Cloud-based SharePoint – Risks & Rewards

I just checked out a whitepaper-style document promoting the cloud offerings of a company named SpringCM on the topic of Enterprise Content Management and it got my gears turning about about the the concept of ECM and SharePoint in particular in the cloud. While Office 365 is a viable option for some businesses, in particular up here in Canada it’s a no-go as a lot of governmental and business clients cannot due to legal or policy reasons host on servers that are physically in the US or other countries.

Those types of situations aside, cloud-based ECM seems like a great idea on the surface – an automagically maintained and scaled SharePoint (or SharePoint-style) farm, with no messy details about hardware and networks capacity planning, no depreciation tables, on and on. I got into the Windows Azure platform around this time last year and have seen it grow from a latecomer second to Amazons cloud offerings, to a mature platform which leverages the one great thing Microsoft succeeds with: 100% integration.

You can definitely stand up SQL Server images on Amazon EC2 super-quick but in the end the hardware patterns and practices that MS’s dedicated cloud MS SQL offering uses is going to nail it for performance and overall ROI. So to that end, one would a forward-looking SharePoint shop to be diving headfirst into the fluffy cloud. Not so fast- let’s look at some of the ideas presented in the linked whitepaper and see why the “traditional” method of deploying SharePoint 2010 within the clients existing or new IT infrastructure is still in most scenarios the winning one:

Criteria Conventional ECM (SharePoint) ECM as a cloud platform
Availability
(their take)
High availability requires the construction of redundant costly infrastructure. Economies of scale make redundancy cost-effective for cloud platform provider
Availability
(my take)
While hardware is costly, it is a fixed asset that can be re-allocated internally or sold eventually, when it becomes too obsolete for front-line service. Cloud and hosted solution providers have to deal with physical asset depreciation just as everyone else does,
they just often overcome the hit in part by locking clients into years-long hosting agreements which towards the end leaves the client stuck on outdated hardware.Cloud hosting is supposed to keep your enterprise virtual and less tied to specific nodes of the hosting infrastructure, however there will always be hardware-level tie-downs at some level – nothing is ever completely virtualized.
Extensibility
(their take)
Support for remote users, contractors and other third parties requires special efforts by IT department Any authorized user can access the service from anywhere, securely
Extensibility
(my take)
Remote support services like GoToManage are typically in the arsenal of an enterprise client already. HTTPS VPN access into SharePoint sounds like “secure service” from “anywhere” to me!  Heck, if there was a burning need for it you could do Forms Based authentication on SharePoint instance outside your DMZ too.
Security
(their take)
Protection of a highly diverse enterprise computing environment requires significant investments of time and effort Uniformity and economies of scale enable cloud platforms to maintain the highest security standards at less cost
Security
(my take)
The whole premise of SharePoint is that it is the opposite of highly diverse and all your sensitive assets go into it. It’s the opposite of the nuclear war strategy of spreading out your silos in obscure locations – in SharePoint’s case the monolithic security approach is its edge. I can’t see how economies of scale are relevant to security. Security is a fundamental independent of scale.  If what they are talking about is that it’s cheaper for physical firewalls etc. by grouping a bunch of clients into one datacenter, I’d ask what security risks actually arise from locking a bunch of independent companies systems in the same room together.
Performance
(their take)
IT has to keep monitoring multiple services, discover the root-causes of performance shortfalls, figure out how to fix them, and decide whether it’s worthwhile to buy more infrastructure Cloud platform uses a single set of services and can easily allocate more capacity to any customer who needs it
Performance
(my take)
itgrooveleverages the out-of-the box performance and scalability of SharePoint so that potential future performance bottlenecks are accounted for strategically, not tactically.Features like sandboxed solutions and site collection limits allow us to delegate long-term performance management to SharePoint power users and admins who can proactively manage potential performance hits directly through Central Administration. The basic concern I’d have about a cloud or hosted solution is that it’s a lot like your home ADSL or cable-based internet connection: you may be paying for 50mbps however your telco certainly isn’t planning for everyone on your block to use that pipe at 100% capacity, 24/7.The “economies of scale” work in reverse at the enterprise level when with cloud data centers leased data backbones – they get a reasonable rate for their data pipe based on the assumption that one or more of their clients will not be pegging the network infrastructure.If your enterprise company was to grow in a spurt it’d certainly be worth assessing the risk that the service at the other end of your external host’s pipe might decide  their own economies of scale don’t fit with your hosting provider any more.
Best Practices
(their take)
A software solution typically involve third parties. Software often lags current best practices by years due to the lag time in incorporating latest releases Best practices can evolve quickly and be shared immediately
Best Practices
(my take)
Microsoft offers Cumulative Updates and Service Packs for SharePointon a constant basis.While no SharePoint consultant would in good conscience recommend blindly auto-patching the latest updates without some research and evaluation first, they can conservatively fall back a couple update versions and still not be behind by “years”. Sometimes sharing isn’t caring: Best Practices should not be tagged as such simply based on speed of evolution, but instead should come from demonstrated stability and experience.
Speed
(their take)
Ongoing software upgrades, like the original software and supporting technology, can take months to install, configure, integrate, test, and roll out Immediate benefits
Speed
(my take)
It’s a good thing there are consultants who can make that part as painless as possible! Business is a marathon, not a race. I’d opt for the stability and industry depth of SharePoint over some immediate new bells and whistles any day.Being able to calculate ROI effectively is a challenge, and having your intranet application zoom over the heads of your business decision makers by running its own proprietary feature release schedule can make for some sloppy planning.

In conclusion, i’d like to disclaim that as a geek I am an early adopter by nature. The cloud is fun and exciting, and certainly let’s you focus on core business without a lot of the drudgery and expense of traditional sysadmin responsibilities, however there’s more to contemplate than just how much network latency you’re going to be getting by basing your companies ECM system over the public internet.  You know what they say about being bold and old- the cloud is definitely bold but definitely not old. Time will tell how these traits merge and whether players like SpringCM can succeed.

Microsoft’s Office 365 service offering for mid-to-enterprise sized business is likely going to be your best bet should you decide that the cloud is practical for your companies ECM needs.

Amazon, Enterprise Content Management, Microsoft Office 365, Microsoft SharePoint

Leave a Reply

Your email address will not be published. Required fields are marked *