HCP globally unsettled
There are two types of providers in the cloud business: the providers of ideas, concepts and visions, such as SAP; and the lesser-known, technical service providers responsible for the pipes and data centers.
Some work in the bright light on the show stage, others backstage - less glamorous, but very efficient. They need each other and usually harmonize very well.
German Telekom may be a hermaphrodite in this divided provider world of cloud computing. It owns the lines and global data centers, but also steps into the limelight itself.
At the same time, it is an important infrastructure service partner for Microsoft, so that customers can be sure that the data really stays in Germany or Europe.
Two years ago, SAP's Chief Technology Officer Bernd Leukert promised something similar in his opening speech at the DSAG annual congress: EU Access from SAP.
Not only from an emotional, but also from a legal point of view, it is very important for many European SAP legacy customers to have the assurance that their own data will remain in the country.
IT experts agree that this undertaking is relatively easy and safe to implement for simple cloud services that have the character of outsourcing.
But what happens in IoT scenarios when a global supply chain consists of billions of "networked things" and SAP's Hana Cloud Platform is used as the logical construct - Platform as a Service (PaaS)?
Gartner forecast: 8.4 billion "connected things" will be used in 2017 - a 31 percent increase over 2016.
Cloudflare as a solution
Big Data on the HCP is reality and also wanted by SAP.
SAP has chosen global company Cloudflare as the infrastructure-as-a-service provider for the HCP.
Cloudflare operates more than 100 data centers worldwide (see cover image) and offers numerous services: starting from the free Content Delivery Network for the http protocol to minimize website loading time to fail-safe IT infrastructures for business-critical applications.
Knowing its responsibility to its own existing customers, SAP must of course establish a robust global IT network for the Hana Cloud Platform.
But how does a global claim, as represented by SAP partner Cloudflare, reconcile with the local security needs of SAP's existing customers?
The Diplomatic Council, a global think tank that advises the United Nations, along with the National Information and Internet Security Initiative (NIFIS), has released a recent report on so-called "cloud sync & share services," Internet services that synchronize data across different devices.
Safety concerns
The Diplomatic Council found "serious differences in terms of data security and data protection" even though the scope of the services was almost the same.
The global think tank describes it as "remarkable" that "the two German-based services Telekom MagentaCloud and Strato HiDrive fail in practically all security-relevant fields".
The report literally states:
"Without end-to-end encryption, a zero-knowledge approach, hybrid data storage, audit trail space and 2-factor authentication, neither service can be certified as confidential and secure"
An audit trail space makes it possible to check at any time who had access to the data and when, and above all by whom the data was changed, moved or deleted, usually over a period of years.
However, what applies to simple business data is also the minimum requirement for IoT data and platforms such as SAP's HCP, where such data is collected, transported and processed worldwide.
If the functions demanded by the Diplomatic Council are missing and one is in a globally redundant data network such as that of SAP partner Cloudflare, then the concern of many existing SAP customers seems justified.
SAP's response to existing customers' concerns:
"EU Access from SAP.
The Walldorf-based company offers its customers the option of storing and processing personal data exclusively in the European Union (in the European Economic Area) and in Switzerland.
SAP's EU Access Service is available for on-premise systems and a growing number of cloud solutions (source: SAP Integrated Report 2015, Sustainability Components: Security and Data Protection).
However, this service offered by SAP Chief Technology Officer Bernd Leukert in 2015 at the DSAG Annual Congress will not be enough.
Thomas Lapp, Chairman of the Global Information Security Forum at the Diplomatic Council and Chairman of the National Information and Internet Security Initiative, states:
"It is to be hoped that the operators of all services will recognize the security deficiencies of their services as soon as possible and rectify them as quickly as possible. A high level of security is in everyone's interest."
There is a need for action in HCP and Cloudflare: Meanwhile, 75 percent of companies obtain services from their own cloud and as many as 79.6 percent obtain services from a provider cloud, as surveyed by Capgemini in the DACH region (IT-Trends 2017: www.de.capgemini.com/it-trends).
However, the high user rate should not hide the fact that the latter still only account for a small share of the overall performance.
This year, they are providing 10.2 percent of all IT services (previous year: 6.5 percent), while company-owned clouds have a share of 36.6 percent (previous year: 27.1 percent). Large corporations and SMEs in particular have greatly expanded their use of the cloud.
IT security and cloud computing are the most important topics for the digital economy in 2017, followed by the Internet of Things and Industry 4.0.
This is the result of the annual trend survey conducted by the digital association Bitkom. According to the survey, two out of three companies (67 percent) named IT security as one of the key technology and market trends of the year.
"IT security is becoming even more important because more and more critical systems such as vehicles, medical technology or machines are being digitally networked in the course of digitalization"
said Bitkom Chief Executive Bernhard Rohleder.
"At the same time, attacks by criminal hackers are becoming increasingly sophisticated. Companies often can no longer get by with normal security tools such as virus scanners or firewalls."
Cloud computing was named as an important topic by 60 percent of the companies surveyed.
"Cloud computing is the basis of digitization because it enables both more efficient business processes and the development of entirely new, digital business models"
agte Rohleder.
This year, the Internet of Things, i.e., the networking of devices and machines, made the leap into the top 3 with 55 percent (previous year: 5th place).
While televisions, audio equipment and cameras are increasingly being networked in the consumer sector, for example, machines, measuring devices and smart building technology are also being networked in the business sector.
The topic of "digital platforms" was included for the first time in Bitkom's selection of relevant high-tech topics and, with 32 percent of mentions, landed in sixth place right away behind Big Data (41 percent).
Thus, SAP has taken the right path with HCP and Cloudflare as IaaS. For many existing SAP customers, however, the question of security and transparency seems unanswered.
An E-3 survey of the SAP community found that Cloudflare as the basis for HCP is still a well-kept secret.
The question thus remains open: Where is the IoT HCP data stored? SAP does not want to answer this question for the time being.