When it comes to digitization and automation in industry, many companies face an important choice: should data and systems be managed in the cloud or kept locally on their own servers? The debate is often charged - not least in Europe - where cloud computing sometimes raises concerns about data security and loss of control.
"The cloud is a very hot topic right now," says Robert Velén, specialist consultant at Plantvision. "And many companies are uncertain—they don't really know where the data is stored or who has access to it."
The cloud is already part of everyday life
Mohamed Al Kadari has a long background in digital solutions. Before joining the German sensor company IFM, he worked for eight years at Google Cloud, where he focused on digitalization in the manufacturing industry.
"There are a lot of misconceptions about the cloud," he says. "In the consumer world, we use the cloud all the time without thinking about it - Spotify, Netflix, Google Photos - they're all built on cloud infrastructure."
The same principles apply in industry. Although some companies say they would never use the cloud, it often turns out that they already do - through services like Microsoft Teams, Salesforce or SAP.
"They say they don't run anything in the cloud, but then we're in a Teams meeting - and Teams is running in Microsoft Azure," Mohamed says with a laugh.
What do the safety requirements say?
The EU's new cybersecurity directive, NIS2, has raised new questions about how companies that are considered critical to society can handle their data.
"They are not forced to use either cloud or on-premise solutions - but they are forced to think through how they securely manage their data," explains Mohamed. "Companies like Google, Amazon and Microsoft have known about these rules for years and have already designed their processes to comply with them."
Molnleverantörerna är samtidigt väl medvetna om de regulatoriska krav som gäller – inte minst inom EU. Det innebär att mycket av det säkerhetsarbete som krävs enligt exempelvis NIS2 eller GDPR redan är inbyggt i infrastrukturen. Detta kan göra det enklare för företag att leva upp till regelverken – förutsatt att de själva också tar ansvar för hur deras applikationer hanterar data.
Han pekar på att moderna datacenter är byggda för att vara extremt säkra, med geografiskt distribuerad data och tekniker som gör det i princip omöjligt att fysiskt komma åt allt innehåll från ett enda ställe.
"It's an illusion that you can walk into a data center and take out a rack with all the data - it doesn't work that way," he says.
At the same time, it is not black and white. Companies using the cloud are still responsible for ensuring that the application they run in the cloud complies with regulations such as GDPR.
"The cloud provider is responsible for the infrastructure, but it is the company itself that is responsible for how their application works and how it handles user data," he clarifies.
Benefits of scalability and flexibility
One of the main advantages of cloud computing is its scalability - being able to increase or decrease capacity as needed without expanding physical servers.
"With the cloud, you don't have to plan for maximum capacity all the time. It provides flexibility and cost efficiency," says Mohamed.
Lokala servrar har sina fördelar, särskilt för företag med hög teknisk kompetens. Men även de är sårbara om de är uppkopplade mot internet.
"Several German companies have recently suffered cyber attacks where it turned out that the only secure data was the one in the cloud," he says.
The technology is there - it's all about strategy
IFM manufactures sensors and networking solutions for the process industry, among others. Al Kadari explains that their products are designed to work both locally and in the cloud.
"Our sensors can be connected directly to PLC systems for local control, but they can also send data directly to the cloud via technologies such as IO-Link, MQTT or OPC UA," he says.
Crucially, businesses need to have a clear strategy for how data will be managed and used - not just stored.
"The discussion should not be 'cloud or not', but: what is best for our business?" he concludes.
Concluding reflections
The conversation ends with Robert thanking you for the many insights.
"I really learned a lot. What you said about automatically meeting a lot of security requirements by choosing a cloud service provider - that was an eye-opener for me," he says.
"It was a pleasure to be there. I'm looking forward to hearing more about how other companies are approaching this technology," concludes Mohamed.
