Over the holidays, I found myself facing a situation that is a microcosm of one that will confront many IT departments in the coming year. I was trying to decide whether to continue hosting my home lab on my own physical machines or to take the plunge and move to one of the big cloud-based providers, probably Microsoft Azure or Amazon Web Services.
IT staff who have a large investment in server, application, and desktop virtualization now face a similar situation. The infrastructure required to support these investments is typically large and complicated, so would it make more sense to hand off this infrastructure to a cloud provider? Whether we are talking IaaS, PaaS, or DaaS, the concept remains essentially the same.
…
The Considerations
Connectivity
The first issue that always springs to mind is that external connectivity is required for the cloud-hosted model to succeed. However, this is not as much of a consideration as it has been in the past. In modern offices, external connectivity is now considered to be just as important as heat and light, and almost all remote sites connect to data centers outside of the local network. The fact that a connectivity failure would interrupt productivity now applies whether or not you have moved to the cloud.
However, especially for smaller companies, caps on data usage might actually be an issue. While most enterprises have unlimited bandwidth, as more and more customers spin up cloud instances, will metering of internet bandwidth rear its head once more, potentially affecting cloud adoption in the SMB sector?
Cost
The next consideration that springs to mind is, inexorably, the cost. Services like Azure and AWS seem reasonable on the surface, but they are subject to the “Ryanair effect”: a few add-ons and bolt-ons serve to dramatically increase the price of the offering. At the sharp end, it can cost more than $10,000 per month to operate a single high-performance application in the cloud.
On the other hand, maintaining on-premises offerings also results in significant costs. Despite the onset of server virtualization, a lot of money is spent deploying on-premises servers, not just for hardware and licensing, but also for resource consumption and associated support.
Security
The security of information may be the most sensitive area. The best reason to go to the cloud—having someone else handle the day to day workload—is also the main reason why many companies will think twice about doing so: namely, because someone else will see their data. Most security processes are built around the assumption that you are in control of your data. The cloud-based model cuts against this grain.
Again, there are pros and cons. Surely you’d expect cloud providers, particularly Amazon and Microsoft, to have huge teams of security experts who have more knowledge, training, and visibility than your one or two IT staff who handle security. However, would such large teams, which are primarily focused on securing the cloud itself for multiple tenants, be intimately familiar with every aspect of your business and every nuance of your particular applications?
In the security arena, businesses will also need to be very careful, from a legal standpoint, to find out precisely who owns their data. This will have to be done in addition to the required security vetting; a cloud provider should be vetted in exactly the same way as the business would vet an external partner.
Support and Maintenance
The final major concern involves the support and maintenance of the cloud infrastructure. Obviously, this is one of the primary drivers towards the cloud: it offers an opportunity to offload maintenance to a dedicated team that you don’t have to pay for. However, are there problems around this?
Firstly, you’re abandoning any in-house expertise that you already have in favour of people who don’t know your systems as well. You also forgo the chance to have “go-to” people around, people with whom the buck stops. (If a go-to person can’t fix your problem, then he or she will find someone or something that can.)
Additionally, businesses will need to consider backups, business continuity, disaster recovery, change controls, SLAs, and any other plans and processes that will need to be implemented and adjusted in a cloud-based solution. There may be additional costs around these, and for other things as well. Processes normally taken for granted—think creation of accounts and mailboxes, application of software patches, etc.—may factor in more expenditure.
On the other hand, some companies may see this as a boon. Could having teams of experts at hand in every field, rather than a jack-of-all-trades sysadmin, actually increase the reliability of your systems, rather than decreasing them?
Conclusions
Will 2014 see a rush to the cloud, or will we remain firmly on the ground? Will virtualized servers, applications, and desktops be provided through third parties, or will we continue to do this in-house?
There’s no “one size fits all” here; each business has unique priorities. In most cases, I believe we will see what is termed the hybrid cloud—the amalgamation of both public and private resources—as we look to take advantage of both on-premises and cloud-based solutions. Why? Because public and private each address different important issues. Essentially, every business that has a remote data center already has a private cloud, and services like Azure and AWS will add to this a public one.
Usage of services like Azure and AWS often starts as a sandbox or test environment: a low-cost, hardware-independent way to spin up easily accessible development systems. But sometimes these test beds grow into bigger things, due primarily to the broad and rapid scalability of these hosted platforms. At this point, and after considering the points made earlier, businesses will have to decide whether or not to proceed with cloud-based production infrastructure.
One further consideration—one particular to a hybrid cloud model—is that of the need to extend the on-premises AD forest. This may involve using federated services to establish a secure communications path between the cloud-based virtual network and the existing on-premises network.
As to my own question of whether “to cloud or not to cloud,” my home lab is going to remain home-based for the moment. But the temptation to get into a cloud-based solution, at least partially, will prove too much sooner or later, that’s for sure.