Same word, different world: cloud in context

Posted on By Mark Wilson

Almost 15 years ago, the US National Institute of Standards and Technology (NIST) published its definition of cloud computing. It outlined the essential characteristics of cloud, the service models (Infrastructure as a Service, Platform as a Service, and Software as a Service), and the deployment models – public, private, and hybrid. For a while, it felt like the industry had a common understanding of what cloud meant.

Cloud, in this context, is a concept – a way of thinking about how IT services are delivered. We might implement it in different ways, but we’re broadly talking about on-demand computing resources, elastic scalability, and usage-based metering. At least, that was the theory.

Same trend, different lens

Lately, I’ve seen conversations where different groups of technology experts view cloud through very different lenses. One group talks about organisations repatriating workloads from the cloud, while another highlights how they’re helping businesses modernise to the cloud. Both are right – they’re just looking at the same thing from opposite ends.

One sees rising cloud costs and workload suitability questions. The other sees the opportunity to modernise legacy applications and deliver value faster. Neither is wrong. But without that shared context, the conversation quickly becomes disjointed.

It’s perfectly possible – and entirely logical – for a majority of organisations to be moving one or more workloads away from the cloud (e.g. IaaS workloads that are poorly suited, or were not transformed), while at the same time many others are embracing SaaS to modernise their business applications.

Security still matters – even in SaaS

In another recent discussion, a speaker gave a solid presentation on cloud security challenges – configuration management, data protection, identity controls, and the like. Then came a question from the audience: “But what about us in the world of SaaS?”

It was a fair point. But again, it revealed the disconnect. Security considerations don’t go away with SaaS – they just shift. You might not patch servers anymore, but you still need to manage identities, access, and data sharing.

Microsoft explained the shared responsibility model back in 2018. They made it clear that while your provider handles infrastructure and platform security, you’re still on the hook for things like information protection and user behaviour.

Stop the tribalism

This is where it all starts to fall apart. “Cloud” has become such a broad umbrella that it hides the diversity underneath. Infrastructure-, platform-, software as a service – they’re all cloud, but they’re not the same. It’s almost as though we need to begin every meeting with a clarification: which cloud are we talking about?

We need to move past this tribalism. It’s unhelpful, and often gets in the way of progress. When we default to our own perspective – infrastructure vs. applications, on-prem vs. SaaS – we risk talking past each other.

Speak the same language

As technologists, we have a responsibility to be clear. If we’re talking about cloud, let’s define the scope. If we’re making assumptions, let’s surface them. Whether your focus is on platforms, apps, infrastructure or security, the goal is the same: to deliver value through technology.

So next time someone starts a sentence with “cloud is…”, pause. Ask them which bit they mean. It might just save everyone a lot of confusion.

Featured image: created by ChatGPT

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.