/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsIT vendor lock-in can be said to be, as old as the IT industry itself. Take for instance ERP solutions, laptops, desktops, etc, vendor lock-in exists even in these cases but has received acceptance. But cloud computing has assumed greater importance owing to it being a new solution and has received all the attention in relation to vendor lock-in, as it has been witnessing an acceptance drive since the last decade, enabling adoption of a single solution on a common protocol regardless of the vendor.
/dq/media/post_attachments/636604e4327f153ed21cf7b898a407a6337139e73010ac32e423e1c53705a474.jpg)
A Difficult Decision
Most of the times the lock-in scenario is not driven by greed or strategy, but is necessitated by the technology architecture of the chosen solution/vendor. Being tied to one vendor for specific products and services is sometimes unavoidable in the enterprise. This is also true when it comes to the cloud, particularly cloud storage. "Avoiding vendor lock-in can be difficult for 2 reasons. Firstly, cloud infrastructure as a service in general is not as open as it should be. This will require independent standards for data mobility. Secondly, enterprise storage is already very proprietary. Even though cloud vendors talk about open standards and interoperability, their actions and implementation strategy may not confirm what they talk about," shares Shree Parthasarathy, senior director, enterprise risk services, Deloitte in India.
"The vendor and company both need to know the possible pros and cons of unlocking one's business from the current vendor. This refers to 'sacrifices'-in terms of time, money, and effort-not mentioning the risks of losing and compromising the security of sensitive data during the process," says Anna Gong, vice president, solution sales, virtualization, service automation, and cloud, CA Technologies Asia Pacific.
Shreekanth Joshi, associate vice president, head, SaaS and cloud practice, Persistent Systems feels, "Vendor lock-in scenario is an avoidable case and was in existence approximately 1.5 years back. In the past, not all the languages were supported and interoperability was missing which is currently also not fully diminished from the scene. Today, there also exists a broker who selects the best cloud service provider for a company. Owing to the presence of the broker, it's ensured that the company gets the best of services that fits its bill."
/dq/media/post_attachments/0b79e96dab69df552d46f2742298de442edc681bb9ebbd56a535673750973266.jpg)
Mehmood Mansoori, head, information technology, HDFC ERGO General Insurance Co says, "Largely enterprises are locked-in with the platform they are on. It is never so easy to migrate from one application/platform to another. I have seen vendors playing hardball on product AMC once the initial phase of a contract period is over. You end up in a fierce negotiation and compromise on a number. On the other hand, there are vendors who clearly spell out y-o-y increase often linked with inflation index."
Combating the Scenario
A world with vendor lock-in is like a world with no locks and keys, one needs to deal with this scenario based on the cost benefit for the chosen technology, ease of migration, deployment of solutions, and finally the skill sets available in-house or with the company's vendors on the technology platform to be chosen. Cloud adoption/migration strategy for IT managers is crucial to deal with such issues. Companies need to perform rigorously before jumping into the cloud craze. They need to identify and be aware of all possible pros and cons of taking their business to the cloud. The new cloud solutions are probably beneficial to the business, but IT managers need to be sure that they know the risks of switching from your current cloud vendor to a new one.
From the customers' perspective, the customer needs to work on 2 fronts: Readying the organization for the transition in terms of organizational maturity and technology preparedness, and following the basic principles of risk management and governance before taking the plunge is essential. On the other hand, the vendors need to come out with strong messages that address the interoperability and portability aspects. Vendors need to actively support the adoption of standards through an industry-level collaboration. Customers expect stability, interoperability, and flexibility with respect to the ability to move on to a new technology and vendor without any significant negative impact. The extent to which the definition and adoption of the standards is achieved will be watched closely by the customers. Service management for cloud should address data portability that includes bulk data transfers and transformation, as well as the portability of VM and application systems.
"There is no quick-fix solution to this problem. As true portability across vendors is almost impossible to achieve, what can bring little relief to users is all the systems evolving towards common standards which will offer easier and less painful migrations. The most important lesson to be kept in mind during the whole exercise is the age-old adage 'Prevention is better than cure'. One has to thoroughly study all aspects of the system to be cloud-sourced and compare it item-by-item to match with the vendor's capabilities. Extreme caution is to be exercised to ensure that some so-called 'insignificant' aspect does not choke the whole system. Being transparent and honest about expectations, making selected vendor a partner in the process and taking lessons of a thorough POC seriously can help improve the situations," feels Shreesh Patwardhan, vice president, IT, Dynamic Logistics.
/dq/media/post_attachments/d1b0810a219c9dd75271e22c601d3e089e63d531b6a81e4ade167479897e93b6.jpg)
"Cloud federations and standardization on fewer platforms across service providers is going to make it much easier for enterprises to move across service providers. Companies like VMware are actively trying to build such an ecosystem wherein an easy movement is possible from technology perspective across providers," says Nitin Mishra, VP, product management and solution engineering, Netmagic Solutions. Muralidharan R, chief operating officer, Dhanlaxmi Bank feels, "Vendor lock-in helps in planning the company's utilization and how well you manage the scenario throws the door open to advantages. We being a small bank it proved more useful to utilize the services of a service provider rather than buying the same. Cloud has helped us exploit new services to our advantage, but it's marred by lapses in relation to security. Hence banks prefer to keep the important functions like core banking with it. Solving a lock-in is totally dependent on the company's relationship with the vendor, for example, in relation to cost the scenario can be renegotiated."
Preventive Mode
Today, many organizations have already committed themselves to a basket of technologies. Knowing the way forward with respect to these technologies is the key. Many of these vendors offer a cloud variant of the 'non-cloud' system. It's simpler to leverage such existing relationships when on the cloud journey. This could provide an extent of flexibility of moving back in case the cloud system fails.
Cloud standards are not just those that pertain directly to new cloud offerings but also those that are used in the cloud environment. These are not directly cloud standards but standards for protocols or services that are also used widely in the cloud environment. These could include XML, SOAP, SAML, etc.
/dq/media/post_attachments/18a24569cd5995e3ed1854c83d2bf902d34688896c8dd512f2689bee055859e8.jpg)
It's important for the CIO to look for compliance to these underlying, yet universal standards. VM-related standards to facilitate VM portability are at a higher level of maturity as compared to data standards. Data is much more complex and standards are less evolved. Data portability and interoperability standards need to relate at how the vendors permit the customers to exercise control over the data. Currently, the stage can be termed as a nascent one when it comes to advanced standards related to data movement from one cloud provider to another. Data sanitization and in a sense 'right to be forgotten' once the migration is complete is another area that requires a deeper look when it comes to standards. For CIOs evaluating and selecting vendors that provide richer middleware, support to a wider range of technologies, advanced data management is important. These parameters not only affect the service levels but also the switching costs for supporting interoperability and portability.
"Globally, all product vendors follow some form of lock-in, and 12 months is acceptable industry-wide. We haven't faced any concerns from the CIOs on the lock-in aspect. CIOs are more concerned about the SLAs and ensuring their requirements are suitable covered as part of the overall offerings," feels R Sukumar, VP, Ramco OnDemand ERP.
From the customer's perspective, a due diligence and cloud adoption/migration strategy mentioned earlier will help deal with such scenarios. Whereas from the vendor's perspective, it's important to be transparent to the customer and allow adequate clauses in relation to migration while entering into a contract with a customer.
"Even though a lock-in situation may seem great for a vendor, in truth, having an open and simple system is going to be the deal-maker for the vendor. To a CIO, a vendor with genuinely good product or service may become less attractive than a competitor with a comparable product or service which is open. Thus a vendor needs to work within standards and provide a seamless basic data and process portability. The differentiators and goodies should be made as add-ins and should be attractive enough from customer-retention point of view. From companies point of view, it's necessary to study all the available systems and make the right choice, ensure that regular backups and updates happen, and test reverse migration situation thoroughly so that in the worst case the system can be brought back. Also, it's imperative for organizations to not lose the capacity to manage the cloud-sourced system in-house, at least for some reasonable amount of time," shares Patwardhan.
Adoption Hurdles?
The unstable economy has forced many enterprises, small and medium businesses (SMBs), to reduce their IT costs. Because of this economic state, moving part or all of their businesses to cloud computing is inevitable and sometimes unavoidable. Under the enormous pressure to reduce the costs, CIOs and CTOs have to make tough decisions about vendor lock-in. Cloud computing platforms offer compelling cost benefits, but lack standards and data security concerns are not addressed appropriately. The risk of vendor lock-in provides significant challenges for deploying production systems in cloud based environments. Unless a company has an exit strategy that includes the cost of migration or moving to another service provider or moving back on premise, migration or moving applications and services can be quite costly and risky. At the same time, new Independent Software Vendors (ISV) are building smart solutions as services that can be provisioned on cloud platforms, which can be viewed as more flexible, less risky, and cost friendly.
/dq/media/post_attachments/1d37120cb6e8aeb1d53744f675cb27cccb933b5a3f18a5e02cb3e0b287a8323c.jpg)
"Vendor lock-in scenario does not affect the adoption of cloud computing services in SaaS, but in PaaS and IaaS it needs to be considered, especially if you are migrating to a new computing environment," feels LS Subramanian, founder director, cloud security alliance, Mumbai Chapter. "Vendor lock-in has not affected the adoption of cloud computing services. Today, CIOs understand that any new software investment comes with a minimum time commitment. It's important that customers study the vendors' commitment to cloud and R&D efforts are invested in that direction. This will ensure that customers feel confident when entering into an engagement with a cloud provider on a long-term basis," says Sukumar.
While there are others like Vivekanand Venugopal, vice president, general manager, Hitachi Data Systems India who differ from this stand, "Adoption of cloud is definitely impacted by various vendor lock-in scenarios. This happens when a company selects vendors who offer many products and services under the cloud computing offering. The focus should not be on cloud products or cloud services, but rather on getting the data center cloud enabled. Cloud is not a product, but instead a means to deliver IT services on a cost-per-use basis. Through cloud computing, organizations can simplify infrastructure while improving resilience and lowering capex and opex. Cloud delivers value to the enterprise because it facilitates the distribution of IT resources in a cost-effective and agile manner."
Gone with the Wind?
Healthy competition creates a market favoring the client thereby encouraging innovation and low cost. Depending on the function and classification of the service or the product the consumer decides the cost of the product. Vendor lock-in as per the past is seen to be increasing in nature thereby locking consumers and their budget. Inversely a trend of quality versus cost compromise has been seen in price-sensitive markets. Hence the entire current scenario seems to be vendor-centric as there seems to be no regularization on prices when it comes to IT solutions/services or products.
In past, almost every system or service was designed to be as different from competitors as possible. Just because the awareness among top management and decision-makers about the system was very rudimentary, this scenario could thrive. But in today's networked, search engine driven world knowledge is freely available to all and targeted questions are being answered in a jiffy. This demystifying of technology has made more and more people aware about alternatives and their right to choose them. As a result, people are switching their minds too often and ending up in a mess.
/dq/media/post_attachments/e3c6a4197fa0eb73dcf15639357d2fb6411487320e49321acd00145c37c42820.jpg)
"Vendor lock-in as a challenge has created such an emphatic presence that it has even gained more importance than security issues. In order to prevent cases in relation to lock-in, the industry is required to have an open platform. But on a strong note, I would like to mention that companies have the tendency to purchase many solutions from a single vendor owing to reasons like discounts offered. When companies bite the bait on such important topics on the basis of discounts offered, they unknowingly have walked into a trap called, 'voluntary vendor lock-in'. Many companies using cloud computing are in for a rude wake-up shock," informs Sharat Airani, chief, IT (systems and security), Forbes Marshall.
"Vendor lock-in is not a truth of the past as it still exists and today, although morphed by vendor alliances showcased as 'tightly integrated', which are in reality, loosely coupled marketing arrangements that prevent customers from bringing in the 'best of breed' technologies to transform their data centers'," says Venugopal.
/dq/media/post_attachments/e5be6b2995f75ec4c0387a2453de4948df30d511e18518b94edf075f1bb95a96.jpg)
"It's not a thing of the past. How much one succumbs to it however is determined by how well one plans for it, which in itself defines the control of the organization. Though standards are the key, the needs to determine the extent to which it could be affected. This is the key to successful decision-making. As the cloud gains wider acceptance, I foresee regulatory and legal requirements providing the stimulus for definition of standards. Vendors would be forced to participate in industry-wide standards, particularly those related to data and therefore data portability and interoperability," shares Sandeep Godbole, CISA, CISM, CISSP, and member of ISACA India Task Force.
"Irrespective of open standards, vendor lock-in is something which we will need to accept as part of the technology scenario even if it is cloud computing. Vendor lock-in is not a show-stopper for technology adoption in the cloud, rather vendors who allow tools for migration to other vendors without lock-in will have more users rather than those who offer no solutions or work around for lock-ins in their eco-system," feels Subramanian.
Mansoori feels, "There are a lot of talks about open standard based cloud platform. I think the standards are evolving, it will take a while and at the end may not be effective too, to solve any of the vendor lock-in issues. Cloud adoption has to go little beyond this and thought from the overall need basis. Move to cloud has to be a thoughtful move rather than just riding the bandwagon because of the buzz it has created."
On a final note, Patwardhan adds, "The whole issue of vendor lock-in is giving an interesting spin-off, a whole new breed of service providers who act as buffers between the actual vendors and customers, making technologies transparent to customers and providing solutions instead of services."