R&D Tax Credits and the Second Wave of Cloud Adoption

By and

        According to an August 2015 Cisco sponsored study developed by the International Data Corporation (IDC), we are living a second wave of cloud adoption. At this new stage, companies’ expectations are no longer restricted to efficiency and reduced IT costs. Instead, cloud computing is increasingly seen as “a platform to fuel innovation, growth, and disruption”. The survey reveals that 53 percent of companies expect the cloud to drive increased revenues over the next two years.  

        In addition, second wave cloud adopters have a different focus: private and hybrid clouds. Among the respondents, 44 percent were using or had plans to implement private clouds and 64 percent were considering hybrid clouds. In the words of Nick Earle, Senior Vice President of Global Cloud and Managed Services Sales at Cisco, this trend is explained “primarily because they realize that private and hybrid offer the security, performance, price, control and data protection organizations are looking for during their expanded efforts.”

        The present article will discuss this new wave of cloud adoption and present the R&D tax credit opportunity available for both providers and users of private and hybrid clouds.

The Research & Development Tax Credit

        Enacted in 1981, the federal Research and Development (R&D) Tax Credit allows a credit of up to 13% of eligible spending for new and improved products and processes. Qualified research must meet the following four criteria:

  • New or improved products, processes, or software
  • Technological in nature
  • Elimination of uncertainty
  • Process of elimination

        Eligible costs include employee wages, cost of supplies, cost of testing, contract research expenses, and costs associated with developing a patent. On December 18, 2014 President Obama signed the bill extending the R&D Tax Credit for the 2014 tax year. A similar extension is expected for 2015.

The Cloud Market

        Cloud computing is defined as “the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer”.  On simpler terms, it means storing and accessing data and software applications over the Internet. This groundbreaking model allows for the configuration and delivery of computing power on demand, enabling easier use and higher performance.

         The benefits of cloud computing - which include streamlined processes, reduced capital costs, improved accessibility, and enhanced flexibility - have attracted a growing number of companies worldwide.

        According to a January 2015 report by Goldman Sachs, Internet cloud infrastructure and platform technology represented 5 percent of enterprise IT spending last year and is forecast to reach 11 percent in 2018.

        The same report estimates a compound annual growth rate of 30 percent for spending on cloud computing infrastructure between 2013 and 2018, compared to a 5 percent growth for the overall enterprise IT market. Goldman projects that cloud infrastructure and platform spending will grow from 16 billion on 2014 to $43 billion in 2018.

        Four leading companies - Amazon, Microsoft, IBM, and Google - currently dominate the cloud computing market. The following chart illustrates this preponderance of the “big four”, based on data from a Q2 2015 report by the Synergy Research Group.

Understanding Different Deployment Models

When it comes to deployment, there are four different models of cloud computing.  

I. Public Clouds: A public, or external, cloud is fully owned and provided by a third party vendor. It is located outside a company's firewall and constitutes a shared, multitenant infrastructure. Public clouds are available for open use by the general public; they comprise the most popular examples of cloud computing services, such as cloud storage, online office applications, and cloud-based web hosting and development environments.

II. Community Clouds: Similar to public clouds, community clouds offer multi-tenancy and a pay-as-you-go billing structure. However, these platforms are restricted to organizations from a specific group. Community clouds are driven by common computing concerns, including regulatory compliance and performance requirements.

III. Private Clouds: A private cloud is an environment dedicated to a single organization for exclusive use. Private clouds can be owned, managed, and operated by the organization itself, by a third party, or by a combination of both. They can also be hosted on or off-premises.
IV. Hybrid Clouds: Hybrid clouds combine two or more cloud infrastructures. Even though they remain unique entities, these platforms are brought together to enable data and application portability.
    Companies must compare different deployment models in order to find the best fit for their needs. Differences in security levels and management requirements are among the main aspects to be considered.

Dark Clouds Ahead: The Shortcomings of Public Clouds

        After surveying more than 1,000 cybersecurity professionals, Crowd Research Partners concluded that 9 out of ten organizations are “moderately concerned” to “very concerned” about public cloud security. The report ranked the top three cloud adoption barriers as being 1) general security concerns, with 45 percent; 2) data loss and leakage risks, with 41 percent; 3) and loss of control, with 31 percent.

        The undeniable truth is that users considering public clouds are increasingly concerned with vulnerabilities and potential attacks. The following sections get a closer look into these concerns.

I.     Public Cloud Security
        James Staten, vice president and principal analyst at Forrester Research points out that, in the context of public clouds, “security is a shared burden, but not one shared equally.” He illustrates with the case of Azure, where Microsoft presumably guarantees server security but organizations are responsible for security on their own applications.

        This “uneven handshake” is particularly troubling as the number and complexity of threats seem to be directly proportional to the rising popularity of cloud computing. According to a Cloud Security Alliance (CSA) report, the most prevalent and serious threats to cloud security are:  

1)    Data Breaches: Malicious cyber attacks aimed at stealing corporate data are the foremost threat to cloud security. CSA’s report points out that “if a multitenant cloud service database is not properly designed, a flaw in one client's application could allow an attacker access not only to that client's data, but every other client's data as well." It further highlights that cloud computing opens new avenues of attack for data thieves and that the absolute security of hypervision operation and virtual machine operations may be simply unattainable.

2)    Data Loss: Accidental data deletion in the cloud is more common than one may expect. It affected four in every ten respondents in a Symantec 2013 survey of 3,200 organizations. Loosing data can reduce productivity and undermine customer trust. In other words, the reputation of both providers and of users of cloud services is at stake.  

3)    Account or Service Traffic Hijacking: According to the CSA, the loss of control over users’ accounts remains a threat to cloud security. Phishing, exploitation of software vulnerabilities such as buffer overflow attacks, and loss of passwords and credentials are common causes. A hijacked account or service gives the intruder open access to critical data and applications potentially resulting in major financial losses.

4)    Insecure APIs: Application programming interfaces, or APIs, are used to build applications in the cloud computing environment. They also control third access and verify the identity of those producing applications. Flawed APIs can compromise authentication, access control, encryption, and activity monitoring in the cloud.

5)    Denial of Service: Consisting in the attack of numerous automated service requests, the denial-of-service can be compared to “being caught in rush-hour traffic gridlock: there's no way to get to your destination, and nothing you can do about it except sit and wait,” says the CSA report. When a customer’s service in the cloud is under attack it consumes major resources, which are often billed as legitimately used. Vulnerability to this sort of assault can make it financially illogical to keep one’s service in the cloud.

6)    Abuse of Cloud Services: hackers can take advantage of cloud servers to enhance their malicious attacks. With virtually unlimited computing resources, they serve malware, launch distributed denial-of-service assaults, and circulate pirate software. The detection of inappropriate use and the very definition of abuse are key to ensuring cloud security.

        Malicious insiders, insufficient due diligence, and the vulnerabilities of shared technology in a multi-tenant infrastructure are also pointed out as potential threats to public cloud security.

        A recent cartoon in The New Yorker illustrates the concerns about public cloud security threats.

II. Cloud Outages and the Fear of Losing Control
        Reliability and availability are also considered drawbacks in public clouds. Despite various efforts, which include clusters and redundant sites, outages can occur. Downtime undermines an organization’s ability to function and can generate significant losses.  

        When outages take place, users lose control - they can’t do anything but alert their providers. High profile cloud services outages have intensified the fear of being put in this situation. In July, Amazon Web Services experienced connectivity issues that affected major end-user networks, taking down websites such as Pinterest and Netflix. In August a cloud outage affected both AWS’s Elastic Compute Cloud (EC2) and S3 platforms.

        Between August 13 and 17, Google suffered a four-day cloud outage in Europe following successive lightning strikes at its Belgium data center. In March, a 43-minute outage attributed to faulty configuration patch affected users of the Google Cloud Compute Engine in different zones. Google’s Infrastructure-as-a-Service offering also went down for about an hour in February, generating connectivity issues that lasted for up to three hours.

        In June, a global iCloud outage prevented some people from accessing services like calendars and e-mail, or even logging into the cloud. Since its launching, in 2011, Apple’s iCloud experienced major outages and service slowdowns that lasted up to seven hours and affected 40 percent of its 500 million users.  

        On March 16, Microsoft’s Azure Virtual Machines (Infrastructure-as-a-Service) and Azure Cloud Services (Platform-as-a-Service) went down for over two hours for customers located in Central U.S. After less than 24 hours, another outage disrupted virtual machines, websites, and other cloud services, affecting a larger number of users on the East Coast.

        The vulnerability to data center-scale disasters has undeniable, negative impact on users’ perceptions of the reliability of public clouds

A Move Towards Private Clouds

        Concerned with public clouds’ security and reliability, a growing number of companies are migrating to the private model.

        Private clouds are operated on a private network, thus offering enhanced privacy and security. Within the private cloud model, financial firms, for instance, can take advantage of cloud computing while complying with regulations on the storage of sensitive data.

        A recent example is Deutsche Bank, who signed a billion dollar, 10-year private cloud deal with HP. Upon shifting its applications to HP’s Helion cloud, the German lender expects to secure standardized world-class IT infrastructure while reducing costs. HP will provide dedicated data center services on demand including storage, platform, and hosting.

        This migration has been seen as a proactive way to modernize the bank’s IT infrastructure. The deal gives HP an active role in the overhauling and rationalization of applications. The customized, private cloud is expected to foster innovation and enable the creation and delivery of new services to Deutsche Bank’s clients.

        Commenting on the deal, TechMarketView financial services analyst Peter Roe said: “(…) banks are looking for further cost savings and need to focus on leveraging their core banking expertise rather than devote precious resources to the provision of IT infrastructure. This deal by Deutsche is a clear signal to other banks of the value of such a move, and a large feather in HP’s cap.”

        With eyes at this expanding market, traditional cloud providers as well as new players are developing innovative private cloud solutions. In fact, a July 2015 market research by IT research and advisory firm Gartner shows that managed virtual private cloud services are increasingly a part of data center outsourcing contracts.  The following paragraphs present recent examples of private cloud innovation.

I.    IBM
        Following the June 2015 acquisition of Blue Box - a company specialized in OpenStack-based private clouds - IBM launched a new and upgraded offering described as “private-cloud-as-a-service.”

        IBM is deploying Box Panel, a cloud management console developed by Blue Box, in its 40-plus SoftLayer data centers around the globe. The solution enables remote management, update, and patching of private clouds while they operate across IBM’s infrastructure.

        According to Angel Diaz, IBM's VP of cloud architecture and technology, this model gives users elasticity and ease of use while ensuring they remain in control. Box Panel allows users to manage OpenStack and to determine the allocation of resources, such as RAM, number of cores, and storage. In other words, they have the advantages of a private cloud without having to deal with equipment, which, though not located in their premises, are isolated and dedicated to exclusive use.  

        Todd Moore, VP of Open Technology at IBM highlights that "The significance with Blue Box is that their model, the model of private cloud as-a-Service is one that allows customers to get going very rapidly. You're not on your own trying to understand how to stand-up an infrastructure.” The idea is to free people up to focus on more vital and innovative aspects of their businesses.

II.    TeamSupport.com
        Headquartered in Dallas, Texas, TeamSupport is a web-based Customer Service & Help Desk application. On September 10, 2015, TeamSupport launched an innovative private cloud solution, showing that innovation is not restricted to traditional cloud computing providers. The company recognizes that “there is demand for a private cloud solution, even with companies whose leaders fully understand how secure cloud apps are, because their customers or other stakeholders demand a private cloud option.”

        Aiming to tackle this demand, TeamSupport developed a completely private customer support software-as-a-service solution. Hosted on a subscription basis via a dedicated server, the innovative offering is the first of its kind. Not only does it follow the highest security standards, but it also enables users to meet specific regulatory and policy requirements. For instance, it allows customers to choose data center locations to satisfy regional security and performance requirements.

III.     Western Digital
        Private clouds have also evolved towards the notion of “personal clouds.” The idea is to enable users to set up their own clouds and give them absolute control over their personal files. It is an effort to ally the convenience of cloud storage with the speed, space, and affordability of an external hard drive.

        This is the logic behind Western Digital’s (WD) My Cloud: while hard drives are located at the user’s home or office, data is accessible from anywhere. The innovative, user-friendly solution is easy to set up and offers automatic file backup, fast file transfers, and password protection.

        On September 1, 2015, WD introduced various enhancements to My Cloud storage solutions, including a new, redesigned operating system that features an intuitive user interface and delivers a rich content-sharing experience, backup, and sync capabilities. WD also launched a Software Developer Kit (SDK) that will enable developers to build new extensions, features, and capabilities within the My Cloud ecosystem.

        Additional enhancements include a dual-drive My Cloud Mirror that automatically duplicates stored content to a second device.

Hybrid Clouds on the Rise

        Hybrid clouds combine the scalability of public clouds to the security of private ones. In hybrid clouds, a single application or user interface manages data that can reside in a range of locations, both inside and outside a firewall.

        By allowing companies to choose the most suitable environment for each aspect of their businesses, hybrid clouds have been considered powerful tools to maximize efficiency. So much so that a recent study by Gartner predicts that nearly 50 percent of large companies will be engaged in hybrid cloud deployments by the end of 2017.

        One possible reason is cost-effectiveness. While the economics of public cloud are intrinsically better than those of private ones, hybrid clouds can be cost-competitive, offering a more reasonable price differential – which is directly linked to network design and skilled staff.  

        Despite undeniable advantages, hybrid clouds present their own set of challenges. Monitoring various security platforms and ensuring data and application portability among different cloud infrastructures require complex management capabilities. The following paragraphs illustrate how various companies are turning towards innovation to overcome these challenges.

I.     Microsoft
        In an effort to differentiate itself from competitors such as Google and AWS, Microsoft partnered with Dell to create the Cloud Platform System (CPS), an on-premise private cloud platform that syncs up with Azure public cloud.  

        Launched in October 2014, the Azure-in-a-box uses the same software that powers Microsoft’s public cloud and runs on hardware supplied by Dell. Microsoft Azure CTO Mark Russinovich points out that “Many customers are not ready to migrate all of their operations to the public cloud (…), they may have legacy infrastructure or they may have sensitive information they want to keep on their own premises.”

        With an on-premise component, CPS responds to organizations that want to leverage the benefits of public cloud while keeping aspects of their workload on a private environment. The ability to use one single set of tools to manage the entire hybrid platform creates the consistent and efficient solution many companies are looking for.    

II.     VMWare
        Palo Alto, California-based provider of virtualization infrastructure solutions VMWare has been at the forefront of hybrid cloud computing innovation. The company has recently given a preview of a groundbreaking technology that allows for the live migration of working compute jobs between (VMware) private and public clouds.

        VMWare states that its goal is to allow customers to “extend their data center to the public cloud and vice-a-versa by seamlessly operating across boundaries while providing enterprise-level security and business continuity.” Fortune magazine made an interesting analogy for the idea of cross-cloud live migration – it is as “if a car company could move an automotive assembly line between one plant and another without shutting it down. You can see the difficulty.”

III.    Cisco
        The Intercloud is a globally connected network of private, public, and partner clouds. This concept, according to Cisco, is the future of cloud computing innovation. In June, 2015, the American multinational tech company announced a partnership with 35 independent software vendors to accelerate the creation of innovative cloud services for the Intercloud.

        The partnership will focus on three main areas of innovation: next-generation developer platforms, big data and analytics, and cloud services for the Internet of Everything (IoE). Cisco argues that “only the Intercloud (will be) capable of meeting the robust demands of the IoE.  It is designed specifically for high-value application workloads, with real-time analytics and "near infinite" scalability.”

        The company is already active in the hybrid cloud market through the Intercloud Factory, a suite of products for the construction of highly secure hybrid clouds that enable the extension of existing data centers to public clouds.

        With more than 100 customers and 65 partners worldwide, Cisco’s Intercloud Factory uses a single operational model across the hybrid cloud, enabling flexible workload placement and consistent network and security policies across public and private environments.


        The second wave of cloud adoption unveils a new focus on private and hybrid clouds. A growing number of companies are looking for solutions that overcome the shortcomings of public clouds, particularly when it comes to security and reliability. In this scenario, innovation is a key element for cloud computing providers and users. R&D tax credits are available to support those willing to advance towards a new era of secure, reliable, and customized cloud computing.

Article Citation List



Charles R Goulding Attorney/CPA, is the President of R&D Tax Savers.

Andressa Bonafé is a Tax Analyst with R&D Tax Savers.

Similar Articles
The R&D Tax Credit Aspects of Blockchain for Supply Chains
The R&D Tax Credit Aspects of Physical Security Technology
The R&D Tax Credit Aspects of Driverless Cars
The R&D Tax Credit Aspects of SaaS Start-Ups
The R&D Tax Credit Aspects of Emotion-Recognition Technology
The R&D Tax Credit Aspects of AI in the Insurance Industry
The R&D Tax Credit Aspects of Emerging AV Trends
Enhanced R&D Tax Credits for Specialized Co-Shared Spaces
Ethereum's Impact on Digital Contracting Creates R&D Tax Credit Opportunities
The R&D Tax Credit Aspects of Geofencing
The R&D Tax Credit Aspects of Distribution Center Automation
The R&D Tax Credit Aspects of Law Firm Artificial Intelligence
The R&D Tax Credit Aspects of Avionics
The R&D Tax Credit Aspects of Telemedicine
Federal Government Provides Faster Approvals and Tax Credits for Consumer FinTech Products
The R&D Tax Credit Aspects of Voice-Activated Software
The R&D Tax Credit Aspects of Artificially Intelligent Hedge Funds
The R&D Tax Credit Aspects of LiDAR
The R&D Tax Credit Aspects of Educational Technology (EdTech)
The R&D Tax Credit Aspects of Cyber Security Start-Ups
The R&D Tax Credit Aspects of Construction Industry IoT
R&D Tax Credits Provide New Opportunities for Artificial Intelligence Start-ups
The R&D Tax Credit Aspects of NYC Start-Ups
The R&D Tax Credit Aspects of Virtual Reality Technology
The R&D Tax Credit Aspects of Water Analytics
The R&D Tax Aspects of Artificial Intelligence Robo-Advisors
The R&D Tax Credit Aspects of Natural Language Processing (NLP) Innovation
The R&D Tax Credit Aspects of Video Compression Technology
The R&D Tax Credit Aspects of Automated Coding
The R&D Tax Credit Aspects of Payment Technology
The R&D Tax Credit Aspects of Restaurant Technology
The R&D Tax Aspects of Data Storage Startups
The R&D Tax Credit Aspects of Cyber Security
The R&D Tax Credit Aspects of Mobile Applications
R&D Tax Credits for the Modern Insurance Industry
The R&D Tax Credit Aspects of the Internet of DNA
The R&D Tax Credit Aspects of Modern Dental Labs
The R&D Tax Credit Aspects of IoT Communication
The R&D Tax Credit Aspects of Bitcoin and Blockchain Technology
The R&D Tax Aspects of Near Field Communication
The R&D Tax Aspects of the New FDA Mobile Apps Requirements
Tapping the Power of Big Data and R&D Tax Credits for Utility Companies
The R&D Tax Credit Aspects of the Medical Software Industry
The R&D Tax Aspects of Computer Enabled Human Identification
The R&D Tax Credit Aspects of New York City's Engineering Education and Googlization
The R&D Tax Credit Aspects of Software Modeling Analytics
The R&D Tax Aspects of Cameras of the 21st Century
The R&D Tax Credit Aspects of Network Security
R&D Tax Aspects of DNA Identification
R&D Tax Credit Aspects of Cyber Security and Homeland Protection
Financial Product Trading Platform Artificial Intelligence R&D Tax Credits
The Internet of Things Creates R&D Tax Credit Opportunity
The R&D Tax Credit Aspects of Mobile Banking Applications
The R&D Tax Credit Aspects of In-Image Advertising
R&D Tax Credits for Hybrid Call Centers - Airline, Hotel, and Car Rental Industries
The R&D Tax Aspects of Advertising Science
The R&D Tax Aspects of Data Science
R&D Tax Aspects of Radio Frequency Identification
The R&D Tax Aspects of Advanced Driver Assist Systems
The R&D Tax Aspects of the Internet of Residential Things
The R&D Tax Aspects of Web Television
R&D Tax Credit Aspects of Medical Robotics
R&D Tax Credit Aspects of Industrial Robotics
R&D Tax Credit Aspects of Service Robotics
Yes Alice, Patents and R&D Tax Credits Remain Available for the Internet of Things!
How Salesmen Can Use R&D Tax Credits to Sell Today's Software Products Engagements
The R&D Tax Aspects of Cloud Computing
The R&D Tax Credit Aspects of Hybrid Call Centers for Health Insurers
The R&D Tax Aspects of Robot Software
The R&D Tax Aspects of Machine-to-Machine (M2M) Innovation
The R&D Tax Aspects of Financial Technology Services
Beacons Create R&D Tax Credit Opportunity
The R&D Tax Credit Aspects of Retail Technology
The R&D Tax Credit Aspects of Improving Virtual Reality Technology
Now Every Business is a Software Business
Gig City Startups and R&D Tax Credits
The R&D Tax Credit Opportunities for Mobile Devices
The R&D Tax Credit Aspects of Wearable Technology
The R&D Tax Aspects of Big Data
R&D Tax Credit Fundamentals
Los Angeles Tech Boom Creates Large R&D Tax Incentive Opportunities
The R&D Tax Aspects of Software Development