Inside the Briefcase
Top 5 Reasons To Go Slow with Cloud Computing
February 18, 2023 5 CommentsBy David A. Kelly and Heather Ashton, Upside Research
In recent columns, we’ve discussed the convenience of the cloud for such diverse enterprise computing areas as BPM and backup and recovery. We certainly foresee cloud computing becoming a big part of the future for enterprise (and personal) computing. It’s already becoming ubiquitous across many enterprise software categories. The benefits of cloud-based solutions abound, from faster deployment, to richer functionality, to leveling the playing field for the SMB market by extending enterprise functionality to them at a fraction of the cost. The flexibility of the cloud is also appealing to companies of all sizes, given today’s global economy.
However, there’s a flip side to the rush to cloud computing. More specifically, the question is, is cloud computing is where enterprise should be investing? Has the market exploded too quickly to properly assess the associated risks with the cloud? Certainly, headline-grabbing data breaches in recent months have caused many organizations to carefully reconsider how and what they are willing to put in the cloud. So perhaps it’s a good time to consider why later may be better for cloud computing. To get the ball rolling, here are our top 5 reasons why organizations may want to go slow with cloud computing:
- 1. Security Risks – This is perhaps the most visible and riskiest component of the cloud. From customer records being hacked to cloud providers denying responsibility, to major brands being damaged as a result, security is always an issue. There have been many recent breaches in security that involve the cloud and some household brands, thereby raising the red flag on how secure the cloud is today, and how much thought organizations have put into their policies and procedures related to securing cloud-based data or applications. These concerns need to be mitigated quickly before large enterprises lose faith in the cloud.
- 2. Hidden Costs – One of the major draws for cloud computing is that it promises a low-cost alternative to enterprise applications, especially for the SMB market. However, it is still buyer beware, even in the cloud. With the addition of user licenses, customizations, added functionality, what started as a cheap application can balloon into an expensive one without proper oversight. Other hidden costs include the cost to manage the application, which usually does have to involve IT once an application reaches enterprise-scale.
- 3. Service Levels / One Size May Not Fit All – Some enterprises have discovered that the level of service they expected has not held up, and without an airtight contract it is difficult to enforce. Because cloud-based apps can often be assigned to a departmental budget, it can become a real challenge when a cloud application grows across an enterprise, and there weren’t the necessary service agreements put in place from the beginning because IT wasn’t involved. It can be difficult to track back and remedy this when a cloud-based application proliferates throughout a company.
- 4. Lack of Competitive Advantage – Perhaps one of the “softer” reasons that the cloud may not be the panacea that vendors hope is that cloud computing levels the playing field in a world where IT strength has become Intellectual Property for many leading enterprises. No major brand wants to be homogenized, and if that is where cloud computing will take them, there will be significant reluctance to move to the new model, even with all that it promises.
- 5. Implementation is not always simple – As with enterprise applications deployed behind the firewall, applications in the cloud can contain the same level of complexity. Most enterprise customers want a cloud application customized to their business, and this can be more costly, time-intensive, and complex than initially thought. The cloud does not remove this aspect of applications development, nor the upgrade challenges that can be exacerbated by a cloud application. And, sometimes the cloud can cause more challenges for the company that decides the cloud is not for them and wants to move the application behind the firewall.
We have seen many good uses of the cloud for enterprise computing, but this article is an attempt to open a discussion about what still needs to happen for the cloud to live up to our expectations for helping improve the agility, flexibility, and globalism of enterprise applications. What is your experience with the cloud? We’re all ears.
This article presents “common sense” objections but they are not consistent with today’s technical and business realities.
Since 1999 we have provided cloud computing solutions for non-profits and businesses while maintaining security, meeting a wide variety of requirements, delivering value, and saving clients 18-30+% from the costs of owning, managing and operating their computing network. As a rule, we are able to provide cloud services for THREE YEARS for much less than the cost of acquiring a new network when doing an apples to apples comparison using the clients’ numbers. The 5 questions in this article are not the right ones to ask. The correct questions and considerations are missing.
Not only is Cloud Computing the way we all must go, and soon, but it encompasses business continuity and very rapid disaster recovery at a terrific value and ROI.
The “gotchyas” the author cites are true for those who select a Cloud Service Provider who is either unethical, incompetent, or unskilled. There is no reason that a fixed set of requirements should vary from a fixed cost for a period of at least three years.
I would also add that neither Security nor SLA are at all the correct questions to be concerned about when implementing the cloud. What the organization needs and wants to accomplish is where it all begins. After that is clear, risk mitigation planning begins. Rather than SLA, the real question to ask is, “What happens if I call you (the cloud provider) and you do not answer the phone?” What good is an SLA if your provider disappears?
No one generates their own electricity, purifies their own water, or produces their own natural gas any longer. Utilities have replaced those necessities. Cloud computing is the next utility. To be successful with Cloud Computing requires discipline, and, yes, the realization that a few applications will not work in the cloud today. There are cloud solutions even for those few exceptions.
Cloud Computing is only a method of applying today’s technology for today’s organizations. Those who drag their feet will suffer or be gone within 5 years.
I am glad to see this discussion and hope others will contribute.
Where does trend micro deep security come into play for cloud security. One of my clients have selected it after due diligence.
Please advise
Thank you
Ed — Thanks for the thoughts regarding the article. I understand your perspective on some of the points and would definitely grant that there are more than just these five points to consider when it comes to making a decision on cloud computing. I would also agree that cloud computing can definitely provide “a terrific value and ROI”, but I would add that it doesn’t do that automatically. Instead, organizations moving to cloud need to do more than just shift their applications to someone else’s servers. They need to revisit their IT strategy, from design through deployment, from monitoring through disaster recovery. There are plenty of savings in there, but there are also areas where businesses moving parts of their IT infrastructure to the cloud need to modify their approaches, develop new processes, and question basic assumptions to make sure they’re covered.
I would somewhat disagree with your comments that security and SLA are not issues that you need to be concerned about when implementing cloud. On the contrary, I think they are important issues that need to be investigated up front, quantified, and verified (in production). The challenge for many IT shops is that evaluating cloud capabilities, security, and SLAs are fairly different from evaluating them in-house. Not impossible, maybe not even that hard, but different.
In the end, I do agree with your long-term view: cloud computing will be here to stay. It will transform things fairly rapidly. But I think the inflection point is still a little ways down the road, although things are definitely accelerating now. That’s why it’s important for organizations to make sure they’re stepping back, and evaluating the decisions they’re making, not just jumping into the water.
Mark —
Thanks for the follow up question.
Trend Micro Deep Security is a comprehensive server security platform for virtual and cloud environments. Other products in the same category include Symantec Protection Suite Enterprise Edition and the combined McAfee MOVE Antivirus, McAfee Host Intrusion Prevention, and McAfee Site Advisor Enterprise.
Trend Micro Deep Security offers a series of tightly integrated modules that can provide server, application, and data security management across virtual and cloud servers, in addition to physical desktops. Trend Micro Deep Security offers both agent-based and agentless options for protection, and covers the range of security issues including intrusion detection and prevention, anti-malware, firewall, web application protection, log inspection, and integrity monitoring. The product was developed in close collaboration with VMware and was the first product in its category to support VMware vSphere 5.0 and VMware vShield Endpoint 2.0.
Reports from security experts who have installed Trend Micro Deep Security reinforce the message that deployment and installation is straightforward and simple in many ways. And, the new environment will yield scan times as much as half less than before. The caveat is that for environments that are very server-intensive, it can be a long process to migrate a significant number of servers to the platform. One particular user recommended using a product like Microsoft System Center Configuration Manager (SCCM) to package up and push out the installers as a group.
~David
[…] article) some of the issues that indicated that perhaps cloud computing isn’t a panacea (see 5 reasons why cloud computing is not a panacea, etc. etc.), it is clear that the market for cloud is moving forward at breakneck speed. Therefore, […]