CRYPTOGRAPHIC KEY GENERATION

When we think about cryptographic keys, we tend to think about closely guarded secrets. Keys are the only thing that keeps the attacker away from your encrypted data. Some keys are usually treated with the appropriate level of respect. Security professionals in the payments industry, or those that have deployed a PKI, know all too well about the importance... 

Richard Moulds

Common Cloud Mistakes – And How To Avoid Them

Common Cloud Mistakes

One of the first lessons in order to avoid common cloud mistakes with anyone entering the tech field learns is that nothing is as simple as it appears to be at first glance. That lesson goes double for companies implementing a hybrid-cloud strategy. Yes, it is possible to achieve the “best of both worlds” ideal of public-cloud efficiency combined with private-cloud security and control. Just don’t expect to get it perfectly right on your first try. Take some tips from those who have been there, done that, and then done it again the right way.

The first mistake made by many cloud-computing neophytes is choosing the wrong cloud. No, the cloud isn’t this monolithic entity that you simply plug into like a power outlet. In a November 2016 article on TechTarget, Marc Staimer identifies six different kinds of public-cloud storage:

  • Block storage is local embedded disk or SAN storage best suited for high-performance applications.
  • File and NAS storage work best for apps requiring NFS or SMB protocols.
  • Three different types of object storage are available for active archiving, cool archiving, and cold archiving.
  • Tape storage, usually in the form of a linear tape file system, is also used for cold archiving.

Block storage provides the lowest latency and the highest IOPS and throughput, but it is also the most expensive form of cloud storage, priced as much as 30 times more than active or cool archival storage. At the other extreme, cold archive storage costs as little as one cent per gigabyte, but it can take hours for users to access the data, and some providers charge up to 12 times the storage cost to read more than a small amount of the archived data.

On the other side of the hybrid-cloud connection, it can be just as difficult to select the optimal form of on-premises storage:

  • A primary NAS or SAN storage system replicates snapshots or tiers of data to public-cloud storage based on the policy you determine.
  • A gateway or cloud integrated storage (CIS) works like NAS or SAN storage by caching data locally and moving the bulk to cloud storage based on policy; it leaves a stub that makes public-cloud data appear to be stored locally.
  • An on-premises object storage system offers the same de facto interface as public-cloud storage, or alternatively, it extends to the public interface, replicating data based on policy, similar to the way it is done in a NAS or SAN system.
  • The existing NAS or SAN storage setup can be augmented with archive or backup software that copies data to the public cloud based on the policy you set.

CIS systems are generally the most cost-effective option, but only if the correct amount of data is cached locally to avoid frequent calls to the cloud. Object storage can be much simpler to integrate with cloud services, so long as your apps don’t require a high level of performance. Object storage can also conflict with some subsets of Amazon Web Services Simple Storage Service (S3) interface. Likewise, recovering and restoring data from the cloud requires a physical or virtual media server in the public cloud itself, which is far from a given.

Expert consensus: Focus on goals, not cloud tech, and keep it simple

Cloud technologies change faster than the weather, which means it can be a mistake to become overly committed to a single platform or toolset. The first bit of advice offered by Forbes’ Dan Woods is to identify the cloud features that will improve your business and then become proficient in them rather than trying to become an expert on cloud technologies generally. No organization needs all the capabilities offered by AWS, Microsoft Azure, Google Cloud, and other vendors. Find the handful of specific cloud services that promise to deliver the biggest return for your business needs and focus on them initially.

common cloud mistakes

“Cloud platforms such as OpenStack can be difficult to deploy and manage, but 90 percent of the reasons cited for project failures are related to people and processes rather than to technology…” Source: Gartner, via the RackSpace blog

C-level executives are likely to rank cost savings at or near the top of the list of reasons why they’re interested in cloud computing. That is the second big common cloud mistake that companies make when formulating their cloud strategies, according to Woods: neglecting to value the cloud’s ability to help the organization achieve its goals. The role of IT is being transformed as IT functions become integrated with business departments, and IT itself becomes just as business-focused as the rest of the company.

This leads directly to the third common cloud mistake: “forklifting” your internal infrastructure onto a cloud platform with little or no effort to optimize your apps and other systems for the cloud’s best features: extensibility, efficiency, resiliency, and scalability. Initially, your big concern is getting your operations up and running on the cloud infrastructure, not doing so in a way that maximizes the cloud’s capabilities. Eventually, the only way the cloud will prove to be cost-effective is if you make the adjustments required to match your apps, databases, and other resources to the best features cloud services have to offer.

See cloud services as partners rather than vendors

IT is far from the only department affected by cloud computing. The nature of the relationship between the company and the service provider is changing fundamentally as well. According to TheCsuite’s Andrew Peddie, one of the top mistakes companies make when choosing a cloud service is treating it as a buyer/seller relationship. Any cloud project has a better chance of success if you see it as a partnership and collaboration with the cloud provider.

common cloud mistakes

“Cloud computing has had the greatest impact on the role of chief information officers, but all areas of the organization have been affected by cloud-driven changes…” Source: SpencerStuart

Peddie warns against underestimating the length of time required to complete cloud projects. To avoid unnecessary delays, evaluate only a handful of potential cloud partners rather than casting a wide net. Conduct interviews in person rather than over the phone. Have your decision-making process in place before you need it, and make sure your agreement includes long-term protection against future price increases.

When it comes to developing, managing, and protecting your company’s vital digital assets, there has never been a better time to embrace the changes presented by the cloud and its related technologies. The effort required for your organization to realize the benefits of cloud computing doesn’t have to be daunting, particularly if you learn from the lessons of those who have tangled with the cloud, and lived to tell the tale.

By Brian Wheeler

About Brian Wheeler

Brian oversees the technology team at Morpheus Data (https://www.morpheusdata.com).Prior to Morpheus, Brian founded a software development consulting firm which designed and developed solutions for a variety of industries including power grid management, ticketing systems, online trading, social networking and gaming, SOX compliance, and e-commerce. Brian holds a bachelor’s degree in Chemistry from Pomona College.

View Website