Even among IT professionals, impressions of public clouds range from enthusiasm to caution. Based on the experience of Nomura Research Institute (NRI) in helping companies use public clouds, I would like to discuss how companies should approach them.

Three benefits and risks of using public clouds

As repeated time and again, there are three typical benefits of public cloud use. The first is economic rationality. It eliminates the need for the waiting period from ordering to delivery of hardware and software, and enables their use at a limited cost and time period when needed. The benefits are particularly remarkable in the case of short-term use. However, it should be noted that some people point out the disadvantage of increased costs under certain conditions in the case of long-term use.
The second benefit is the wealth of features provided. Being able to use the desired features without having to procure hardware or software on one’s own makes it highly attractive. For example, if targeted advertising is provided, regardless of whether it has a specific use at that particular time, it is useful to describe the future outlook.
The third is the cross-bordering of the IT environment. Companies that operate globally do not have to develop individual IT environments for each country or region. The public cloud offers the same environment in each region.

Next, I would like to again acknowledge the risks of public cloud use. Similar to the benefits, only the representative ones are listed.
The first is the risk involved as an information storage location. As exemplified by the European Union's GDPR (General Data Protection Regulations: EU), which came into force on May 25, 2018, regulations (including sanctions) on the leakage of sensitive information are becoming stronger. In theory, the risk of information leakage is not considered to be dependent on the storage location, but as obvious from the various losses incurred by companies due to leaks and the difficulty of recovering from them, there is a strong desire to be more circumspect about the storage location.
The second is the risk of unexpected effects associated with bug fixes in the public cloud. Bugs in the hardware or software of the public cloud environment are fixed by the cloud business operators at their convenience. However, this may cause malfunction or suspension of service of the user company’s applications. If a company attempts to satisfy the required operating conditions in order to avoid such a situation, it will significantly impact the cost.
The third is the cost and asset management risk for the company’s IT as a whole. Unlike traditional hardware and software investments and amortizations, public cloud use is treated as a cost. As the proportion of this mix increases, it becomes more difficult to understand the overall picture of the company’s IT (especially cost), and the burden on the management increases.

The key to using public cloud businesses is to balance benefits and risks.

Despite this, public clouds are a natural choice for the geographical expansion of businesses and for faster acquisition of business opportunities.
When looking at the merits and risks, it seems reasonable to think that although entirely adopting a public cloud is difficult, there are also risks involved in not using it at all.

Having understood these benefits and risks, what then is necessary to actually use the public cloud? I would like to propose two points.
The first is to accept that the management load will increase. Many companies already have existing IT assets, and making them coexist with new assets on the public cloud increases the overall complexity of IT and requires the number of management personnel to be increased. For this, they will need new personnel with the ability to grasp the ever-increasing functions offered by the public cloud.
The other is to identify the types of advice and support required by the user companies in relation to the life cycle of public cloud use, from consideration of use in the company to the decision of start of use and after. In particular, it is necessary for the IT department to define the scope of the roles among the public cloud utilization departments.

NRI is helping companies that already use public clouds. Going forward, we will continue to strive to provide services to companies, including acting as a bridge between multiple public cloud businesses and users, while taking into account the various organizations and their positions in the company.