Is Cloud Lock-In A Bigger Issue Than Security?

Cloud lock-in a bigger issue than security

Before LabSlice I was employed as a Security Architect for a major bank. Banks, government departments and  health providers are naturally suspicious of technology solutions that they do not fully control. This is why cloud security is frequently listed as a concern for big industry, typically followed by operational uptime concerns. What you can’t control with your big budget is usually what you fear will backfire and cause you trouble.
But that’s not my stance. In general there is little that differentiates normal security concerns from cloud security concerns, and the big players (Amazon, Google and Microsoft) can usually deliver better security controls than most companies can achieve themselves. With certifications such as ISO 27001, annual SAS70 audits and the attainment of PCI-DSS, cloud vendors are showing themselves to have stronger datacentre controls than most companies, or at least SMBs. And true cloud computing (IaaS and PaaS) only provides you the infrastructure, not the application. It’s up to you to develop bullet-proof security for your application, by adding appropriate access control, data encryption and frequently monitoring the activities of your application.

So if the cloud is so secure, why do I have a nagging feeling about Amazon, Google and Microsoft being the biggest cloud providers around?   My bet is that cloud security concerns will eventually die out, as the next generation of IT professionals start to realize that they have been playing right inside the wolf’s den. Cloud lock-in is the problem of the future.

How you will be locked in to your cloud:

1.     Whilst there are some efforts to build cloud agnostic consoles and APIs, these efforts will ultimately bear little fruit. Ever-so-slight differences between cloud providers will make it difficult to extract yourself from one cloud and move to the next. One of the top cloud vendors is already well-known in the industry for locking people into their solutions, and there should be no difference in how they play out their business model in the cloud.

2.     Cloud vendors are not your standard host providers (eg. GoDaddy). Rather, the large cloud providers are already well-established players in multiple industries. Consider that players like Google are providing you a very easy platform on which to build the next social application, whilst at the same time they are trying very hard to enter this market themselves. In many ways I see cloud providers owning a platform that helps them deliver services they want to own in the future, and it’s no surprise that the 3 major players are strongly targeting startups. I don’t see a company like Google allowing the next Facebook or Twitter to easily migrate their platforms away. The bigger you get, the more hurdles you will find when you talk to your cloud vendor about migrating away.

3.     When you use a cloud vendor today you are not just buying compute power. Rather, you are building on top of a compute stack selected by the vendor, from the operating system right through to the programming languages made available (even IaaS locks you in to certain stack decisions). Migrating from one application stack to another is never an easy task.

My bet… Within 5 years you will hear little about cloud security, but you will find a lot more companies stuck with vendors that they would prefer they didn’t select to use today.

By Simon Ellis

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comic
In The Fast Lane: Connected Car Hacking A Big Risk

In The Fast Lane: Connected Car Hacking A Big Risk

Connected Car Hacking Researchers and cybersecurity experts working hard to keep hackers out of the driver’s seat. Modern transportation has come a million miles, and most all of today’s vehicles are controlled entirely by digital technology. Millions of drivers are not aware that of the many devices in their digital arsenal, the most complex of…

Having Your Cybersecurity And Eating It Too

Having Your Cybersecurity And Eating It Too

The Catch 22 The very same year Marc Andreessen famously said that software was eating the world, the Chief Information Officer of the United States was announcing a major Cloud First goal. That was 2011. Five years later, as both the private and public sectors continue to adopt cloud-based software services, we’re interested in this…

Building a Data Security Strategy – More Important Than Ever

Building a Data Security Strategy – More Important Than Ever

Data Security Strategy Article sponsored by SAS Software and Big Data Forum Security and privacy have been an integral concern of the IT industry since its very inception, but as it expands through web-based, mobile, and cloud-based applications, access to data is magnified as are the threats of illicit penetration. As enterprises manage vast quantities…

Pitney Bowes Selects Aria Systems for Billing on the New Commerce Cloud

Pitney Bowes Selects Aria Systems for Billing on the New Commerce Cloud

Top-Ranked Cloud Billing Company Enables Greater Speed and Frictionless Billing for Unparalleled Customer Experience San Francisco, CA – August 23, 2016 – Aria Systems, which helps enterprises grow subscription and usage-based revenue, today announced that Pitney Bowes has selected Aria’s cloud-based monetization platform as the key billing and monetization component of their new Commerce Cloud…

The Golden Age of Wearable Technology

The Golden Age of Wearable Technology

The Golden Age One of the biggest fads in the technology sector right now is wearable tech. From Smartwatches that let you check your emails, chat with friends and search the web, to fitness accessories that monitor your heart rate and your sleep patterns, this is truly the Golden Age of wearable technology. But some…

Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies are retaining their existing, on-premise IT infrastructures while also embracing the latest cloud technologies. In fact, IDC predicts markets for such hybrid cloud environments will grow from the over $25 billion global market we saw…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…

Four Keys For Telecoms Competing In A Digital World

Four Keys For Telecoms Competing In A Digital World

Competing in a Digital World Telecoms, otherwise largely known as Communications Service Providers (CSPs), have traditionally made the lion’s share of their revenue from providing pipes and infrastructure. Now CSPs face increased competition, not so much from each other, but with digital service providers (DSPs) like Netflix, Google, Amazon, Facebook, and Apple, all of whom…

Cloud Infographic – The Future Of Big Data

Cloud Infographic – The Future Of Big Data

The Future Of Big Data Big Data is BIG business and will continue to be one of the more predominant areas of focus in the coming years from small startups to large scale corporations. We’ve already covered on CloudTweaks how Big Data can be utilized in a number of interesting ways from preventing world hunger to helping teams win…

Unusual Clandestine Cloud Data Centre Service Locations

Unusual Clandestine Cloud Data Centre Service Locations

Unusual Clandestine Cloud Data Centre Service Locations Everyone knows what the cloud is, but does everybody know where the cloud is? We try to answer that as we look at some of the most unusual data centre locations in the world. Under the Eyes of a Deity Deep beneath the famous Uspenski Cathedral in the…

Four Reasons Why CIOs Must Transform IT Into ITaaS To Survive

Four Reasons Why CIOs Must Transform IT Into ITaaS To Survive

CIOs Must Transform IT The emergence of the Cloud and its three delivery models of Infrastructure as a Service (IaaS), Software as a Service (SaaS) and Platform as a Service (PaaS) has dramatically impacted and forever changed the delivery of IT services. Cloud services have pierced the veil of IT by challenging traditional method’s dominance…

Report: Enterprise Cloud Computing Moves Into Mature Growth Phase

Report: Enterprise Cloud Computing Moves Into Mature Growth Phase

Verizon Cloud Report Enterprises using the cloud, even for mission-critical projects, is no longer new or unusual. It’s now firmly established as a reliable workhorse for an organization and one that can deliver great value and drive transformation. That’s according to a new report from Verizon entitled “State of the Market: Enterprise Cloud 2016.” which…

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology Profiling 600 companies and including 553 supporting tables and figures, recent reports into the M2M, IoT and Wearable Technology ecosystems forecast opportunities, challenges, strategies, and industry verticals for the sectors from 2015 to 2030. With many service providers looking for new ways to fit wearable technology with their M2M offerings…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…