Amid the seemingly endless torrent of recent articles/blogs on the cloud, I'd been waiting for a Harvard Business Review perspective for some time. It finally arrived in the November, 2011 issue.

What Every CEO Needs to Know About The Cloud” was authored by Andrew McAfee from MIT's Center for Digital Business. Having reported on McAfee's science of business thinking previously, I expected the article to be thought provoking. I wasn't disappointed.

McAfee articulates the usual suspect categorizations of cloud usage models: raw computing infrastructure only – Infrastucture-as-a-Service (IAAS); computing platforms set up for software development – Platform-as-a-Service (PAAS); and platforms that host specific custom-built software applications ready for customer use – Software-as-a-Service (SAAS). The commonalities behind all three offerings include rent versus buy pricing, vendor responsibility for administration and support, and elasticity of available capacity to scale up to customer demand.

“With cloud computing, companies lease their digital assets, and employees don't know the location of the computers of the computers, data centers, applications and databases that they're using … Customers don't have to concern themselves with details; they just rent what they need from the cloud.”

The article's focuses are questions generally posed by executives: 1) What does the cloud mean for my IT department; 2) What are the risks/concerns of using the cloud; and 3) How should my company get started.

The benefits of cloud computing are many from McAfee's vantage point. Because enterprise IT spends just 11% of its budget on new applications, and much of that for strategic initiatives, little is left to support making employees productive and facilitating collaboration.  Global contractor Balfor Beatty and consultancy CSC turned to the cloud for easy access to company content and collaboration. CSC's 20-week experiment for 25,000 consultants registered to a cloud-based collaboration application persuaded the company to make the investment permanent. According to the CIO, the results were “stunning.”

Closer to BI home, the author cites data mining as a prototypical hosted cloud application. An analytics company's SAAS restaurant theft app is readily accessible to its customers through a Web browser with no additional infrastructure investment. Cloud benefits extend to developing applications as well, allowing programmers to focus on the final application, rather the maintenance of infrastructure.

OpenBI has deployed cloud-based solutions to its BI consulting services customers on several occasions. In each instance we used the cloud to develop and deploy BI apps quickly. Our customers could then start to use them immediately, postponing the ultimate decision to buy or lease supporting technology infrastructure. We also use the cloud to handle short-term big data and analytics initiatives. The ability to quickly and cost-effectively scale up infrastructure to meet those shorter-term work needs is a decisive benefit.

For all its perceived advantages, that cloud computing is projected by Gartner to represent less than 5% of worldwide IT spend in 2015 suggests there are skeptics. McAfee argues that a main factor militating against cloud adoption is the “legacy spaghetti” of hardware, operating systems, and applications that can't simply be transferred to the cloud. A second factor against is cost, though different “methodologies” come to disparate conclusions. For McAfee, the cost focus is misguided since, over time, the economics of running a technology infrastructure favor the cloud. He cites Amazon's repeated reductions in prices for AWS over the past few years as evidence.

As for reliability, McAfee argues that the failures are perhaps over-hyped: “Every outage by a prominent cloud vendor receives a great deal of attention, but overall cloud reliability records are admirable – and would be the envy of most on-premise operations.”

McAfee notes that security breach challenges surrounding the cloud are no different than those for internal networks. And cloud computing companies are better equipped to make the security investments “than all but the most security-conscious organizations.” Where the cloud has challenges is in controlling who in the organization gets to see what, where and when. Vendors interested in the large enterprise are working to incorporate administrative functionality into their products.

Finally, there are the regulatory barriers to the use of the cloud that must be addressed. Many vendors are working to assure customers, for example, that a specific body of data is stored in a single location only. For those companies looking to invest heavily in the cloud, it's comforting to know that the U.S. government announced a strategy in 2011 to invest 25% of all federal IT spending in the cloud.

McAfee's recommendations on how companies should get started seem sensible. First, they should understand the legal, regulation and compliance ramifications of cloud usage for their company. HIPPA constraints driving the health care informatics industry is an illustration. Second, companies should experiment with software-as-service to contrast SAAS “treatment” groups with business-as-usual controls. Third, with a bias for bold action, companies should use the cloud, either IAAS or PAAS,  for their next development project. And finally, companies should probe their enterprise software vendors on the availability of SAAS versions of their current on-premise applications, learning if, when and how such offerings will be introduced.

The author's final advice is really more an admonition to organizations that don't keep up with the cloud. “Cloud computing offers advantages in, at minimum, productivity, collaboration, analytics and application development. How valuable are these? It's hard to measure, but here's some food for thought: How would you feel if your main competitors started pulling away from you in those areas simply by changing the computing infrastructure?” Good question.