicated team focused on cloud integration, while 52% use integration-service providers. All three of these approaches are crucial.
  • Developing solid communications with cloud providers. It is important to understand roles and responsibilities, and to know what is included in service-level agreements (SLAs) and what third-party certifications a vendor has achieved. Companies should be well informed regarding what security protections are offered, particularly when tiered service options exist, and how and when maintenance, patches, and upgrades will take place.
  • Implementing data-centric controls. Once an organization has identified and classified its data, it is essential to have a strategy to ensure that the data is managed and stored in a secure way. This may include the use of encryption, firewalls, and numerous other tools. Virtualization and cloud make this task more difficult—but even more essential. Visibility into systems—including hosted services—is key.
  • Applying role-based authentication. A cookie-cutter approach to authentication is an invitation for problems. Secure access—knowing that only those with the right credentials can access data—serves as the foundation of an effective cloud strategy.
  • Using VM (virtual machine)-specific tools. When it comes to clouds and cloud platforms, data boundaries and separation are everything. The use of physical and virtual firewalls—as well as other security tools that ensure that data isn’t inadvertently shared—is a vital component.
  • Insisting on complete oversight. A secure enterprise requires full knowledge of operations at any given moment. This translates into a need for robust audit capabilities, user tracking, ongoing risk assessment, regular compliance inspection, and consistent reporting. In some cases, compliance must function across multiple organizations.
  • Maintaining physical security. A vendor or hosting service must have strong physical protections in place, including access controls and 24×7 video surveillance and monitoring systems that can detect unauthorized access to server rooms and other sensitive areas.

By the end of this year, more than half of all internet activity will involve smartphones, tablets, laptops, and other mobile devices, according to consulting firm IDATE. Companies cannot afford to ignore this, so they are investing in mobile strategy and tying it in to their cloud platform plan with the hopes of increasing productivity, brand loyalty, and revenue. Above all, businesses are prioritizing customer-facing strategy in mobile clouds—customer reliance on smartphones and tablets demands it.

Here is a look at the benefits companies expect to see from focusing on customer-facing mobile strategy, with responses broken out by geographic regions:

Source: Oxford Economics

“Mobile is going to take over in the next couple of years, and companies will have to pay attention to that fact.”

–Shawndra Hill, operations and information management professor at the University of Pennsylvania’s Wharton School

Companies are investing in mobile technology and expect to see rewards in the next few years. Several key factors drive optimal results from cloud-platform investments.

  • In order to take advantage of the benefits of mobile tools and technologies, organizations must leverage a hybrid platform approach. One of the most effective ways to put clouds to work in a mobile environment is through a platform-as-a-service (PaaS) model. It provides a pre-built infrastructure that can simplify provisioning, development tasks, and more. It also reduces or eliminates patching, upgrades, and an array of administrative and technical tasks.
  • Customers must be served in real time, and mobile systems must connect with on-premises systems. Mobility demands a different mindset and approach. Customer, employee, and partner expectations demand solutions that stream data on demand. It is critical to connect databases and enterprise applications with newer web and mobile tools—including marketing, human resources, and finance—and allow data to flow in every direction. Cloud platforms remove infrastructure tiers and obstacles that complicate this task.
  • Online and offline support is critical. Because users aren’t always connected and groups may use the same applications and databases, it is critical to design systems so that they are able to sync data effectively. Clouds remove many of the obstacles and constraints associated with conventional databases stored on servers. They create a distributed computing model that fits the collaborative environment.
  • Silos and departmental boundaries must be breached. Any cloud initiative requires cooperation and collective planning. Clouds increasingly drive niche business tasks within different departments. However, the value of data is magnified when enterprises can connect systems and clouds to create a more holistic and integrated approach.
  • There is a need for end-to-end visibility and lifecycle management. An enterprise must have visibility across clouds and micro-clouds in order to understand data movement and workflows. It is critical to understand the value of data throughout its lifecycle in order to build the right systems and security.
  • Analytics and reporting are at the core of an effective mobile cloud. It is necessary to track usage by mobile device, application, versions, content, and consistency in meeting performance needs. In addition, there is a need to track requests, and understand performance and response times in order to tune performance and eliminate bottlenecks. Finally, there is a need for end-to-end traceability to troubleshoot problems.
  • Organizations require robust security. Authentication, firewalls, VPNs, data encryption, mobile device management (MDM), data leak prevention (DLP), and other systems are vital. What’s more, an enterprise must connect to multivendor on-premise systems and external cloud services without any gaps or breakdowns. Clouds require a data-centric view of security.
  • Talent is a key factor for success. Organizations must find new talent or retrain existing talent to put a cloud platform to work. The task of building new systems requires fundamentally different thinking and approaches than traditional IT models. It also demands different skills and an outlook that is focused on rapid deployment and managing highly flexible and modular technology components.

In early 2013, Oxford Economics conducted a survey of 200 senior executives across 11 countries about the cloud’s function in their businesses. The resulting papers explore key findings and their implications as they relate to cloud adoption, security, mobility, and integration.

Paper 1: Unlocking the Cloud

The mainstreaming of cloud technology in enterprise IT has changed the business landscape, creating new opportunities across a wide range of business functions. Executives expect to see cloud usage accelerate in the coming years and significant benefits from its adoption.

Of course, cloud computing is not without its challenges. Among the top issues executives face are ensuring consistent security, complying with data and privacy regulations, and migrating critical systems to the cloud. Despite complications, many businesses have set themselves apart as cloud leaders by taking a holistic approach to this transformation. This starts with embracing the opportunities afforded by cloud networking, engaging in substantial planning, and acknowledging the changes required in the IT department.

Paper 2: Unleashing the Cloud

Cloud-supported mobility has changed the way companies connect with employees, customers, and business partners. The direct result of mobile’s rapid growth is the need for applications that effectively manage real-time data and tasks.

Our survey revealed that companies are in agreement that mobile cloud strategy is critical—only 11% of respondents say it is a minor focus—but business leaders have taken various approaches  to implementing new plans.

The benefits of mobility are apparent in interactions with employees, partners, and customers alike. While BYOD policies and cloud-based applications make it easier for employees to work, B2B and B2C functions see improvements from real-time support, sales, and service.

Paper 3: Protecting the Cloud

As more and more functions move into the cloud, companies are taking steps to secure their data. Integration and coordination across networks and service providers as well as breaches due to worker error or unanticipated breakdowns in processes and workflows present major threats.

Organizations that adopt a comprehensive approach to security are best equipped to deal with these risks. This approach should start with a map of the company’s processes and workflows; an understanding of potential vulnerabilities will help assemble security systems that are tailored to company data and processes. Of course, security policies must be regularly updated and remain flexible to keep up with changing threats.

Paper 4: Connecting the Cloud

The next and most important step of cloud adoption is integration. Business leaders expect many benefits from integrated business networks. Ninety-two percent of our survey respondents expect improvements in speed and efficiency of processes via cloud networks and are already seeing some of the benefits.

Integration strategies vary among companies—top methods include purchasing integration tools (58%), creating dedicated teams to focus on integration (55%), and engaging integration service providers (52%).

Though strategies vary among respondents, networking leaders share several good habits: They focus on building vendor networks, centralizing controls and end-to-end visibility, and building pools of IT talent. Those who achieve integrated cloud networks will have more flexible, agile, and cost-effective IT departments, which will result in unprecedented business and IT gains.


Switching magically between worlds

Have you ever read a book that takes place in more than one universe or watched a movie in which characters travel between past, present, and future?  Think of Harry Potter approaching the Hogwarts Express via London King’s Cross train station to get over to the world of wizards, or Connor McLeod traveling through the centuries and fighting back the baddies in seamless cuts between the Highlands and New York.

The seamless flow from one scene to the next and the logic of the mechanisms that transport characters between worlds is a fundamental success factor for these kinds of books and movies. If the characters’ travel didn’t make sense, we would be lost and uninterested. We are drawn into stories when the transition logic works well and gates to the future or past are built into the real world with everyday objects.

This analogy often comes to mind when I talk to customers about the cloud. Just as we expect creative and smooth transitions in books and movies, cloud users expect a seamless flow between cloud applications and on-premise or third party cloud–but it’s hard to achieve.

Together, integration & interoperability are the #2  cloud-related pain point (following security), as stated in many research articles like this one recently published in Forbes about .

Integration & interoperability are valid concerns, as cloud vendors often are only able to offer limited:

  1. Experience. We are running the first three miles of a marathon in cloud computing, so there are not many companies in the market who can show successful integration projects on large scale yet.
  2. Business understanding. The early cloud entrepreneurs have been and are still pure cloud vendors. They reflect neither the customer´s on-premise history nor the need to safeguard existing investments–consequently, they prefer a “rip and replace” strategy over integration.
  3. A single hand to shake. Very few vendors deliver cloud (SaaS) solutions + integration tools + integration content + extensibility platform (PaaS) as a unified solution. (SAP is an exception.)

Why integration & interoperability matter

Companies need to avoid information islands and fragmented processes in cloud solutions. Losing enterprise context while moving into the cloud is not an option. Integration across solution boundaries is necessary to prevent application silos. It requires a strategy that encompasses cloud as well as other on-premise solutions. Business users and cloud vendors are acknowledging and responding to this need–a recent survey from shows that 67% of CIOs using cloud applications have already adopted some hybrid tools integrating cloud and on-premise solutions.

Integration is necessary to both business users and IT.

  • Business Users Perspective

Interoperability and integration offer a single source of truth and accurate data; business users can rely on what they see and spend meetings talking about facts and real-time measurements instead of about doubts about data reliability. Faster insights and better decision-making capabilities are what businesses want and need to achieve.

  • IT perspective

A large enterprise runs, on average, between 1,000 and 2,000 applications. Some of the applications will go into the cloud, some are already there, and some may never be migrated. Enterprises adopt SaaS today primarily for commoditized processes such as CRM (Lead2Opportunity, but not Opportunity2Cash), procurement, and HCM (full HCM suite). Companies do not differentiate these processes from their competition and see a value in standardization and best practice sharing. But IT needs to manage governance and control for all of these processes regarding:

    • Data security, privacy,  and compliance
    • Support of complex landscapes
    • Control of data flows
    • Processes working end-to-end
    • Choice of integration technology
    • End-to-end  monitoring and support

What does it require to interoperate cloud solutions?

It is important to separate cloud on-boarding from interoperability.

  • Cloud on-boarding: One-time initial data load from existing systems to the cloud solution
  • Cloud Interoperability: follows on-boarding with continuous upkeep to ensure data is sincrenated and processes are integrated.

Interoperability is clearly superior to the traditional “rip-and-replace” or “stitch-together-with-other-middle ware” approach that many pure cloud vendors take to cloud solutions.

What you should look for in a cloud vendor

  • Point-to-point integration for simpler and highly standardized integration scenarios
  • Integration services that connect systems with pre-packaged integration content in a pure cloud deployment
  • Option to leverage existing infrastructure: On-premise technology and data services with pre-packaged integration content for OnPremise2Cloud via pre-packaged and rapid-deployment solutions
  • Open for re-use of third-party integration providers via a partnership for specific integration scenarios
  • Option to use further third-party integration platforms using our open certification program

Is your cloud vendor considering all of the above? No? Then run away, fast.

Customer Examples…

SAP cloud for customer – A large industrial manufacturer with multiple subsidiaries on different SAP ERP clients needed third-party ERP installations integrated into the flow. The main challenge has been the very tight time frame to achieve a rapid implementation with a small team to integrate accounts, materials, sales quotes, and sales orders.

SAP Cloud for people – A large manufacturing company with SAP ERP, multiple legacy HR, and financial applications worldwide. The goal was a migration from the existing legacy HR system.

    • 120+ third-party interfaces – Integration of third-party cloud solutions
      to SAP Employee Central (EC) and EC Payroll
    • 100% of SAP-to-SAP integration and 30% of total number of required integration covered by prepackaged integration (iFlows)

We learned many lessons with each customer, but the most important has been this co-innovation approach. This is why some SAP cloud releases are up to 80% based on customer feedback: we learn together, and we learn fast.

The SAP cloud portfolio has been designed to serve the hybrid cloud reality. We bring SaaS, integration tools, and integration content together to ensure interoperability for our customers.  At the same time, it delivers on line-of-business AND IT expectations to make them operate together in the cloud.

Focus on interoperability and your business will meet its goals. For further information, download our .

In the closing scene of Highlander, Queen’s “A kind of magic” plays. Cloud integartion and interoperability may sound like magic, but it´s simply the result of four decades of co-innovation between SAP and its leading enterprise business software customers.

Let me know what you think and follow me on Twitter to stay on top of the latest and greatest about cloud computing,

Regards @SDenecken


Read other relevant blogs:



- Cloud Extension program

Notes: Original blog appeared on SAP SCN community.

At SAPPHIRE NOW I had the pleasure to participate in a podium discussion with my colleague (member of SAP´s management board) on the topic of clouds, particularly about the differences between public and private cloud. Our experiences co-innovating with customers and partners came out in the discussion.

There are many definitions of public and private clouds, and I think a little simplification is in order for the purpose of this blog. (This is where some of the cloud purists will jump up and down).

1. Private cloud – hosted solutions, often managed by a partner or vendor

2. Public cloud – multi-tenant solutions, managed by the vendor

We know that the move for our customers to the cloud must be a thoughtful evolution. Our strategy centers on leveraging the right mix of cloud, hosted, and on-premise technology. Customers have very specific challenges they are looking to solve and very specific investments they want to leverage. Their starting point on this journey will help define the mix that is right for them.

(predominant deployment models)

But now, lets focus on cloud.