By Nandita Mathur, Chief Strategy Officer and Head of Engineering, Q3 Technologies
Almost everyone has moved to public cloud providers because of many of the reasons well documented, like sunken costs of your own datacenter paying for the servers in the data center, lack of highly skilled manpower to keep those environments up and all the other value added services and goodies that the modern cloud service provider promises.
However, this mass move to Cloud based Computing and storage is creating new issues. Let’s examine this from various standpoints:
Problems with Compliance and Cloud
The new currency – data and its exploitation is taking central attention in many countries across the world. Fakes and election manipulation news are hogging the limelight, and are opening the world up to a new series of potential threats where results of the data can be misused. Facebook is under fire on both sides of the Atlantic following revelations that British data analysis firm Cambridge Analytica exploited the personal data of 50 million users of the social network.
Particularly vulnerable are the healthcare, financial and online retail sectors. In United States, the Health Insurance Portability and Accountability Act (HIPAA) requires a contingency plan that includes, data backups, data recovery, and data access during emergencies. In the United Kingdom, the Civil Contingencies Act sets forth guidance for a business contingency plan that includes policies for data storage. On May 25, the General Data Protection Regulation will come into effect in the EU, strengthening the protection of EU citizens’ personal details. It will apply to all companies, including those outside of the EU.
These are precursors to a new set of legislations almost certain in every sector which very well may cause computing and data to be moved in house and precluding the move to the cloud.
Because cloud computing is relatively new, standards are still being developed, platforms and services are proprietary, and built on the specific standards, tools and protocols developed by a particular vendor for its particular cloud offering. This can make migrating off a proprietary cloud platform prohibitively complicated and expensive.
But moving to a cloud provider exposes organizations to well-known old risk – vendor lock-in. While it’s easier to manage your environment if all or most of it comes from one large supplier, but it also puts you in a weaker negotiating position and limits the technologies available to you. Moving to a single cloud provider could make the enterprise more vulnerable to vendor lock-in.
Three types of vendor lock-in can occur with cloud computing:
Platform lock-in: Cloud services tend to be built on one of several possible virtualization platforms, for example VMWare or Xen. Migrating from a cloud provider using one platform to a cloud provider using a different platform could be very complicated.
Data lock-in: Since the cloud is still new, standards of ownership, i.e. who actually owns the data once it lives on a cloud platform, are not yet developed, which could make it complicated if cloud computing users ever decide to move data off of a cloud vendor’s platform.
Tools lock-in: if tools built to manage a cloud environment are not compatible with different kinds of both virtual and physical infrastructure, those tools will only be able to manage data or apps that live in the vendor’s particular cloud environment.
Monopoly and privatization of cyberspace
On a wider scale and as a corollary to the points above Cloud access mediated through a handful of companies ensures a progressive privatization of global cyberspace.
The threat of quasi-monopolies dictating prices and filtering the software they provide is real, and progress of these platforms will be dictated by their commercial and ideological interests.
The case for Heterogeneous?
A heterogeneous cloud is considered one that includes on-premises private clouds, public clouds and software-as-a-service clouds. Multi-clouds environment can work with environments that are not virtualized, such as traditional data centers. Heterogeneous clouds also allow for the use of piece parts such as hypervisors, servers, and storage, from multiple vendors.
This can take various forms on the application level, depending on an organization’s needs and goals. A company may decide to host email and other commodity services in the cloud, while keeping more critical services like telecom on an internal cloud or data center. A heterogeneous infrastructure offers the flexibility and scalability of the cloud, data centers for localized specifications & on-premises tools for mission-critical applications. This creates room for innovation on these apps in a homogenous directly controlled environment.
The cloud part allows enterprises to scale up and deploy new services at a faster pace, without making massive capital expenditures to build out new infrastructure.
Even if Only Cloud, One Provider or Several?
What about using two public cloud providers or even more? A single provider makes sense for infrastructure-as-a-service, multiple providers for platform-as-a-service and software-as-a-service, depending upon which one is the best-fit.
Key arguments in favor are: Using multiple vendors enables the enterprise to take advantage of best-of-breed applications, better disaster recovery, less vendor lock-in, easier migration for some data and applications, better for localized regulations and performance and competitive pricing.
Finally, although cloud computing provides much flexibility and choice, it’s important to remember that the infrastructure is owned by someone else and so organizations are limited to the services they pay for and the solutions a service provider is willing to provide.
It’s important to understand the risks and disadvantages, a heterogeneous or multi cloud environment may well be the solution to your needs.