Our "inefficient" cloud

Our "inefficient" cloud

We work with the cloud systems of the big players on behalf of customers. But internally at HighPots, we use our own cloud, mainly based on open source. As a result, we are less efficient. Why do we do this?

Just to avoid misunderstandings: Yes, we are Amazon, Google, Microsoft partners and work daily for our customers on GCP, Azure or AWS platforms. Since March 2023, we are also a certified partner of Alibaba with its Aliyun Cloud and also develop software on Tencent/Tengxun's Weiyun Cloud. The majority of our enterprise customers are aware of the risks involved in signing contracts with global cloud providers. In most cases, our enterprise customers are financially, humanly and legally more potent than we are, so that a risk occurrence could possibly be better mitigated.?

For us as a medium-sized software services company with only about 150 employees, the risks are too high for us to use cloud systems from global providers. To highlight some important risks and expenses:

  • A later separation from the cloud provider would be very resource-intensive
  • Dependence on arbitrary licensing cost policies of cloud providers; even if there is competition among cloud providers, switching is not done lightly (see point 1).
  • Spying on innovations by the cloud providers
  • Unauthorized automated deletion of data by the cloud providers, e.g., in case the data is considered "dangerous," "obscene," or "radical" (last year we had problems with the data of an Islamic scholar as part of an AI ethics project)
  • The ever-changing business, purchasing, privacy and data security regulations of cloud providers requires constant legal monitoring and impact assessments. That's expensive and we don't want to afford that as a medium-sized company.
  • No possibilities for individualization of PaaS and SaaS platforms; the own company is too unimportant for the global cloud providers to make adjustments.
  • Country laws and ethics are subordinated to the imperialistic global growth drive of the cloud providers.
  • Our employees' IT infrastructure knowledge would be lost; global knowledge and standards defined in ISO standards would have to be subordinated to the proprietary environment.

Does this put us at HighPots and our customers at a disadvantage? Yes, we definitely do. In particular, the following disadvantages are worth highlighting:

  • We don't have the know-how to run our cloud platform as efficiently as the major global cloud providers. Not that misunderstandings arise: Failover, performance or DevOps are by no means worse with us than with the global players. But the big issue is: >>cost of computing power per square meter and kilowatt hour<<.?Although our servers are now very efficient and flexible, boards without cases with HotSwap expansion capabilities for RAM, CPU's and HDD's and a fine-tuned power computing architecture (which is always being improved in collaboration with large data center operator), we do not come close to the efficiency of the large cloud providers. Since the data center operator is increasingly relying on renewable energy, at least the issue of sustainability is no longer as relevant. But we still have the disadvantage both internally and vis-à-vis our customers in terms of the efficiency mentioned above. Thus, we cannot offer our cloud services at a comparable price/performance ratio, either internally or to customers.
  • Ready integration is the second disadvantage. Let's take Microsoft as an example. Integration of intelligent user and file management through Active Directory, SharePoint services, integration of MS Teams with MS Office, adding Microsoft PowerBI and Cognitive Services for intelligent data management, integration of ChatGPT with MS Office - Microsoft customers can have all this at the "push of a button". What's it like at HighPots? We have to develop first. Mostly interfaces. Because we have to connect the systems first. Let's take again the examples of file management, collaboration and video/audio/chat/screensharing, data management and AI. We use a version of Nextcloud groupware customized by us connected with the Active Directory equivalent from the company Univention and integrated Element client (Matrix server) as MS Teams replacement. For data management and visualization we use for example Grafana or ParaView, in the area of AI we first had to develop the API to ChatGPT and other AI's or ML components. As email/communication server we provide Kopano, the mail client is integrated in Nextcloud Groupware.
  • Colorful - our cloud front-ends are not as "colorful" as those of Microsoft, for example.

However, with all these disadvantages, there are also some advantages to be listed that go beyond the risks listed above regarding the use of cloud systems from global providers.

  1. Flexibility: If we need a new function internally or if a customer needs it, we can provide it cost-effectively. Whether this is a feature extension to an app or, for example, the integration of an AI-based assistance system (I use the buzzword term "AI" here for simplicity's sake). We have now developed AI-based systems for B2B and B2G industries. These do exactly one task; but they do that task very well, getting smarter every second with each new data set and increasing quality and/or efficiency. Sometimes we get customer requests about designing training models (e.g., optimizing patient flow in a hospital or automated impact assessments when introducing new global value-added processes) that we have already developed for other customers with similar problems. With little effort, we can customize these assistance systems and integrate them into the respective customer cloud instance. A community of thousands of developers are constantly developing the software (a general advantage of open source).
  2. Security: The software packages we use are not Swiss Army Knives. Typical of most open source products, an app can do exactly 1 task, - but it can do that task perfectly. Orchestrating and integrating these specific applications into a total solution creates SW products and services that are mostly more efficient than those of proprietary vendors.
  3. Costs: Software customizations are not only possible, but also cost-effective and can be implemented quickly. In addition, there are usually no licensing costs.
  4. Transparency: We and also our customers know exactly where the data is located. The data is not distributed worldwide in different data centers (e.g. in Russia or China).
  5. Data protection: we encrypt the data without a backdoor. Because as a European company we do not have to give the government or any other third party access to the data in case of "emergency" (see e.g. laws like "Safe Habor" or "Patriot Act").
  6. Long-term availability: the software is available for years to come and cannot be taken off the market by a vendor.
  7. Interoperability: our cloud promotes open standards and protocols that facilitate interoperability between different clouds, systems and applications. This allows users to seamlessly integrate different software components and benefit from a wider variety of options.
  8. Privacy: This point needs no further explanation

I deliberately made the article a bit black and white. I am aware that the docking of open source software is also possible in many cloud solutions from global providers. But even if the technical implementation of open source were to get better, the legal risks and drawbacks would remain, and the financial risks would follow.

Global cloud providers are convenient and easy to use, no question. But they are cheaper only at first glance.?

Greetings from the midmarket.


Microsoft: First the security leak was denied, then the reaction was delayed and the customers were informed too late, then it was played down and now the security leak turns out to be not only a "bug", but also a serious conceptual weakness. German press: https://www.heise.de/news/Neue-Erkenntnisse-Microsofts-Cloud-Luecken-viel-groesser-als-angenommen-9224640.html English press: https://www.wired.com/story/microsoft-cloud-attack-china-hackers/ #HighPots #opensourcesoftware #softwaredesign #softwarequality #softwaredevelopment

  • 该图片无替代文字
回复
David Gabel

Privacy & Information Security Consultant | GDPR Expert | AI-Governance & Cybersecurity Specialist | Entrepreneur

1 年

Although I don't agree on all points, I have never seen such a clear approach to that decision.

回复

要查看或添加评论,请登录

HighPots的更多文章

社区洞察

其他会员也浏览了