Material flow control in the cloud: Safely in the cloud

More and more companies are outsourcing processes to the cloud. But is that safe? There are many concerns and at least some are justified. How the migration to cloud computing can be carried out without accidents.

The human sense of security is not always entirely rational. The rule of thumb often applies: I have control over what I can see. For a long time, this was also true for something as difficult to grasp as data and software.

At least felt like it was better when your own processes and databases were within sight in a data center and not in remote cloud centers from external providers.

In the meantime, however, most companies have changed their mind. 84 percent are already using cloud solutions, and a further 13 percent are planning to use them. For only three percent, cloud computing is not an issue at all. This is the result of Cloud Monitor 2022, a representative survey by Bitkom Research on behalf of KPMG AG Wirtschaftsprüfungsgesellschaft among 552 companies with 20 or more employees in Germany. By way of comparison, in the 2012 Cloud Monitor, just 37 percent of respondents said they were using cloud services.

In the past decade, there has therefore been an increasing shift away from on-premise solutions. Whether just the WMS system or even the ERP system, for many companies, all of this is no longer running via in-house servers, but via external providers. Their role will become increasingly important in the coming years, as cloud computing makes companies more flexible and saves the expensive maintenance of their own infrastructure. It is a huge leap that fundamentally changes the IT infrastructure of the local economy. However, it also raises a number of questions. Which aspects are relevant for intralogistics explains Dr. Wolf Siberski, Vice President Technology at SYNAOS, in an interview.

‍

Data under control

Because even though cloud computing is generally no less secure than the in-house data center, security measures are still needed; companies cannot simply file the issue of IT and cyber security. And this issue was already one where quite a few of them were obviously vulnerable. The large number of data leaks and hacker attacks in recent years makes this clear. So how can you work securely with the cloud?

Christian Banse can answer that. He heads the Service and Application Security department at the Fraunhofer Institute for Applied and Integrated Security (AISEC), based in Garching near Munich. Christian Banse emphasizes that when it comes to cloud computing, companies must not only rely on the security measures provided by the providers who provide the infrastructure. “They still have remaining responsibility,” explains Banse. For example, a company must, of course, clarify for itself who has access to the data and who receives which passwords. “Shared Responsibility” is the keyword here. “Many people flew on their noses at the start of the cloud wave,” recalls the expert. For example, because the default settings were very open for some providers, which is why some companies suddenly found their data online unless they had made the appropriate settings themselves.

‍

Legal hurdles

For the companies concerned, this is not just a simple nuisance. Depending on which data is involved, such inattention can be very expensive. Violations of data protection requirements are subject to severe penalties. According to Ruben Wolf, these requirements, in particular those of the General Data Protection Regulation (GDPR), are an important reason why many companies are still reluctant to use the cloud on a large scale. Wolf is also employed by the Fraunhofer Society, but not at AISEC, but at the Institute for Secure Information Technology (SIT). “As soon as companies want to store personal data in the cloud, the GDPR becomes an issue,” he says.

However, there is no generally valid solution for securely using cloud computing for companies. Depending on which processes and which data are handled there, the strategy must be set up completely differently. Christian Banse therefore recommends looking at as many options as possible before making a decision. “The selection outside Europe is usually larger, and the providers there often offer more from a single source,” he says. But there are often also suitable providers in Germany, especially for specialized processes. “These can often be a much more appropriate option, especially for companies,” says the expert.

A lot of homework for companies, but not something they should be afraid of, as Ruben Wolf says: “The cloud user must think about responsibilities, but it should also be clear to him that much more flexibility and scaling is possible with the cloud and that switching to a professional cloud can mean an improvement in IT security, especially for small companies. ”

Because small and medium-sized companies in particular can barely manage the level of security measures that cloud providers have in their portfolio on their own. Put simply, the risk of being hacked or stolen could even decrease, especially for companies of this size, by moving into the cloud. In addition, IT is better able to keep up with potential expansions on a cloud basis. When companies use new locations or warehouses, on-premise solutions require them to laboriously build new data centers. In the cloud, they simply add this data center virtually. Another aspect that makes the cloud attractive for companies is the price. Although this may seem counterintuitive at first, such solutions usually cost many times more than the on-premise version. But in the long term, this increased initial investment usually pays off, as many running costs are eliminated. Corrections and upgrades for software, for example, no longer have to be purchased. The company also no longer has to purchase lengthy and expensive updates for hardware, networks and databases itself. This also eliminates some tasks for employees of the company's own IT department.

Digital expertise

According to the experts, however, companies that rely on a cloud provider cannot avoid a well-equipped IT team. “I can't suddenly abolish the IT department because I'm now using the cloud,” says Banse. The staff is still needed, but they must be retrained. “The cloud is a completely different world than the data center on company premises,” he says. Such retraining can of course take time, at the latest when more critical processes are moved to the cloud, but it pays off. Because when troubleshooting needs to be done quickly, it's helpful to employ in-house employees who can help quickly.

Christian Banse does not yet see death coming for on-premise solutions even for such reasons. Some applications will also have to run locally in the future. “Look at a hospital whose computer tomograph has operating software,” he says. This must run, and with as little delay as possible. In such or similar cases, so-called edge computing, i.e. decentralized data processing outside central nodes — i.e. data centers — can help. This can be a relevant aspect, especially for companies that want to use the Internet of Things (IoT) for themselves. This is because with such IoT processes, the amount of data to be processed increases exponentially. At the same time, networked machines must often react quickly to new inputs, meaning delays should be as low as possible.

When data processing is closer to data creation, it helps to ensure a smooth process. “There is no contradiction here,” explains Banse: “Instead, it's a clever combination of both models.” Experts talk about the edge-to-cloud continuum. And this is how many companies will combine the best of both worlds in the future.

Some systems, such as for intralogistics, can be operated securely and particularly efficiently via cloud solutions. Other applications run better close to the data source. With one foot in the cloud and one firmly on the ground.

“We support our systems around the clock”

Interview with Dr. Wolf Siberski

Mr. Siberski, why are you advising SYNAOS customers about the cloud solution?

Our application is so much easier to scale. For example, when a customer expands their fleet of transport vehicles, we automatically adjust the computing and storage capacity. Support is becoming easier for everyone involved because we can maintain and monitor our systems around the clock and do not need remote access to our customers' IT systems. <br><br>

What services does Software as a Service include?

We automatically install updates with new features. Bugs and security gaps are constantly being fixed. We monitor the functionality of the system and notify the customer if we detect abnormalities in their processes. In doing so, we use both our IT expertise and our intralogistic know-how to ensure smooth operation.

How does support work if there are problems?

At “First Level”, employees contact internal support to clarify technical or technical questions. In the “second level”, our hotline provides support. For the “third level”, developers from our teams are on call around the clock to deal with particularly tricky cases.

In which cases can it be useful to use IMP software on-premise?

Basically, the cloud solution is more efficient and less expensive. At some international locations, there is still no sufficiently stable and fast Internet connection. In these cases, we recommend and support on-premise operation.

Lyrics: Lars-Thorben Niggehoff

Photos: Getty Images/Boris SV, Adobe Stock/.shock

‍