The Register® — Biting the hand that feeds IT

Feeds

Five reasons why you'll take your storage to the cloud

And five reasons why you won't...

By Trevor Pott, 19th September 2013
25

Free ESG report : Seamless data management with Avere FXT

The cloud will inevitably replace all other forms of IT. The cloud is a passing fad. The cloud is good, it is bad and it is hideously ugly. The cloud is a paradigm shift that will obliterate all previous technological developments. The cloud is an iterative evolutionary augmentation of extant technologies and nothing to write home about.

The marketing for the cloud is terrible, was terrible and will be terrible in the future. Nobody can agree on what the cloud is, why we should care or even if it's of benefit to us. Despite this, nerds the world over have opine passionately about the ephemeral technology du jour and The Register does so like stoking the fires.

Thus we present five reasons you won't go into the cloud ... and five reasons you will.

1. This salt shaker is bugged for your protection

"The cloud" as it stands today basically means "American technology companies". There are a few outliers – primarily in IaaS – but the really sexy stuff is almost all American. This is a practical problem for cloud adoption advocates.

Wading through the legal morass of what kinds of data we can legally store where is expensive, frustrating and subject to change with the next law passed by our governments. The net result of this is that it doesn't make business sense to use American cloud providers for anything. Even if they have a datacenter in your country they can still be compelled by their government to pull any data you've stored (such as the personally identifiable information belonging to your customers) and never tell you.

For obvious reasons an American legal attack surface of any kind is simply unacceptable in today's cloud computing. What of the UK? I'm pretty sure that as a Canadian company I can't store data there either. Probably not France, given recent revelations on their side too. China's out, for obvious reasons ... that leaves "store my data in my own nation" or "store it in Switzerland". (There are a few EU nations I could probably get away with for now, but I'm sure that's only until their own intercept programs are made public.)

Ultimately the only solution is "the data must be stored only within the boundaries of your own nation and by companies without a legal attack surface in other nations." Legal attack surface, BTW, does not simply mean "headquarters are in your nation."

If the sysadmins live in another nation then the men with the dark suits can show up with a "do this and never speak of it" letter and you'll never know your data was pulled. If your customers have reason to believe that their data was read they can sue you because you made the choice to use that cloud provider and it was that choice which put their data at risk.

The only acceptable solution from a privacy standpoint is that the cloud provider must license their software to a company within your nation that then stands it up inside the datacenter of a hosting provider that is also located in your nation (and who has no legal attack surface anywhere else.) Of course, that's anathema to most cloud providers and impossible for many others. If they've built your application on a PaaS offering such as Amazon, then they're stuck ...and so are you.

On the other hand ...

300 million-plus wallets can't be wrong!

The counter argument to this is simple: the rest of the world doesn't actually matter all that much. The CEO of a cloud provider crystallised the argument around privacy during a PupperConf after-party this year.

"There are several dozen US companies spending or willing to spend a million or more per month on cloud services," he told me. "But I haven't seen one outside the US willing to do that." The big money is in America and most cloud providers will do just fine mining that market for some time to come.

The rest of the world takes consideration, care, investment and a heck of a lot of work to deal with. Most cloud providers have built their business not only around the software they sell but around the internal business processes they use. Some tout their DevOps prowess, others their support, stability or what-have-you. To replicate that outside the US requires partnerships, licensing and constant vigilance to ensure that licensees do not ruin the cloud provider's good name.

There's a lot of money to be made in America. More than enough for the next decade or so. What's more, non-American companies don't seem all that bothered by little things like their own data protection and privacy laws. It's easier for everyone to simply assume that politicians will smooth out any barriers to adoption.

Everyone's doing it. You can no more kill cloud computing that you can stop non-commercial copyright infringement, win the "war on drugs" or succeed at prohibition. Many businesses are seeing benefits from cloud computing whereas few have been sued over the privacy aspect. Statistically, it seems likely you can use it to your advantage and get away with it.

2. 404 as a Service

Google goes dark for two minutes and significant chunks of the western world wonder if they should go home, or wait for Google to fix itself. It sounds like the premise of a science fiction novel, but this actually happened a few weeks ago.

In addition to the cloud provider having a lie down there are layers of things that can go wrong between you and the provider, The ever-present idiot with a backhoe, ISP router misconfiguration or even the NSA botching a fibre tap and accidentally wiping out an undersea cable or two.

Natural disasters are another consideration. Here in Edmonton we pretty much don't have natural disasters; there's the odd tornado every few decades and flooding is a possibility if you live by the river, but statistically there are few better places to have a pile of servers run reliably for years at a time. If I go put my data in a datacenter in San Francisco then natural disasters as a service interruption modality become something I have to start thinking about.

As a consumer of cloudy services you have no control over versioning, UI (Google stop moving my buttons!), or the development process. In the wrong hands "rapid release" can mean "automated iterative failure as a service."

One of the fundamental problems of cloud computing is that when the thing blows up you don't have a neck to wring. There's a lot of finger pointing (it's your network/computer/browser, no it's your cloudy server, no it's $ISP), but you've no real option during outages except "hurry up and wait."

Having said that ...

Sucking less, at scale

Despite this, the cloud provider is most likely better at IT than you are. For the big players, there's more of them than there are of you and they have entire teams of people just to do monitoring.

Cloud providers leverage economies of scale. That doesn't just apply to getting cheap hardware or having a little bit of muscle when they sit down with Microsoft across that long negotiating table. It means things like testing, automation, quality assurance and the raw manpower that can be brought to bear.

They're better at it than you. Even with the potential for outages, you will probably still get better uptime with a cloud provider than rolling your own IT.

5 ways to reduce advertising network latency

Next page: 3. The forever cost

Page:

25 Reader Comments

Whitepapers

5 ways to reduce advertising network latency
Implementing the tactics laid out in this whitepaper can help reduce your overall advertising network latency.
Supercharge your infrastructure
Fusion­‐io has developed a shared storage solution that provides new performance management capabilities required to maximize flash utilization.
Avere FXT with FlashMove and FlashMirror
This ESG Lab validation report documents hands-on testing of the Avere FXT Series Edge Filer with the AOS 3.0 operating environment.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Email delivery: 4 steps to get more email to the inbox
This whitepaper lists some steps and information that will give you the best opportunity to achieve an amazing sender reputation.
Search more Resources

More from The Register

next story
How many apps does it take to back up your data?
Trevor Pott counts the ways
28
Dedupe-dedupe, dedupe-dedupe-dedupe: Flashy clients crowd around Permabit diamond
3 of the top six flash vendors are casing the OEM dedupe tech, claims analyst
8
Disk-pushers, get reel: Even GOOGLE relies on tape
Prepare to be beaten by your old, cheap rival
13
Hong Kong's data centres stay high and dry amid Typhoon Usagi
180 km/h winds kill 25 in China, but the data centres keep humming
9
Microsoft lures punters to hybrid storage cloud with free storage arrays
Spend on Azure, get StorSimple box at the low, low price of $0
7
WD unveils new MyBook line: External drives now bigger... and CHEAP
Less than £0.04/GB, but it loses the Thunderbolt speed
36
VMware vSAN test pilots: Don't panic but there's a chance of DATA LOSS
AHCI SATA controller won't play nice with Virtzilla's robo-storage beta
6
Pure poaches NetApp preacher
Stewart dumps disk array drama to fluff flash
10
OpenDaylight: meet networking's bright newcomer
Prepare to be dazzled
3
StorNext gets revamp, Quantum claims 5x data throughput boost
Multi-threaded code, flash, metadata redesign and Infiniband support
1
prev story