Revolutionary. Game-Changing. Breakthrough. Our love for new technology is a story as old as the human race and to display our affinity for new tech we discuss, publish and blog about it in the superlative. We love it, we hate it. It’ll never fail (or sink like the Titanic), it has no chance of success (flying car anyone?). The Cloud is getting this type of love right now and many are fawning over it. This writer thinks it is pretty wonderful too but when we talk businesses and the cloud it is important to understand the context. That business have different purposes and see different risks associated with this relatively young technological invention. Larger business risk considerations are far different than risk factors considered by a single user or a very small business. We’ll cover this but first let’s discuss historical examples of technological progress.
At one time the mainframe ruled the computing world. It centralized data and then suddenly the desktop revolution decentralized it. Today some say the cloud signals a reemergence of data recentralization and it too will rule the world of computing and we believe it. Look around today what do you see? Mainframes still exist and so do desktops, servers, tablets, laptops, smartphones and the cloud. We are using new devices for specific tasks. Some sales departments exclusively use iPhones meanwhile the accounting department is working on the server-desktop model. We believe the historical trend will continue and we’ll see a mix of technologies going forward. In other words, the Cloud will extend its reach but never rule everything. Many businesses will still choose local processing and storage or private clouds for the foreseeable future and we’ll discuss the reasons in this article.
Lauren Carlson’s article, “The Downtime Dilemma: Reliability in the Cloud” makes valid points but misses a few key risk factors. So let’s review her article. She touched on the Cloud’s uptime and reliability and showed a few charts that pointed to the cloud as being better on both fronts. She also made the point that the cloud companies use systems are technically superior to any cloud that a traditional business can build in-house (except the fortune 500). Another other item missing was applications. Enterprise applications drive infrastructure purchases and until all applications are web or designed to be run in the cloud, onsite servers will be required by software vendors.
Hear us, we are pro-cloud but not pro-risk. Businesses live and die by their data. More than 80% of all businesses fail in 3 years when they lose their data. Data protection is king while uptime and reliability are an important second. That said let’s dive in.
“Although, the current cloud infrastructure is probably about 10 times as redundant as most on-premise systems. I think the cloud is simply suffering from the consequences of fame.” Lauren Carlson, The Downtime Dilemma: Reliability in the Cloud
One of the technologies that power the cloud is hardware virtualization and virtualization across multiple systems and even across physical locations. Currently VMware and EMC and other such brands are pricey. When those costs are added to the costs of building and powering multiple secure datacenters and the labor to run it, how many companies want to spend that kind of money? It’s cheaper to signup for those services. Here’s the part Lauren overlooked, this technology will keep developing, evolving and getting cheaper just as every other tech has. Over the next several years building your own private corporate cloud will be affordable and within reach of most businesses. Our prediction is this; first virtualization and then the cloud will become a commodity. We don’t see cloud companies as producing an untouchable product with an unattainable level of service that is out of reach (for the 100M revenue and up) of most companies. Alpha & Omega Consulting clients can already deploy a private cloud that is secure and redundant across multiple datacenters affordably. Our private cloud is powered by a unique software that deploys, manages and secures cloud VMs. Also our clients have total control over their private clouds. This is the beginning of cloud commoditization.
A topic she didn’t cover is the most critical component of any system; data protection. Data protection has two parts, disaster recovery and security. From reading Lauren’s article it is assumed disaster recovery is no longer needed as the cloud is magic and is so reliable that disaster recovery planning obsolete. God willing no company is this naive. The second part, security, is admittedly a challenge for both in-house and cloud based services. Sony has had problems with outages and data theft from hackers and they are not alone. Others such as the federal government, MasterCard, and most other large companies have also recently suffered security breaches. When moving from onsite to the cloud your data may be exposed to two additional sources of data insecurity, the employees who work for the cloud company and loss of controls and monitoring. Google recently fired an employee who was accessing a user’s gmail account.
Google Inc. fired a software engineer for snooping on its users’ private information, the Internet search giant confirmed Wednesday.
The 27-year-old employee, David Barksdale, allegedly accessed information about four teenagers he met through a Seattle technology group, according to gossip website Gawker, which reported the incident Tuesday.
Barksdale, a self-described hacker whose job was to maintain and troubleshoot Google sites, had access to users’ personal accounts and information, Gawker reported. His interaction with the teenagers was not sexual in nature, the gossip site said.
In another case a, “Disgruntled IT guy slips porn into CEO’s PowerPoint.” The end results of these examples are minuscule compared to what could actually happen during a major security breach. This exposes a growing problem that has yet to really be addressed. How can a company improve the security of its data while adding additional sources of potential security breach?
“…what it really comes down to is control. Users feel more secure when they are in control of the system.” Lauren Carlson, The Downtime Dilemma: Reliability in the Cloud
Lauren mentioned, even downplayed, control and in doing so missed the practical application controlling of your data. The need for control is more than a feeling there are valid reasons for it. How about control over new policies? Control allows an organization to immediately implement a new data security policy without considering the cloud company. Let’s take control over downtime as another example. There is scheduled and unscheduled downtime but if a CEO knows that in 5 minutes email (Microsoft Exchange) will be back online, that is preferred over telling the CEO “whenever X cloud company fixes it.” Also if you’ve worked in a large organization knowing how long you need to do paper work before the computer systems are back up extends to all departments and has an effect on productivity. The other option is waiting and staring at a computer for the cloud service to come back online (I’m sure there are additional options but this is the one a majority of employees prefer). That may seem like a lame reason but the type A personalities that run some companies would disagree, they want control, even over a downtime. How about more reasons for control, such as when a company signs up for cloud services, how easy will it be for them to move to other clouds? Or to a private cloud? What level of control do they have over their data? What if the cloud company goes under? What’s the audit risk concerning government regulation (depending on the laws onsite servers may meet the security criteria better)? Another example is cost; at some point there will be a lower cost solution elsewhere so does your business have enough control over its data to utilize it? Having control over technology is born from a desire to control corporate operations without vendor interference. Control goes hand-in-hand with data protection, cost control, productivity, communication, coordination and the flexibility needed to instantly change with the dynamic global economy. Lauren mentioned control and linked it one of the final reasons to maintain onsite servers and I’m extending the need for control beyond that to include data in the cloud. The point is this; belittling control is a mistake as this is how corporations function. Data control is vital for a businesses’ success. On the other hand being a control freak without a clear purpose can cause business leaders to miss opportunities such as the ones provided by the cloud.
The risks I mention are not to steer away from the cloud or towards it but to admit the cloud is a young technology and expect to see a mix of technology going forward. Businesses are risk adverse, especially large ones, and they will pay for reliability over cool new technologies. This isn’t a one size fits all recommendation and there are valid reasons for going cloud and valid reasons for waiting.
Lauren’s points are spot on if you are a very small business or a single user. Larger businesses have different considerations and risks which are world’s apart from the single user world. Although we are starting to see a slow move to the cloud, risk aversion and applications will keep local processing and storage popular for the near term. Other challenges are presented in more detail on my technology blog article titled “7 Considerations Before Adopting ‘The Cloud’.” In the end the cloud will be adopted by all businesses in various degrees and as it matures it will exist alongside other technologies.
Special thanks to Lauren Carlson for inviting me to comment on her article and for her passion of technology.
Update: OnLive and Juniper team up on cloud-based services for enterprise. This could be a game changer. It is why businesses usually don’t rush on new tech and prefer proven technology. It will be interesting to see if this gains traction and how the cloud matures over the next 3 years and what it becomes.
