Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

DZone Research: Cloud Concerns

DZone's Guide to

DZone Research: Cloud Concerns

The areas of concern these industry leaders highlighted were security, vendor lock-in, and the speed and complexity of change.

· Cloud Zone ·
Free Resource

Discover a centralized approach to monitor your virtual infrastructure, on-premise IT environment, and cloud infrastructure – all on a single platform.

To gather insights on the current and future state of the cloud, we talked to IT executives from 33 companies about their, and their clients’, use of the cloud. We asked, "Do you have any concerns regarding the cloud?" Here's what they told us:

Security

  • Security coding rests with solution providers, the cloud host, you are at their mercy. You definitely need to take precautions to find solutions that encrypt data at rest and you have the master key, not the provider. Be mindful of security.
  • I have two major areas of concern about the cloud: security and vendor lock-in. First, many consumers of the cloud do not understand they share responsibility for the security of the cloud with their provider. The cloud is not a fully-managed service; the cloud provider promises to build a secure cloud, but the customer is still responsible for configuring their infrastructure inside the cloud appropriately. Secondly, as cloud providers continue “moving up the stack” by creating higher-level services, such as solutions for IoT, data analytics, and hosted databases, customers risk being increasingly locked into their cloud provider, especially as more data gets stored there. Customers will need to carefully balance the relative convenience of choosing high-level managed cloud services versus the potential to be locked into that provider. 
  • Vulnerabilities, such a Spectre, and Meltdown, that affect the underlying infrastructure of the Cloud, in general, are always a concern.
  • Of the organizations that have adopted DevOps, DevSecOps or CI/CD, 93 percent have faced challenges integrating security into those practices, according to Firewalls and the Cloud, a survey of 600+ IT professionals responsible for cloud environments. A few points really stand out based on the information presented in this survey. We’re continuing to see questions and concerns around how organizations should be approaching security with their cloud deployments, especially from larger companies. There are a number of reasons for this, but for organizations that are used to operating under traditional data center architecture, moving to the cloud will require a new way of thinking when they approach security. Using security tools specifically designed for the public cloud can actually make a business more secure than they were when they operated purely on-premises.
  • I have huge concerns regarding the lack of privacy on the Office 365 and G Suite platforms. I have huge concerns every time I hear about another S3 storage bucket discovered with personal data publicly available to the world.  Costs are another big one. Many enterprises are moving into AWS and Azure and finding they’ve grossly underestimated their bills due to unforeseen costs, for things as simple as network traffic.
  • AWS server migration to move physical into the cloud. Visually impaired lift and shift lose sight what to do once it’s there. Back up and recovery from on-prem is not effective for the cloud. Security is the other issue. Be vigilant with the data.

Vendor Lock-in

  • Clients need to go into cloud strategies with eyes wide open to the fact that their cloud provider may become their competitor, or at least may not always be most favorable from a business perspective. Therefore, cloud diversification is a strategic necessity.
  • Inevitably we will rely more on cloud. Concerned with lack of choice. So dependent on top four, five or ten that will effectively own the operations of the whole world. Azure and AWS. Rackspace is strong for compliance and security.
  • Every cloud platform has its own services that provide various proprietary tools. The concern for a multi-cloud environment is lack of standardization. There have been several unsuccessful attempts to get a standard interface to cloud platforms. The current concern is the divergence of cloud platforms looks like the same trends that created the problem with legacy platforms in the past. It is relatively hard and expensive to move data off a cloud platform once the architecture is adopted unless portability is designed in from the beginning.
  • Each one is proprietary and you’re getting locked into something. There are only about two cloud platforms. AWS is overwhelming. Azure is catching up with legacy companies. We transitioned to Google for the cost. The interfaces are really different. Google gave us a bunch of credits. Companies are mostly on one cloud. In practice moving from one to another is a tremendous undertaking.
  •   One concern is the consolidation of usage with the top cloud providers. Increasingly, companies are locked into their ecosystems and that is concerning.

The Speed of Change/Complexity

  • Too much specialization and lack of knowledge of how everything works together. Need to understand the platform the thing is running on. How the environment is held together. 
  • It’s not a concern, exactly, but it’s a caveat. In software development, the old joke goes “time, money, features: you get to have two.” The same is true of the cloud. Recently, I think we’ve seen an astronomical growth of capabilities from cloud providers in a very short time. But the trade-off has been that many organizations are spending more than the budget for their old on-premises IT operation, which nobody would have believed when they started on their cloud journey. As organizations start to right-size their cloud spending, with hybrid cloud and multi-cloud strategies, they’re going to have to work hard to keep the agility that the cloud provides. 
  • Cloud is evolving quickly. The pace is stunning. Customers decisions are getting easier, but they still have to make a good choice of who to partner with. It still takes thought and investigation and work on what to focus on now. 
  • Our most pressing concern regarding the cloud is customers will begin to face the same cost and complexity challenges in the cloud they have just eliminated by moving beyond legacy on-premise infrastructure. As it becomes increasingly clear that enterprise infrastructure demands will not be met by one single public cloud provider, customers will need new tools to manage the entirety of their infrastructure – across public, private and edge clouds – that not only unify everything together, but also maintain policy and flexibility between clouds. Without these tools, data will become siloed across these platforms, resulting in higher infrastructure costs and IT teams that once again have to manage the complexity of multiple platforms instead of higher value projects. 
  • Really exciting time. The danger is there is a lot of technology so fast it’s easy to make a bet on the wrong horse. The database is a far more solid and lasting than the application. Data can persist for decades. So fast-moving you’re unable to support in a year or two. 
  • Uncertainty over which infrastructure components are dropping. Amount of options are growing exponentially. How do I know what to use when? How do I retool? How to I remain compliant and secure? This is not an end state. Perpetual evolution. How to stay aware and take advantage? 
  • It’s getting more complex for enterprises with all the new services. Now there are five or seven ways of doing something. This puts a cognitive load on customers to figure it out. Functionality and customization lead to confusion. Provide more in-product guidance. Three ways to do hybrid cloud on AWS: 1) direct connect, 2) direct connect gateway; 3) IP sec tunnels with different architectures. Constructs and limitations vary by cloud. You need to know the underlying foundations. We abstract this for customers. 
  • 1) The cloud has turned into a complex ERP implementation. Stacks don’t have to be as complex as suppliers are making it. Complex transformation projects fail. 2) Existing product landscape is cloud-washed. 3) Containers are out there. Stick close to the community. Don’t look for products that wrap up with proprietary APIs. Where K8 is lacking, be active in the community. Beware of vendors with large application stacks.

Other

  • The platform leaders in the market do not align with a common standard and are making it difficult to manage a multi-cloud environment.
  • When you look through the data perspective, the cloud has not solved the data silo problem. If anything, it has gotten bigger, and more rigid. Workaround this by having a data platform to overcome the issues.
  • No. Worry about decisions being made to stay on-prem. That is not the best use of the public’s money.
  • Financial and cost transparency is not great. It’s hard to get an accurate financial model and project future cost. It’s hard to predict budgets. You need a “cloud-ologist” to optimize spend in the cloud. Security in the cloud is an ever-growing bullseye of a target for hackers. Be vigilant keeping security policy up.
  • The impact of failures is larger, but not a concern, just something to be mindful of. Apps need to plan for failure and be resilient.
  • I have no serious concerns, but it is clear that the cloud is not the solution to every problem. Organizations need to look at their use cases, cost models and requirements and determine the best environment for their workloads. Clusters have sunk costs, and if they are running at 85 percent utilization, then it may not make sense to do a wholesale migration to the cloud. In this case, it may make more sense to do hybrid cloud bursting for peak usage or to gain access to specialized resources.
  • Not the environment itself. Prices will go down and service costs will go down. CapEx to OpEx in our industry. The customer doesn’t need to worry about maintenance. There’s a change in how you communicate on-prem versus cloud. Channel understanding its focus and shift to what it can do with it versus what you are running on. Not used to the intelligence we can do now. With the cloud, it’s beyond the imagination. The more data you give us the more customized solution we can give you. Replace access control with face analysis. Who has the most data that can be used?
  • Still not very consistent. The goal is to be truly multi-tenant. Isolation of customer data. Some providers are not really multi-tenant. Where are they hosting the data? Clarity and transparency are not there. How to optimally use resources.

Here’s who we talked to:

Learn how to auto-discover your containers and monitor their performance, capture Docker host and container metrics to allocate host resources, and provision containers.

Topics:
cloud ,cloud security ,vendor lock-in ,change management ,multi cloud

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}