Demystifying the Cloud – Part 3
Back in July, I wrote a 2 part series on Demystifying the Cloud. You can find Part 1 HERE and Part 2 HERE. In parts 1 and 2, I talked through the different kinds of clouds, pros and cons and considerations for evaluating the cloud. While I definitely posted some opinion, I intentionally didn’t present a lot of opinion or speculation there. I have had some people asking for my take on the cloud, if it is right for them and where I see things going. So, back by popular demand, this is Part 3 of Demystifying the Cloud, where I’ll walk through my thoughts on the cloud.
While there are a lot of places I’d like to go with this blog post, in the interest of keeping it readable, let’s talk about a few major topics that I see as relevant in relation to the cloud.
The first major consideration is one of functionality. In some ways, cloud solutions offer access to a more rapidly evolving platform that, sometimes, has a wider range of features and functions. If the use of this functionality is so valuable to your business that it offsets the potential to catastrophically lose your data (more on that in a minute), regardless of the other risks, a cloud solution very well may be a great solution for you.
Now, to address this idea of catastrophic loss as I can’t just throw that out there and walk away. In most cloud environments, you are entirely trusting the cloud provider to host your data AND back it up. In most environments, you cannot get your own backup of your data or, if you can, it is kludgy and difficult.
A foundational tenant of disaster recovery is to have disparate sets of data on disparate architectures. This is more than just placing copies of your data in different locations. It requires making sure that your data sits in different places where a threat to one copy of the data does not inherently threaten the other copy. Many cloud providers have geo-redundant datacenters but, for smooth operations, their datacenters are interconnected and managed from a single console. This has resulted in numerous incidents where a technician was working on something, made a mistake and that mistake resulted in the destruction of a client’s production data, redundant data and backups across all locations. When your data is stored in disparate architectures (This is how we have engineered our backup solution), a threat (think a hacker) to one location does not inherently cause a threat to the other location.
For me, the increased risk of catastrophic data loss is a deal killer in most situations as, usually, an innovative technical solution is great but, often, the loss of your data and the use of that function would be more expensive and catastrophic than not having the solution in the first place. If you read the contract that cloud providers put out, they will indicate that they will do what they can to protect your data but, at the end of the day, they offer no guarantees so you have little to no recourse if they lose or compromise their data.
Data Ownership and Portability
Somewhat in line with catastrophic loss is the idea of not being able to migrate your data or having your data be held hostage. Many cloud environments offer no way to migrate your data from their environment to another environment. While this doesn’t represent a catastrophic loss of your data, there are two issues it creates. The first is that, if you migrate to another solution, often, the only way to get your old data into your new solution is to perform manual entry. The second is that, in order to keep your old data accessible, you will usually have to continue to pay for your old solution. This gets pretty expensive pretty quick.
Much of the cloud promise revolves around lower costs. The reality is that, in most situations, when we do the math, to do cloud right, the total cost is higher for a cloud option than for an on-premise option. I could probably do a whole blog series just on the cost factors of on-premise vs cloud environments but just understand that, when you move your data to the cloud, your security gets more complex as, now, your data is in more locations. You may save some money on not having to run an on-premise location but you’ll need faster Internet connections, redundant Internet connections, increased security concerns and more.
Expectation of Privacy
One of the reasons that many of the bigger cloud environments, and many of the smaller ones too, are able to offer services so cheap is because they are monetizing you in other ways. On the free side, think of Facebook’s revelation that they were selling your data. Even recently, they opened the door to using your cell phone for multi-factor authentication but, then, it was discovered that they were selling your cell phone number to others so they could market you. Any time you are getting something for free or a lower cost (and sometimes even when you pay a normal price), you need to know that you are either being monetized in some other way or the provider does not have a durable business model.
With the advent of GDPR in the EU and other things, I think that this topic is going to get some more focus but I am doubtful that we will see anything as strict as GDPR come out so it is still likely that cloud providers will continue to monetize your information in ways outside of just the service fee they charge you.
Overall, I think there are some use cases for using cloud solutions but I also think that there are some very significant risks that need to be considered. As with most things, I believe that moderation is the key in that going entirely into or out of the cloud is rarely the best solution. Things such as websites are very well suited to be hosted in the cloud whereas business critical things, such as financials, are more well suited to be kept closer to home with more controls.
When we discuss the cloud with clients, we work to frame it as part of a much larger conversation that revolves around their business strategy, needs and opportunities. From there, we figure out what kind of technology can assist in accomplishing this and we evaluate the technology solutions against the business objectives. Whether we are having this conversation with you or you are doing your own, internal, evaluation, this methodology is sound. Figure out what your objectives and needs are first, then evaluate the options, including their pros and cons, against how they would help you achieve those objectives. It is my hope that this series has helped you be more informed about this whole concept and you are better equipped to look at the options available to you.
If you would like to talk about your business’ use of technology, whether it makes sense for you to go into the cloud or not, or anything else, please click HERE and reach out!