Cloud Warnings

Beware the Cloud-ists!


Let's start by saying that I like cloud and have done since well before it was called cloud. Clouds have featured in pretty much every solution I’ve designed in the last decade. These days, however, we have the processing power, capacity and bandwidth to enable smart, utility delivery of the commodity aspects of computing which is, in fact, very cool.

This utility delivery of computing resources – again, also known as cloud – is in many ways the stuff of which dreams are have the potential to be made… reduced risk, reduced cost and reduced barriers across what has become a much-simplified business to consumer to business loop.

Ultimately cloud enables a new layer of commerce by delivering increased service levels at overall (over time) reduced costs for computing and communications. Cloud also takes a more than half-decent step towards closing the "digital divide" by increasing availability and minimising or eliminating other barriers to entry.

All of which is of course a good thing, few would disagree. And all of which means that everybody: Businesses, Governments, Consumers, should drop everything and embrace the cloud as quickly as possible!

That last bit was sarcasm, by the way, and brings me to my point: beware the Cloud-ists for whom the answer to any question of technology is cloud. Cloud now, at all costs, to replace everything else.  It seems that, for some, cloud is so important that truth and reality and risk analysis no longer are!

Awareness is Good, Hype is Bad

Cloud Computing has struck a chord and captured the imagination of the public, business and Government in a way that other attempts at delivering utility model computing, ranging from On Demand to first generation SaaS and other such incarnations never did.

Everywhere you look are analysts blogging and tweeting about it: an unbelievable myriad of real-world experts (some of whom know about that of which they speak, others clearly who do not!) and shed loads of books with Cloud in the title have already been published with hundreds more to come.

And this is good, but it is also bad.  An interest in and an understanding of technology is good all round and enough hype and excitement will encourage a few more students to lean in this direction. New business (those that have primarily online presences) can start and scale for tiny investments. As mentioned, barriers are being reduced and eliminated.

The Cloud-ists maintain that private clouds have been a path for vendors to sell more hardware and software but the operational realities of how, physically and why, from a business requirements point of view, that the private cloud is actually delivered need consideration. Sometimes it needs to be separate hardware and sometimes logical separation is sufficient: the differences are subtle but significant. The solution will be based on insights derived from and the commercial realities that are calculated on the actual requirement: does it save money; does it make money; does it solve a problem; does it prevent a problem.

A similar and related misunderstanding that consistently confuses the business / technical relationship (creating more CIO v CTO arguments than could be imagined) is that of virtualisation. From the business view: it is a single blade running multiple instances of a machine so we should pay for a single computer.

The operational and technical reality is that yes, it is a single blade running multiple instances of a machine but each of those virtual machines requires software licenses, needs to be monitored and managed as though it were a separate machine. It may cost less physically but not from a process perspective or other resources involved, including not-inexpensive people.

Safe and Secure… or Not

The answer is again yes, both, but then again, maybe not… unlike the unequivocally positive (and in my opinion mis-informed view of  Neelie Kroes, European Commissioner for Digital Agenda) who claims, without qualification, that the cloud “is safe, is secure… like a locker that only you have the key and can put anything you want… and that it will always be there!” It can be safe, if safe is part of what you are paying for or if generally you are lucky. But equipment fails and if you are not paying specifically for a disaster recovery capability you can be pretty certain that you won't be getting a disaster recovery capability. And who is to say that you won’t run across Dirty Disk syndrome (where you can recover data from the sessions of the previous user or, worse yet, they can recover yours?) or other possible issues: we do know that the people who try to hack into systems seem rather clever…

As covered in this CIO Journal discussion, compared with real world, industrial strength managed service hosting solutions, cloud providers don’t negotiate service levels with you: you fill out a form; they don’t provide service managers with 24 hour service desk contact… more often than not the help desk is a web-form or maybe live-chat during core business hours (if you don’t mind waiting until their one-man support department is available).

That this star of the European Union goes on to say that “We are not pleading for a European Cloud, that would be old fashioned" is amazingly misguided, at best. Truth is, from someone who seems otherwise, well, okay, this is poor form.

And why would she bother? Forgetting the fact that government involvement in cloud computing is not a State issue – or at least not beyond data protection and other State-level policies or regulations – how is it that the 'vapour' of a new idea is suddenly so cross-popularised that Government officials have  decided to usurp it for themselves.  (And if the Government needs to get involved every time there is a significant shift in tech, where then  is the Department for the App Store or the Bureau de iPhone?)

Thanks to AWS for Proving my Point

The best summary I can muster will be to thank Amazon for their recent outages (note the use of the plural) to show what can happen with commodity cloud offerings.

But I also say cheers regarding major issues on delivery of an ‘upgrade’ at Royal Bank of Scotland / NatWest (a major UK bank) which also clearly illustrates that problems are possible, whether with “discount services” or with what were, at least until now, considered Industrial-strength systems.

Oh… and beware the Cloud-ists!

4 thoughts on “Beware the Cloud-ists!”

  1. While looking to implement ERP systems for my employer I have come across many ‘experts’ who will try to sell cloud resources without thinking of the data that will be stored ‘in the cloud’. They cannot say where the data will be stored either. EU Law stated that no personal data is not allowed to be stored beyond the EU borders without the consent of the individual. The data is not allowed to be processed or stored any longer than required by the employer. Can Cloud operators say where the data is? How do they ensure redundant personal information is permanently removed for both disk storage and back up devices? I’m sure the cloud providers are willing to praise their back up availability but how is personal data removed from the storage medium permanently so that it cannot be restored once the employee has left the company?

Leave a Reply