Chris Thorman, who blogs about electronic medical records  at Software Advice wrote an article quantifying the "green benefits" of software as a service for a small office.

In his example of a 4 person office, by his calculations each user consumed 2,352 KW  per year to access their main software when it was run on premises, but those same users consumed only 272.85 KW per year per person using SaaS.

Do you agree with his take on the situation? Do you have other thoughts on the subject? Please share them here.

I disagree.  His assessment seems contrived and unrealistic.

-ENO

I agree with ENO. Many of the power costs of an office are fixed regardless of from where the software comes.

I agree that you could see some savings since, in theory, you wouldn't need a dedicated server on your end 24/7 and you could possibly get away with some less beefy machines. Now some of that would be offset by needing better internet equipment on your end to keep the connection alive.

Given everything, I just don't see how you could save 90% of power costs just by having someone else host your software

Seems to me that simply changing from the Dell Desktop to a Dell Netbook in this example would net almost the same results and in my opinion give the company better access to the data.  I think SaaS is truly just a stepping stone between "traditional software" and "remotely managed machines".  Especially with data centers virtualizing.  Now, all a software vendor has to do is ship a couple virtual machines to a client and have the client configure it to their network.  They still save on power, and the data is in their hands, dependent on their network only instead of on a possibly shoddy Internet connection that may or may not have been compromised.

I also disagree with the article.  Being a medical facility, it is unrealistic to use an EMR in this manner.  Instead of investing in a server,  we'd have to purchase a redundant internet connection with a sophisticated firewall to switch to the second connection if the first one fails.  Would we save some energy? Yes, but we would be paying extra money for an idle connection, getting our software hosted, the added network equipment, and yearly maintenance costs associated with said equipment. 

Other than the marginal power savings between a slice of a large server in the cloud compared to the full power requirements of the server in your shop, you are only changing the expense line (and possibly creating more energy consumption in the end) from energy expense to contracted services in your financial statements.

It's like moving manufacturing overseas where the pollution laws are more lax and then proudly proclaiming that we don't pollute US soil with our manufacturing process.

Dave

 

 

Can you picture the amount of energy that would have been saved if he had NOT penned that article, and countless people had NOT read it, and the members of this thread had NOT commented on it?

Seems like a great energy saving idea would be to IGNORE the author.

Sounds kinda silly... doesnt it?

As nice as it may seem to just ignore something, it's an issue that I've seen around a lot lately. And I don't expect that it'll go away anytime soon.

Nonprofits have the general commonality of always looking for ways to cut costs, especially on things like technology where they're often not able to get consistent financial support. For some small orgs, using SaaS is a viable option that can replace out their old, inefficient server/network system instead of investing more money in upgrading. Especially if they aren't dealing with as much potentially sensitive data, as say, a medical or health care provider, where they have a pile of security and data-management regulations to ensure security for their client data.

Replacing out that clunky old, energy-sucking server, and hosting email and files in the cloud probably does save substantial energy, and especially with some of the free and inexpensive cloud services available these days, would also save that organization money on their monthly bills.

I think the jury is still out on whether SaaS will ultimately and generally reduce energy consumption, since every office and organization operates differently (as do the different cloud vendors). It's too sweeping a generalization to say that they all do or don't reduce energy costs.

It's great to see that green and cloud computing is at long last on the radar screen for non-profits in the US. We have been doing this for a while and can hopefully add to the discussion. 

As it is very easy to know, the cost and energy savings of this type of infrastructure can be calculated with a high degree of accuracy. Of course, your actual mileage may vary.  There have been boatloads of studies, one of the most boring but comrehensive is out of the Fraunhofer institute:  http://it.umsicht.fraunhofer.de/TCecology/index_en.html.  Perhaps understandably, the European non-profit community is years ahead of where we are at.  Inarguably and by far, the single most "green IT" things that you can do is shut off, not buy and/or consolidate servers and replace PC's with thin clients. As an example, instead of five organizations buying five servers and using 15% of server resources each, those same five organizations can easily share a single server.  That not only eliminates a boatload of power use, but that's four servers that never have to be disposed of. 

"..you are only changing the expense line (and possibly creating more energy consumption in the end) from energy expense to contracted services in your financial statements..."  That really depends on your in house costs of ownership.  We have yet to run into a case where long term cost savings for non-profits with more than a couple of servers were not demonstrable but I am sure that they exist.  Since there is no longer a need to spend resources on maintenance, cooling, repair, refresh, etc. of hardware or software, IT folks can work on tasks that add value to the business and get better data to clinincal and/or management staff.  In some organizations, >80% of IT resources are spent simply maintaining what's already there.

"Being a medical facility, it is unrealistic to use an EMR in this manner. Instead of investing in a server, we'd have to purchase a redundant internet connection with a sophisticated firewall to switch to the second connection if the first one fails."  If you are really after 99.99 availability, business continuity, etc. a cloud based infrastructure provides way more than you could ever hope to engineer and deploy in house unless you are Enterprise class already.  This is because you are sharing the cost of an Enterprise Class infrastructure with other folks.  It allows non-enterprise class orgazations to emulate the big boys.  If your main office building  were destroyed, for example, you would lose no data and could keep working.  Moreover, the cost of Internet access is exceedingly low and the need for T1's, T3's or any other point to point connection(s) goes away.  While it may not be possible for everyone, if you can get a cable plus a DSL/FiOS connection you are good to go. 

"As nice as it may seem to just ignore something, it's an issue that I've seen around a lot lately. And I don't expect that it'll go away anytime soon."   Well said, Becky.  I am really not sure why most of the non-profit IT community dismisses cloud computing out of hand.  It does not eliminate the need for IT staff, it just changes their role.

pkerness

I am really not sure why most of the non-profit IT community dismisses cloud computing out of hand.

I don't dismiss cloud computing out of hand.  There are a lot of reasons why I personally look at it askance.

1. Not all clouds are the same - a lot of startup cloud provider companies are using the buzz around cloud computing to say "Well, it's cloud computing, it's good, everyone is doing it."  Not all clouds have enterprise class data systems.  People that just say "use the cloud" and don't back it up with a caveat of "research your vendor" really annoy me.  It's like when Microsoft says "Use Vista, it's the best version of Windows yet" and where it might be okay now, it caused a lot of headaches for a lot of people when it came out.  Didn't make a damn thing easier.  So, just because someone says "The cloud is good, go forth and compute" doesn't mean I want to do that.
2. Some boards and staff of some non profits would probably be against the idea of cloud computing when you are talking about Personal Health Information (PHI).  If its not in your hands, and you can't track where all the data is, then you don't have control (at least, that's the philosophy).  Cloud providers can claim HIPAA compliance but so can anyone that wants to hang out a shingle.
3. The disaster scenario where you lose no data only works if you actually have all of your data in a cloud(s).  Also, see number 1 - if your provider's building burned down and they don't have enterprise class high availability, then you're screwed and nothing even happened to you.
4. Remember 9-11?  What about Katrina?  Ike?  I believe the Internet was hosed.  No amount of T1, T3, FiOS, DSL or cable was going to help you.  Where's your data then?  How do you operate your medical facility when your operational software is on the Internet and you have people coming into your office in droves because of a disaster?  If you had your own systems and a backup generator, you were still running.
5. Let's analyze the burned down building.  Depending on the non-profit, you may not need to be running 24-7.  It's OK if you're down for a couple days.  Let's assume you do need to be up and running as close to 24-7 as possible - you still have a logistical problem of where to get computers for all your staff to do their work and a place for them to do it from with an Internet connection robust enough to do the work.  In all that time, you could also probably get systems together to run your software and restore your data on a private network and not have to worry about getting out to the Internet.

Its not that I am against cloud computing in all cases.  I just think it needs to be analyzed.  The article that was linked and the way you are writing is too blase.  Its not a holistic approach, and it gets people thinking that cloud computing is the panacea of all their problems - its not.  Pkerness, i know that you obviously are a reasonable person and know that there are a lot of considerations - but you seem to be able to toss plenty of them out the window when you wonder why IT support staff at non-profits are skeptical.  Actually, I'd call IT support staff at non-profits less skeptical than a lot of big business staff.

I think it's great that you took the time out for such a well thought out and comprehensive response.  I hope that someone other than us reads it!  You make great points and there are many cases where cloud computing may not be appropriate. 

My argument is that for the vast majority of small to mid-sized non profits, the benefits far outweigh the risks.  Small and mid-sized non-profits can have the same features, software, business continuity, disaster recovery, etc. as folks with 6 figure IT budgets.  Non-profits that can't afford their own backup generators, 24/7 IT staff, redundant Exchange Servers, air filtration systems, biometric security, redundant Internet connections, SharePoint servers, a CIO, etc. don't have to settle for less. 

1. Not all clouds are the same - True enough.  I would recommend a reasonable level of due diligence when choosing a provider.  This should include a tour of the data center and talking to existing customers.  A review of their P&L statement would also be advised. 
2. Some boards and staff of some non profits would probably be against the idea of cloud computing when you are talking about Personal Health Information (PHI).  If its not in your hands, and you can't track where all the data is, then you don't have control (at least, that's the philosophy).  It's usually a silly philosophy.  Whether they would like to admit it or not, most organizations that have this of data have it distributed among servers, desktops, laptops, usb drives, and home computers and offices all over the place.  A lost or stolen laptop can expose this data quite easily.  In other words, they can't track where the data is today.  When all the data is in one place, it's much easier easy to track, secure, control access to and protect it.  Since data never leaves the data center, even a malicious employee or client with intent, physical access to your LAN and a network password cannot expose it.  The current crisis takes some oomph out of the argument, but to me it's that same as arguing that money should be kept under the mattress instead of in the bank. 
3. The disaster scenario where you lose no data only works if you actually have all of your data in a cloud(s).  Also, see number 1 - if your provider's building burned down and they don't have enterprise class high availability, then you're screwed and nothing even happened to you.  The whole point is to have all of your data protected in an Enterprise class data center.  Since data centers are designed, engineered and built specifically for this purpose and to guard against such disasters, it's much more likely that your headquarters will burn down before the data center. 
4. Remember 9-11?  What about Katrina?  Ike?  I believe the Internet was hosed.  No amount of T1, T3, FiOS, DSL or cable was going to help you.  Where's your data then?  How do you operate your medical facility when your operational software is on the Internet and you have people coming into your office in droves because of a disaster?  If you had your own systems and a backup generator, you were still running.  The Internet wasn't hosed and many folks in the situation you describe completely and permanently lost all of their data because their servers, data center and backup tapes were all destroyed.  Many never recovered, and of those that did, they were down for weeks not days and many lost years of data forever.  These folks far outnumber those that were in the situation that you describe and I promise you that many of those disaster victims wish they had cloud computing in place.  Many non-profits simply went out of business forever
5. Let's analyze the burned down building.  Depending on the non-profit, you may not need to be running 24-7.  It's OK if you're down for a couple days.  Let's assume you do need to be up and running as close to 24-7 as possible - you still have a logistical problem of where to get computers for all your staff to do their work and a place for them to do it from with an Internet connection robust enough to do the work.  In all that time, you could also probably get systems together to run your software and restore your data on a private network and not have to worry about getting out to the Internet.   I have no idea what you mean by an "Internet connection robust enough to do the work".  The entire infrastructure (desktop, all productivity applications and all data) can be delivered over a dial up connection.  I think being able to buy new servers, find a place for them, rebuild them from bare metal, restore them from backups (assuming that works and the backups weren't destroyed) might take longer than 48 hours.  In a cloud computing scenario, your staff could pick up working with no data loss at all the next morning from a laptop at Starbucks.  End users are 100% productive from anywhere all the time.  PC's are simply access appliances, you get your same desktop and apps whether you are in the office, at home or anywhere else.

Its not that I am against cloud computing in all cases.  You do seem to be arguing that you are against it in most cases and with that I would respectfully disagree.  Considering the upside (lower costs, higher availability, business continuity, enterprise class productivity applications, remote access to everything from anywhere, 24/7/366 support, etc.) I believe it's appropriate for more non-profits than not.  I would much rather see non-profit IT folks working on things that add business value and build capacity for their organization vs. swapping out a failed hard drive or babysitting a Microsoft Office patch.  I'd rather see them spend money on programing rather than on servers, software and PC's every few years.

I just think it needs to be analyzed.  The article that was linked and the way you are writing is too blase.  Its not a holistic approach, and it gets people thinking that cloud computing is the panacea of all their problems - its not. Well, it's a panacea for at least some of them and I would argue most can live with the others.  I'll upload a backup of every desktop and every server to an FTP site every night if you want.  Pkerness, i know that you obviously are a reasonable person - that's highly debatable! - and know that there are a lot of considerations - true enough - but you seem to be able to toss plenty of them out the window when you wonder why IT support staff at non-profits are skeptical.  I do know that when I get my copy of Information Week or the other "for profit" IT trade rags, this kind of discussion has been going on for years and, by and large, most "experts" agree that it's the way to go for a large percentage of small and medium sized enterprises.  At the last non-profit IT convention I want to, the biggest crowds were attracted to the "How to Use Twitter for a Purpose for Which it was Not Designed" workshops.  Folks are "skeptical" about cloud computing but have no problem incorporating a service that has no meaningful revenue stream, let alone positive cash flow, into their line of business technology.

Actually, I'd call IT support staff at non-profits less skeptical than a lot of big business staff.   Skeptical is one thing, but when the "green computing initiative" does not even MENTION (until now, of course) virtualization, thin clients and cloud computing as a possibility, that's something else.  Since everyone who has a copy of Windows 2003 could most likely virtualize a server today for free, it's even more aggravating.

Thanks for taking the time out for this discussion.  If anyone else is out there please help me.  Tell me what I am missing so that I can start driving a truck or something!

I think we're going to have to agree to disagree on just about every point I made ;)  But that's okay.  Yes, the Internet was hosed on 9-11, Katrina and Ike - I'm sorry you don't know that but its true.  Maybe you live in another part of the country from those places - but it was pretty hosed for a lot of people.  Not everyone effected by the disasters I was talking about lost everything.  And a "robust enough connection", "deliver over dial-up"  OK, you're going to deliver an entire remote network for 20 employees over dialup?  Have fun with that :)

Chris, I almost get the feeling that you've been discussing disaster planning recently. Perhaps even instructing people on how to do it. *snicker*

Okay, that was a clear thread-jacking on my part in order to promote the two disaster planning webinars we conducted last month. Chris Shipley was a presenter for both, so we've all had our heads in "disaster planning mode" recently. And if the news is any indicator today, we could all be better prepared for the worst.

In our disaster planning and recovery toolkit (and specifically, the downloadable guide on that page), we discuss different systems of backup and cloud computing is listed as a secondary option for some of the reasons Chris mentioned. So far, it's a great option for some orgs, but we still have to wholeheartedly recommend that everything kept in the cloud is backed up and that duplicates are kept on-site and afar. Some of that duplication, especially if done on-site with a regular office server system/network, would negate many of the "green" benefits of cloud computing. And I know a lot of smaller nonprofits that use cloud computing for just that purpose -- off-site backup -- but thye still run old and inefficient servers that haven't been virtualized every day in their offices.

We'll be talking about this more down the road, and I'm open to hearing all the stories, research, and data that's out there on this topic. In my opinion, though, the jury is still out since there are so many variables that might make SaaS a "green" option for one org and not for another. And I agree that not all SaaS providers are equal, so we it's a little too easy to generalize the whole cloud without talking about the specific benefits or drawbacks of any one provider. Now that's data I'd love to see.

Why Becky, I think I have been.  ;)

pkerne

I'm not attacking you, but I have to poke another hole in something you said.

pkerness

2. Some boards and staff of some non profits would probably be against the idea of cloud computing when you are talking about Personal Health Information (PHI).  If its not in your hands, and you can't track where all the data is, then you don't have control (at least, that's the philosophy).It's usually a silly philosophy.  Whether they would like to admit it or not, most organizations that have this of data have it distributed among servers, desktops, laptops, usb drives, and home computers and offices all over the place.  A lost or stolen laptop can expose this data quite easily.  In other words, they can't track where the data is today.  When all the data is in one place, it's much easier easy to track, secure, control access to and protect it.  Since data never leaves the data center, even a malicious employee or client with intent, physical access to your LAN and a network password cannot expose it.  The current crisis takes some oomph out of the argument, but to me it's that same as arguing that money should be kept under the mattress instead of in the bank.

Where do you get your information?  Its certainly not a silly philosohpy.  I could argue that its silly to trust this sort of data that is protected by federal law with huge penalties to a 3rd party.  Just because someone says they have all these policies about how to protect your data doesn't mean they follow them.  "Most organizations that have this data have it distributed..."  Is this an assumption or something backed up with a factual study?  That is a really big assumption and I'm calling you out on it.  It's just not true.  In some cases, yes - but you're painting with too broad of a brush.  In a case where you have a problem like this (all of it solvable, for little cost by the way), simply moving to SaaS does not resolve the issue.  What if you move to a web based software solution?  What about local disk cache of pages?  How about where you can access the data from?  What about viruses, screen scrapers, or keyloggers sitting on the PCs an organization uses to access the SaaS model?  In an environment where there is a problem with data leakage, tracking, and control of access moving to a SaaS model won't just fix things.  The same work you go through to make sure access levels and data containment is processed would have to be done.

Your comparison of keeping money under the mattress vs in a bank is a bad one.  Have you been paying attention to AIG?  Again, you're painting with too broad of a brush.  I'm guessing you're either involved in the sales of SaaS or you aren't a security expert that actually implements anything.  This is not bad in itself, but it annoys me when people that don't have a clear understanding of something answer questions with unfounded generalizations.

A lost or stolen laptop can certainly expose data easily, we've all heard of the stories about banks and the VA losing data.  Encrypting data on a laptop is trivial.  This is a step that should be done even if you only use it to connect to a SaaS solution.  So since its being done anyway - where does SaaS come through on top?

The only argument you've made that makes sense to me is when it comes down to IT Staff.  When you are understaffed and cannot meet the needs of your agency, SaaS can possibly be a good solution for you.

This has turned into a pretty good thread despite the added complication of moving from "green" to thin-client to cloud computing.  I tend to side more with Chris and agree that pkerness' approach is one of promoting rather than presenting, but I'm impressed with the quality of argument on both sides.  In a face-to-face discussion, free from the clumsiness of forum posting and better able to fine-tune the scenarios, I suspect that you guys would actually agree on most things.

The discord here is much like that found elsewhere.  And that shouldn't come as a surprise, since we're discussing a general methodology rather than a specific solution to a defined business need.

But that said, I agree with Chris' points relating to the trustworthiness of that methodology.  There are other points as well.  No single SaaS service does everything that most businesses need so multiple services might be needed.  How does one coordinate the sharing and security of data among multiple services from multiple clouds?  

It's also likely that some needs can't be handled by cloud services, in which case you can't throw out that old equipment after all.

What's the cost of all this newer equipment being purchased for the purpose of saving money? And what's the cost of the retraining and the general disruption of business in connection with the migration? As Chris suggests, each case needs to be analyzed and all of these things must be included in the analysis. 

And finally, returning to the original question of "green thoughts on SaaS", I've found that "green" is inconsequential.  Everyone I know, if asked, will wax eloquent about their dedication to green goals.  But when it comes time to write checks to support IT, the concerns are all about cost, reliability, performance, cost, security, effectiveness, compatibility and cost.  Not a single one of my clients has ever asked me for a greener network.  They want cheaper and faster. They want to squeeze a couple more years out of their existing equipment, whatever it might be.  And they want improved efficiency, preferably to the point where they can layoff staff.  They will happily wave the green flag if it happens to be a byproduct of the other steps, but their actual dedication to the cause is so far down the list that it's not even visible.

-ENO