The National Small Business association published a report, the “2013 Small Business Technology Survey”. While it contains interesting information, one particular quote stood-out for me.
“Not surprising, there was a huge jump in small firms utilizing cloud computing. In 2010, it was just five percent—today, 43 percent are on the cloud.”
Shifting from 5% to 43% of the organizations reporting use of cloud is an incredible jump in a mere three years. That SMB’s are embracing cloud technologies isn’t surprising. With 44% of the same organizations reporting that cost of needed upgrades is a big challenge (the most common, with security being a close second at 42%), the cost model of cloud must be quite compelling.
Considering the report notes 72% of businesses sell online, maintaining a presence is obviously important. However, acquiring the technology and expertise to facilitate that is a burden. Sixty-six percent of respondents report that they outsource the work, which is yet another cost. On the other hand, a whopping 64% report that the time needed to update their website is the biggest headache, while only 26% cite cost as the biggest challenge.
From these numbers, we can conclude that having a web site, and selling something with it, is important enough that it is worth the cost, but the opportunity cost (time spent dealing with a website instead of working on the core business) is high. These aren’t surprising statistics; it’s safe to assume that the majority of small businesses aren’t in the business of IT.
In my experience, even Enterprise or very large technology companies avoid the opportunity cost of building and maintaining in-house IT. For example, large and small software-as-a-service companies that I’ve worked with increasingly prefer to use infrastructure-as-a-servers or platform-as-a-service. Though they are in the business of building software, they are not in the business of building and hosting servers.
To put it all together, moving from the capital costs (and maintenance costs) of owning technology to a service-based model (cloud), makes sense.
However, I can’t help but to wonder how much of the 38% increase in (SMB) businesses reporting use of cloud is real versus increasing awareness.
For example, in 2010, an enterprise may have reported no cloud use. Meanwhile, as IT companies have come to embrace cloud, cloud seems to be everywhere. Just walking the floor of major technology conferences illustrates this quite clearly (counting the booths that do not have “cloud” printed on them is easier than counting the ones that do). Obviously, marketing teams everywhere have picked-up on the phrase, and are running with it.
Another aspect of increased awareness was described in another post, by George V. Hulme. He talks about a CIO who was convinced his organization was not using cloud. As George put it, “It turns out that the CIO was practicing really wishful thinking. The monitoring tool found Dropbox – unsanctioned and in use. There was Evernote syncing employee note taking out to the cloud. Also unsanctioned. And there were these mysterious AWS services running that needed to be investigated. And the list went on.”
I’m a good example myself. Years ago, I would use webmail as a sort of file storage, emailing myself attachments so that I could access them from anywhere there was an Internet connection. In those days, had I been asked if I used cloud services, my response would have been along the lines of, “What’s a cloud service?” Fast forward a decade, and even the least tech-savvy members of my family understand that they use this mysterious “cloud stuff”.
With these rapid changes does come some confusion about security, especially in infrastructure- and platform-as-a-service scenarios. Providers who are building software-as-a-service are wise to include security in their offering. Where the provider needs to scale-up and scale-down with demand, a security solution that follows these peaks-and-valleys in demand is needed. Such was the case for focusIT (find the case study here). For other organizations, the challenge is managing security across multiple platforms; they don’t want to run a different console for each new technology platform that they embrace. Solving that problem led Gerawan Farms to Bitdefender (find the case study here).
My conclusion is that while SMB’s surely are embracing cloud, and perhaps even outpacing larger enterprises in adoption rates, the tremendous jump in reporting of cloud usage also has an element of awareness driving it, fueled by education, marketing, and undeniable benefits. In adopting cloud, all organizations need to understand the security implications, and have a variety of options about how to secure cloud systems while also addressing traditional systems (virtualized, classic physical such as laptops, and mobile devices).