Why it pays CEOs to pay attention to the cloud

Cut through the hype and in plain business language see what the cloud is, and why CEOs, CFOs and COOs should pay attention to it when deciding on major enterprise software purchases like ERP.

Diagram explaining what the cloud really is

A little history to put the cloud in context: Originally a cloud represented computers connected with 3rd party data links. A company specified the link speed, but had no idea or control over how that link operated. Today the cloud idiom has been extended to represent 3rd party computing software and resources accessed via the internet. A buyer specifies the desired software, but has no idea or control over how that software is provided or managed.

Companies like Google, Facebook etc. pioneered new techniques for designing and managing large scale software applications, and these techniques are now incorporated in enterprise cloud applications. This article explains why, when purchasing enterprise applications like ERP, CRM, HRIS, and so on, cloud software makes the most business sense in terms of reducing risks and maximizing ROI. It also explains how to avoid being duped into buying legacy products being sold as cloud software.

Security risks

Security is possibly the most important reason for using cloud applications in the enterprise. If your senior IT people are telling you that software is safer in your data center, they suffer from a form of cognitive bias known as the Dunning-Kruger effect. This is the illusion of superiority that comes from people unable to recognize their lack of ability. Companies like Anthem, Experian, T-Mobile, Equifax, Under Armour, Dun & Bradstreet, Ebay, Home Depot, Capital One, Target, and others all thought they had superior security in their data centers, but hackers proved them wrong! If companies as large as these could not manage their security, how could your IT department do a better job?

In reality, cloud software supplied as a service has far lower security risks than software operating in your own data center. Cloud companies have entire teams dedicated to security and amortize this cost across thousands of customers. There is no possibility that individual organizations can match this level of security spend, which means software in your data center is an added risk.

Data breaches

According to IBM the average total cost so far of a data breach in 2019 has been $3.92 million. The problem is bad, and only getting worse. The security breaches  you do hear about (see the list of 2019 breaches from IdentityForce) are like the tip of the iceberg. To avoid adverse publicity companies say as little as possible about their security breaches which is why you don't hear about many of them.


Data breaches are one risk; ransomware is another. Ransomware is where criminals encrypt your data and demand a ransom before decrypting it. Attacks usually start with an employee unwittingly downloading the attacker’s software. One morning employees arrive at work to find all their files encrypted and a note demanding payment of a ransom to recover those files.

A huge advantage of cloud software is that customers have access only to the application, and do not have the lower level access needed for criminal activity. Ransomware can’t touch cloud applications. Even if all the local computers get infected, the ransomware can’t reach anything in the cloud. Criminals can’t piggyback on users to do their damage and encrypt the system. Theoretically they could attack the cloud vendor, but criminals look for much easier targets than cloud vendors with good security.

Recently we heard via our network of a Californian company with $250 million revenue and 400 employees that was a victim of a ransomware attack. When it came to IT, they were unsophisticated and had not kept their security current. In the attack they lost 2 weeks of business and were forced to pay a $500k ransom. Like most others, this story never made it into the press because the company wanted it hushed up. Had their core software been in the cloud this attack would have been defeated.

What architected for the cloud means and why it matters

Software designed for the cloud builds on all the benefits of software designed for the data center, and adds further benefits that only accrue if the software was specifically designed to run in the cloud. Such software is sometimes called cloud native software.

Maximize up-time

Every time their systems go down it costs a company money. When monolithic systems designed for the data center crash, the entire system is unavailable while being restarted. Cloud native software uses “microservices” running in “containers” which restart automatically on failure. These restarts are fast enough not to be noticed by users, and do not contribute to downtime.

Maintain responsiveness

If workloads peak due to month end or annual holidays, software in the data center must have the hardware resources to cope with the load. Cloud applications are elastic, automatically scaling up or down on demand. There is no need to tie up capital in servers that handle occasional load peaks, but sit idle the rest of the time.

Avoid application upgrades

Software publishers who sell applications designed for the data center like ERP tend to release major upgrades about every 3 years. Implementing these upgrades is expensive, time consuming and they always have the potential of disrupting the business. Many companies avoid these upgrades as long as possible, and this can cause problems when they are later forced to upgrade and must do two or three upgrades at once. Some companies never upgrade, and run software that was released over 10 years ago and is no longer supported, and that has its own problems like security holes, obsolete hardware etc.

Cloud applications avoid this problem because they are continuously upgraded by the vendor, and not by you. You are automatically on the latest release, complete with security patches. And you have eliminated the expense and distraction of those upgrades that can take over a year to complete.

Other advantages of the cloud

No custom code

When implementing applications like ERP there is always the temptation to customize the software to match your business processes. While most cloud products allow small fragments of code to be used in certain circumstances, cloud vendors never allow you to modify the application source code. Since you can’t customize cloud software, you avoid falling into the trap where those customizations cause the cost and risk of upgrading to the next version to go through the roof.

A member of the Wayferry team worked for a company with over 100 thousand employees around the world. They implemented Oracle financials, and to avoid retraining employees they spent several million dollars to customize it to look like their old software. Some years later they wanted to upgrade to the latest version of Oracle financials, but those customizations caused too many problems. The company ended up spending even more than the customizations originally cost to remove them so they could perform the upgrade.

Outsource non value-add IT work

When software runs in your data center, your IT must manage the servers, storage, security, etc. They need to perform backups and regularly test those backups. They may need to manage load balancing and hot fail-over, and develop and test a disaster recovery plan. While this “keeping the lights on” type of work is very necessary, there is no value in keeping that work in-house. Cloud vendors automate this work, freeing your IT to be transformed into a team aligned with business priorities. They spend their time working with the business to deliver value and IT changes from being a cost center to a profit center.

Disaster recovery

Since cloud software is offsite, in the event of a disaster like a major fire, a company can continue working even if employees have to work from home. That can mean the difference between a company surviving the disaster or not.

Maximizing ROI

Capital is always valuable to a company. While software and servers for your data center are a capital expense, cloud software is effectively leased and is therefore an operational expense. Freed up capital can be used elsewhere in the business.

When you buy software for the data center you must also buy servers to support the maximum anticipated load. If the load increases faster than expected you may need to provision extra servers. If the load does not materialize you would have paid for server resources that are never used. Cloud applications are elastic, automatically scaling up and down to match loads and remain responsive.

Software in the data center usually costs around 23% annually for maintenance. In addition, there are hidden costs like the salaries of people who maintain your data center, the costs of running the data center like rent, electricity (which tends to be much more than people realize), the costs of major upgrades every 3 to 5 years, etc. Cloud software has lower up front costs, and higher recurring costs. After about 5 to 10 years the cost of cloud software may equal the cost of purchased software.

Red flags

Given that cloud is such a “hot” marketing term today, some vendors simply host their legacy software in a data center and call it cloud. However, when you purchase this software, you miss out on most of the benefits of cloud native products. You want to avoid situations where a vendor says their software is designed for the cloud, but underneath the hood it is monolithic legacy software designed to run in a data center. Below are some red flags that indicate a vendor is dressing up legacy software as a cloud native product.

  • When a vendor charges extra for things like hot fail-over, load balancing or backups, you can be sure the software in question is not designed for the cloud. Cloud native software has all of these automatically built in.

  • Cloud native software is designed to be multi-tenant. If a vendor says their software is better because it is dedicated to a single tenant, what they are really saying is that it was designed for the data center, and has not yet been transitioned to the cloud. (Note that some legacy software products support multiple tenants.)


This article was written to explain, from the perspective of CxOs, why purchasing cloud native applications makes the most sense in today’s business environment.

Note that your company should never build software to save money. Experience shows that such projects always have a large negative ROI. Your company should only be developing software if that software will provide you with a strategic advantage in the market. This article does not address anything to do with writing software for the cloud. Rather it focuses on reasons why you should select enterprise software applications that are designed for the cloud over those designed to run in the data center.

If there is a major software initiative on your horizon and you would like to discuss how applications like ERP might help you meet the strategic objectives of your business, click the [Contact Wayferry] button below. Our approach is one of educating companies to navigate the software selection process, and we will send you a copy of our book: Rethinking Enterprise Software Selection: Stop buying square pegs for round holes.