Cloud Computing — First Steps in the Czech Republic

The Czech Republic has been talking about cloud for three years now. At conferences it’s the number one topic, vendors are pushing it from every direction. But how many Czech companies are actually using cloud for critical systems? We looked at the reality behind the marketing slogans.

Where We Stand in 2012¶

According to a survey by the Czech Association of IT Managers (ČAMIT) from late 2011, about 15 percent of mid-sized and large Czech companies use some form of cloud service. But be careful — most of the time it’s SaaS (email, CRM like Salesforce, Google Apps). IaaS and PaaS in production deployments can be found in single-digit percentages.

Amazon Web Services has been running since 2006, but they launched the European region (Ireland) only in 2007. Microsoft Azure reached GA in February 2010. Google App Engine exists but is limited to Python and Java. Czech hosting companies are starting to offer “cloud” services, but mostly these are just rebranded VPS hosting.

Main Barriers to Adoption¶

1. Where Is My Data?¶

This is the number one question at every board meeting. The Czech Personal Data Protection Act (101/2000 Coll.) and European Directive 95/46/EC impose restrictions on transferring data outside the EU. The AWS region in Ireland is in the EU, so legally it’s fine — but try explaining that to a bank’s compliance department.

For regulated industries (finance, healthcare, public administration), public cloud is practically a no-go in 2012. The Czech National Bank has no clear position, and ÚOOÚ (the Office for Personal Data Protection) has issued only general recommendations. Companies are scared — and it’s understandable.

2. Vendor Lock-in¶

Every cloud provider has its own API, its own services, its own way of doing things. An application written for AWS doesn’t transfer to Azure without significant rewriting. And what if the provider raises prices? What if they go bankrupt? For enterprise customers accustomed to long-term contracts with IBM or HP, this is uncomfortable uncertainty.

3. Connectivity¶

Czech internet infrastructure is in good shape compared to neighboring countries, but latency to the Irish AWS region is 30–50 ms. For interactive applications this can be noticeable. And if your internet goes down, your entire system goes with it — unlike an on-premise server in the basement.

What Works: Private Cloud¶

The compromise we see at most of our clients is a private cloud. Virtualized infrastructure (VMware, Hyper-V) in their own data center or at a Czech hosting provider, with a self-service portal and automated provisioning.

It’s not a “true” cloud by NIST definition (on-demand, measured service, rapid elasticity), but it brings most of the benefits: server consolidation, faster provisioning, better hardware utilization. And data stays in the Czech Republic, under their control.

Technically, we most often encounter VMware vCloud Director for orchestration and OpenStack as an open-source alternative. OpenStack is still immature for enterprise (commercial support in the Czech Republic is lacking), but we’re watching it closely.

SaaS: The Quiet Winner¶

While IaaS is debated at the CIO level, SaaS spreads from the bottom up. The sales department picks up Salesforce, marketing tries Marketo, HR deploys SuccessFactors. IT finds out about it when the invoice arrives — or when someone needs integration with the internal ERP.

This “shadow IT” phenomenon is increasingly common in 2012 and poses a challenge for IT departments. The answer shouldn’t be a ban, but a clear cloud strategy with rules for selecting and integrating SaaS services.

Our Approach: Hybrid¶

For our clients we recommend a hybrid strategy. Critical systems (core banking, ERP, personal data) stay on-premise or in the private cloud. Less sensitive workloads (dev/test environments, web presence, analytics) are moved to the public cloud.

The key is having a clear data and workload classification. Not everything belongs in the cloud, and not everything must stay in the server room. The right answer depends on regulation, data sensitivity, latency, and economics.

• Dev/test environments: ideal candidate for public cloud (AWS, Azure) — elasticity, pay-per-use
• Web and marketing: CDN + cloud hosting, no sensitive data
• Core business systems: private cloud or on-premise, VPN connectivity
• Disaster recovery: cloud as a secondary site — cheaper than a second data center

What Comes Next¶

Microsoft has announced plans to expand Azure data centers in Europe. AWS is adding services every month. Prices are falling. Regulators are starting to issue more concrete guidelines. In two or three years the situation will be dramatically different.

Companies that invest today in cloud-ready architecture (SOA, API-first design, service containerization) will be prepared. Those waiting for “certainty” will be playing catch-up.

Summary¶

Cloud computing in the Czech Republic is in an early stage of adoption. The biggest barriers are regulatory uncertainty and data security concerns. Private cloud and a hybrid model are the pragmatic way forward. The important thing is to start — perhaps with a dev/test environment — and build the competencies for the future.