The illusion proposed by the cloud is that it offers tremendous business benefits, but along with that enthusiasm and (as technologists) our ability to quickly deploy such a technical infrastructure, comes a new set of business risks a cloud prospect needs to think carefully about.
The move to the cloud (usually from a local intranet), is, in essence, nothing more than a transition of storage or processing of data onto an extranet (available from anywhere), accessible through a virtually (metropolitan) omnipresent Internet.
Now the enthusiastic deployment of the cloud is to hand such external processing over to a third-party (like Amazon for applications, or say Apple’s iCloud for documents and media), who can provide robust processing, generic security, backup (and recovery) and instant scalability should you require. And even though in some cases you can decide to maintain management of that infrastructure, you have just moved certain business risks into the laps of others.
A centralized computing environment used by many customers changes the individual risk from a manageable one-to-one to a less controllable many-to-one. It concentrates the single point of failure now also used by your newly acquired technology “neighbors”. And that concentration, in turn, promotes the attraction to hackers, increases the likelihood of cross-pollination from misconfiguration, and puts pressure on expertise and technology choices of central management generally under price pressure of industry commoditization.
Furthermore, centralized computing environments aim to offer best-of-breed generic computing capabilities that serve many and thus implicitly ignores the supplemental requirements of every implementation that are non-uniform.
Business on earth
Let’s look at two simple examples of real-world requirements, one in each cloud category. Cloud service menus blissfully ignore that every application customer still needs logical application security (unique to each application) to prevent vulnerabilities that can wreak havoc with sensitive and mission-critical customer data (nepotism: WhiteHat Security). Or, related to documents, can you imagine having to call Apple to restore a single version of a document, let’s say a book you are writing, that inexplicably got lost in the shuffle. What telephone number at Apple would you even call?
So, with a move to the cloud, the control and management of the ecosystem of risk factors that delivers a reliable, optimal and safe computing infrastructure compatible with your unique business needs, has fundamentally changed.
Stay in control
Given the reputation of many high flying, “capital efficient” yet immature technology companies with their general ignorance to the specific business risks of their customers, we have decided to use Dropbox over iCloud to manage our documents from anywhere.
The reason for that is not that the capabilities of Dropbox far outweigh those of iCloud, but just because Dropbox allows us to mitigate the risk of a single point of failure, is better suited to offer a smooth migration from the intranet to extranet, and does not force us to put our eggs in one basket.
To be specific, we deployed Dropbox for some of our document storage that should be accessed from any device (MacBooks, iPads, iPhones) using applications that run on all, and syncs back automatically and immediately to all. Since one of those devices is using Apple’s Time Machine to archive continually locally and runs a daily backup to a networked dynamic RAID by Drobo, we have full control over their recovery while at the same time benefit from the universal access delivered by the Dropbox cloud. A set-and-forget configuration.
Case-in-point: DropBox synchronization has been plagued with excessive CPU consumption (for more than two years for some users). Hence we currently advise against using it.
Planted firmly on earth, yet on top of the world
Most importantly, and even though the service has performed flawlessly since we implemented it, we do not need to put all of our trust in Dropbox and hope for the best to be comfortable with the fantastic benefits of the cloud.
Short of a prominent cloud company to listen and act upon your unique needs, the best cloud is one that you can control and customize so that it meets all of your specific (rather than generic) requirements. And that the decision to embrace the benefits of the cloud is purposely out of sync with your decision to where you want to put your trust.
Let the merit of the rush of cloud service providers (supported by their investors) flush itself out before you put your trust in them. For the sake of your business risk and continuity.