ChinaTravelNews, Ritesh Gupta – Allaying fears generally associated with the adoption of the cloud-related offerings, travel companies in China are making progress on several counts including offering developers the freedom and the flexibility they need to produce innovative software. Also, as travel organizations recruit specialists such as data scientists, they are also ensuring machine learning projects are being supported - from ideation to production and deployment.
Cloud is today a force to reckon with, and this is also being acknowledged by companies that set up their IT infrastructure decades ago. Whether cloud needs to complement existing infrastructure or replace it is an intriguing issue, but no doubt the efficacy that cloud brings along is unmistakable.
Imagine today’s scenario where any established travel technology/ e-commerce company is required to process 3-4 billion travel itineraries on a daily basis! With the need to handle searches at faster speeds, it is imperative to diligently cache at the edge of the cloud. Managing the scale and being in control of the cost structure is vital, and cloud is an integral part of the solution. Some use cases of cloud in the travel sector:
• Performance of digital assets like websites, for e.g. eliminating system downtime.
• Counting on machine learning to deliver a personalized experience, for e. g. a recommendation that comes in the forms of travel content or an offer.
Cloud infrastructure refers to the hardware and software components. It includes servers, storage, virtualization software etc. Importantly, servers are designed to store and manage data, run applications etc.
“Shiji moved from a traditional hosting to a 100% cloud environment (several years ago). We are doing everything in the “cloud” today (applications and solutions are deployed on a cloud network rather than an on-premise location). The same holds for our partners, they are virtually completely on cloud – public cloud AliCloud. All our servers, codes, systems…are on AliCloud operating in China,” shared Michael Heinze, The Chief Architect, Shiji Group.
Michael Heinze, the Chief Architect of Shiji Group
While this is a common phenomenon with start-ups, legacy companies like airlines, banks etc. struggle with such transition from a traditional hosting environment.
Specialists point out that cloud computing has many advantages, such as cost savings, resource integration, saving human resources, energy saving etc.
Recognizing such benefits, China Eastern Airlines has taken vital steps in its cloud journey.
“A few years ago we started using the private cloud. Private cloud resources are managed by a dedicated department,” shared Xuewu Wang, Head of Data Labs at China Eastern Airlines. The private cloud represents computing services provided either over the Internet or a private internal network. These aren’t for any user, rather for the chosen ones. In addition to gaining advantages of a public cloud, including self-service, scalability and elasticity, the user can avail extra control and customisation available from dedicated resources over a computing infrastructure hosted on-premises.
The journey to “serverless”
Cloud computing includes several services: IaaS, PaaS and SaaS.
• Infrastructure as a service is a form of cloud computing that provides virtualized computing resources over the Internet.
• Platform as a service (the provider hosts the hardware and software on its own infrastructure).
• Software as a service allows users to connect to and use cloud-based apps over the Internet.
Two models for cloud services can be delivered in a private cloud. The first is IaaS. The second is PaaS. Private clouds can also be combined with public clouds to create a hybrid cloud.
Heinze explained that in the past for development of an application, companies used to rely on server, operating system, databases, software framework, firewalls around it etc. via multiple servers. “The whole infrastructure used to be managed in-house,” he said. Post this the first layer i. e. of hardware was done away with, and from operating system onwards everything was in-house of the company (the user). “The real cloud came 8-10 years ago, so it led to the emergence of databases as a service, containers (added an abstraction layer so that software developers had less to do with the infrastructure and focused mainly on developing, deploying and monitoring the solutions being set up). He further added that with “serverless”, such cloud platforms lets one write code own way without caring about the underlying infrastructure. “Serverless started 3-4 years ago. Rather than dealing with processes, security etc., serverless is another abstraction layer that helps developers to focus on development,” added Heinze.
Overcoming challenging aspects
The biggest challenge that any company faces when they put their business in cloud remains the issue of data security management, mentioned Wang.
“Companies are concerned about data loss and leakage, data privacy, and breach of confidentiality. How to make company trust that the data they put in the cloud is not accessed by individuals or companies outside the company? We are actively exploring the application or solutions of cloud computing. But I think security is the biggest problem for early adopters of cloud computing, and cloud computing costs are a bigger challenge for mid- and advanced users. Lack of resources, expertise, governance, control, compliance and data migration will also be a challenge,” shared a senior executive in China.
Referring to security, Heinze mentioned that end-to-end encryption takes care of security of data in transit. “But data at rest (when data collects in one place, it is called data at rest) still demands a concerted effort to protect it. It is a critical aspect considering that regulations such as GDPR in Europe, CSL (China’s Cybersecurity Law) etc. are in place. So a travel company with a global data set where they are collecting personal data from consumers located in China or Europe, and depending on where that data is, both need to comply with storage and process requirements,” mentioned Heinze. “Shiji does comply with data protection requirements in multiple countries.” He added that Shiji deeply introspects and segregates data, for instance, personal data from business data (in case of personal data of consumers the need to protect it is more). We have dedicated team s and infrastructure in the cloud to protect personal data, plus there are many additional layers of security at an organizational level, technical level, systems level etc. to ensure access is legitimate and misuse doesn’t happen.”
“We try find the most effective way to operate the non-critical data and also assess the most secure (which is more expensive too) to protect critical data,” summed up Heinze.