The Cloud Paranoia
Lately the (Public) Cloud Paranoia has grown due to for example the leaks of PRISM. I will not explain PRISM here as I assume you already have the knowledge or you can find it out elsewhere. In short; the government is listening and everyone acts surprised. My short take on this is that I’d rather give my data to the government than to a company but hey, that just might be my naive European mind playing tricks, right?
What is interesting though, is that if you are open to look at the actual facts/numbers of PRISM, you won’t find many. The lack of openness here is disturbing. It’s even so that the companies involved are begging the government. Here you can read an open letter from Microsoft to the Department of Justice. Later last week another letter, this time from over 20 of the companies involved followed. The smallest idea you get on the size of it is this official Microsoft blogpost. And you know what: everything in this post if fine by me!
Another type of Cloud Paranoia is not about protection of your information but protection of your data as such. Am I able to access my data at all times in a timely manner. One point here is read your SLA and know what you buy but another one is are they going to live up to that SLA? What if your SLA is perfectly fine but they still screw up? It’s still technology plus people and both have proven to fail at some point in time. This for me is a valid reason of being suspicious about the public/shared cloud. Always remember: no matter what contract you sign, how expensive that was and how big the SLA is, YOU are responsible for your information!
IT is not my business!
Hanging around with smart people in the industry makes your own ideas grow. One of the things I have learned is questioning yourself whether or not something is part of your core business or not. And this is not about IT only. I’ll give you the most perfect example: if you are not a construction company then don’t build your own headquarters. This is something most of the companies in SMB have already learned and they hire consultants like you and me for their It integrations. But once everything is installed they will ‘manage’ their infrastructure with their own team. Must be cheaper, right? Yes but do you also keep a plumber, electrician and wood worker in your staff once the construction company has left? NO!
Another thing that I have issues with is the buying cycle. Historically we have been buying infrastructure in as long as possible cycles. For IT infrastructure that usually is at least 3 years but mostly 5 and I have encountered more than one example of 7 years while my pre-sales activities were focussed on public sector. And to be honest; if I look back at most of the architectures we designed 3 years ago, they are mostly outdated today. The hardware is not old but has been evolved in far more efficient platforms. Some of the management platforms we installed then are no longer cutting edge. How many of you architects haven’t thought “wish I could redo that choice we made“? Or how many times have we cut the cost somewhere in the project that today seems the wrong cut? You decided to take a 20Kw AC system because you would never outgrow your current 12Kw with more than 50%. Or even worse, buying only one 20Kw AC instead of two! I can promise you that a lot of us at these type of customers have at least 1 failed AC war story. You don’t want to hear mine.
Flip the Cloud paradigm
What would I do if I were CIO of a non-technical company? I covered some issues to tackle when it comes to cloud:
- I’d like to care about security but not all my data/information is that sensitive
- I am responsible for my information, whether or not my service providers screw up
- I don’t want to do what is not my core business
- Due to my buying cycle my own datacenter is probably not very efficient
What we notice here is that all of my reasons get me to move to the cloud except for being responsible for my own data. So why not focussing the problem there? So instead of using the cloud for DR-purposes why not using my own infrastructure for DR? I could even use another public/shared cloud provider as first DR location and use my own as last resort when everything goes down. Look at all the benefits:
- I still own my data when sh*t hits the fence
- My buying cycle shifts almost completely from CAPEX to OPEX
- My own infrastructure including power, cooling & hardware maintenance is minimal
- If my own infrastructure is minimal maybe even my staffing could be minimal (this cost will shift to well trained service providers)
- Public/shared cloud providers have a core business is making their infrastructure as efficient as possible (read more in my blog on Switch SuperNap). If your provider adds new services that didn’t exist last year you’ll be the first to benefit from that.
- you probably will have a better relationship with some consultants when you need help/advice
Ooh, and one last thing: when you shift your process from the cloud back to you instead of from you to the cloud you are in a download process rather than upload. It’s not that big difference but probably one you like from a cost perspective.
Anyone that shares this idea? Would you flip if you could?