Is Cloud Lock-In A Bigger Issue Than Security?

Cloud lock-in a bigger issue than security

Before LabSlice I was employed as a Security Architect for a major bank. Banks, government departments and  health providers are naturally suspicious of technology solutions that they do not fully control. This is why cloud security is frequently listed as a concern for big industry, typically followed by operational uptime concerns. What you can’t control with your big budget is usually what you fear will backfire and cause you trouble.
But that’s not my stance. In general there is little that differentiates normal security concerns from cloud security concerns, and the big players (Amazon, Google and Microsoft) can usually deliver better security controls than most companies can achieve themselves. With certifications such as ISO 27001, annual SAS70 audits and the attainment of PCI-DSS, cloud vendors are showing themselves to have stronger datacentre controls than most companies, or at least SMBs. And true cloud computing (IaaS and PaaS) only provides you the infrastructure, not the application. It’s up to you to develop bullet-proof security for your application, by adding appropriate access control, data encryption and frequently monitoring the activities of your application.

So if the cloud is so secure, why do I have a nagging feeling about Amazon, Google and Microsoft being the biggest cloud providers around?   My bet is that cloud security concerns will eventually die out, as the next generation of IT professionals start to realize that they have been playing right inside the wolf’s den. Cloud lock-in is the problem of the future.

How you will be locked in to your cloud:

1.     Whilst there are some efforts to build cloud agnostic consoles and APIs, these efforts will ultimately bear little fruit. Ever-so-slight differences between cloud providers will make it difficult to extract yourself from one cloud and move to the next. One of the top cloud vendors is already well-known in the industry for locking people into their solutions, and there should be no difference in how they play out their business model in the cloud.

2.     Cloud vendors are not your standard host providers (eg. GoDaddy). Rather, the large cloud providers are already well-established players in multiple industries. Consider that players like Google are providing you a very easy platform on which to build the next social application, whilst at the same time they are trying very hard to enter this market themselves. In many ways I see cloud providers owning a platform that helps them deliver services they want to own in the future, and it’s no surprise that the 3 major players are strongly targeting startups. I don’t see a company like Google allowing the next Facebook or Twitter to easily migrate their platforms away. The bigger you get, the more hurdles you will find when you talk to your cloud vendor about migrating away.

3.     When you use a cloud vendor today you are not just buying compute power. Rather, you are building on top of a compute stack selected by the vendor, from the operating system right through to the programming languages made available (even IaaS locks you in to certain stack decisions). Migrating from one application stack to another is never an easy task.

My bet… Within 5 years you will hear little about cloud security, but you will find a lot more companies stuck with vendors that they would prefer they didn’t select to use today.

By Simon Ellis

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comic
The Lighter Side Of The Cloud – Data Merge

The Lighter Side Of The Cloud – Data Merge

By Christian Mirra Please feel free to share our comics via social media networks such as Twitter, Facebook, LinkedIn, Instagram, Pinterest. Clear attribution (Twitter example: via @cloudtweaks) to our original comic sources is greatly appreciated.

The Rise Of Threat Intelligence Sharing

The Rise Of Threat Intelligence Sharing

Threat Intelligence Sharing  Security has been discussed often on CloudTweaks and for good reason. It is one of the most sought after topics of information in the technology industry.  It is virtually impossible to wake up and not read a headline that involves the words “Breached, Hacked, Compromised or Extorted (Ransomware)“. Included (below) is an…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…

Higher Education Institutions Increasing Cloud Use In Next 5 Years

Higher Education Institutions Increasing Cloud Use In Next 5 Years

Cloud Computing Advancing Edtech In a new research study by ResearchMoz it’s predicted that the global cloud computing market in higher education will grow steadily at a CAGR of 24.57% over the period 2016 to 2020. Making use of computing resources connected by either public or private networks provides the benefits of scalable infrastructure, greater…

Big Data and AI Hold Greatest Promise For Healthcare Technologies

Big Data and AI Hold Greatest Promise For Healthcare Technologies

Digital Healthcare Executives and Investors Addressed Opportunities and Challenges Facing the Industry New York City – September 21, 2016 – According to a survey of 122 founders, executives and investors in health-tech companies released today by Silicon Valley Bank, big data and artificial intelligence will have the greatest impact on the industry in the year ahead. Healthcare…

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

Three Tips To Simplify Governance, Risk and Compliance

Three Tips To Simplify Governance, Risk and Compliance

Governance, Risk and Compliance Businesses are under pressure to deliver against a backdrop of evolving regulations and security threats. In the face of such challenges they strive to perform better, be leaner, cut costs and be more efficient. Effective governance, risk and compliance (GRC) can help preserve the business’ corporate integrity and protect the brand,…

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago.…

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

The 80-20 Rule For Security Practitioners  Everyday we learn about yet another egregious data security breach, exposure of customer data or misuse of data. It begs the question why in this 21st century, as a security industry we cannot seem to secure our most valuable data assets when technology has surpassed our expectations in other regards.…

Fintech Investments Are Seeing Consistent Growth

Fintech Investments Are Seeing Consistent Growth

The Financial Services Cloud Fintech investment has been seeing consistent growth in 2015, with some large moves being made this year. The infographic (Courtesy of Venturescanner) below shows the top Fintech investors and the amount of companies they’re currently funding: Just this week, a financial data startup known as Orchard Platform raised $30 million in…

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth The Internet of Things is the latest term to describe the interconnectivity of all our devices and home appliances. The goal of the internet of things is to create universal applications that are connected to all of the lights, TVs, door locks, air conditioning, and…

Cloud Infographic – The Data Scientist

Cloud Infographic – The Data Scientist

Data Scientist Report The amount of data in our world has been exploding in recent years. Managing big data has become an integral part of many businesses, generating billions of dollars of competitive innovations, productivity and job growth. Forecasting where the big data industry is going has become vital to corporate strategy. Enter the Data…

The Internet of Things Lifts Off To The Cloud

The Internet of Things Lifts Off To The Cloud

The Staggering Size And Potential Of The Internet of Things Here’s a quick statistic that will blow your mind and give you a glimpse into the future. When you break that down, it translates to 127 new devices online every second. In only a decade from now, every single vehicle on earth will be connected…

Cloud Infographic – Disaster Recovery

Cloud Infographic – Disaster Recovery

Disaster Recovery Business downtime can be detrimental without a proper disaster recovery plan in place. Only 6% of businesses that experience downtime without a plan will survive long term. Less than half of all businesses that experience a disaster are likely to reopen their doors. There are many causes of data loss and downtime —…

Cloud Computing Services Perfect For Your Startup

Cloud Computing Services Perfect For Your Startup

Cloud Computing Services Chances are if you’re working for a startup or smaller company, you don’t have a robust IT department. You’d be lucky to even have a couple IT specialists. It’s not that smaller companies are ignoring the value and importance of IT, but with limited resources, they can’t afford to focus on anything…