Cloud Computing: Panacea or Power Monger?
By Margaret Dawson
The cloud has been positioned as a panacea for all our IT woes. We no longer need to deploy infrastructure -- instead, we can partner more easily with the business for success, and we can drastically cut our IT budget without sacrificing capability. Many companies that eagerly embraced the cloud found that, as with any technology consumption model, the cloud does not solve everything. For all of its benefits, there are hidden costs and risks associated with cloud computing.
Let me emphasize that in many cases, a cloud solution is still a great choice. The cloud does bring genuine, measurable benefits, such as predictable subscription-based pricing, the ability to use Opex over Capex budgets, ease of use and management, the ability to quickly move to new solutions, minimal hardware and software, and extensibility.
However, not all clouds are created equal. Huge variance exists across key evaluation criteria, such as security and compliance, management, cost, and reliability. The cloud is also driving the biggest build-out of physical infrastructure that we've ever seen, which is ironic given the hype around virtualized infrastructure with the cloud. According to a recent Greenpeace report, nearly $450 billion is spent annually on new data center facilities to power cloud computing. Every day, there are reports of new mega data centers being built, from Arizona to the Arctic.
Perhaps this is obvious, and perhaps it's a good thing. After all, don't data centers bring great economies of scale? It must be better to have one cloud vendor managing a huge data center for hundreds or thousands of customers than having each of those companies build out their own infrastructure. Yes, but the data center build-out of private and large public clouds is actually bringing many dis-economies of scale as well.
The three main dis-economies of scale related to cloud computing data centers are security, cost disparity, and the ecological impact.
Cloud Security: Does Centralization Also Bring Risks?
In most cases, using a proven cloud vendor allows you to leverage industry best practices and often receive security and compliance levels you could not achieve yourself. However, data centers are vulnerable. They contain concentrated, high-value resources, often resulting in all gems are stored in a single safe. This could make it easier for a disgruntled employee or an outside threat to compromise your data. This centralized facility is also vulnerable to local disasters, such as fire or flood. A few years ago, several companies had to relocate their primary data centers due to threats from an overflowing river outside of Seattle.
This centralized approach also means your data is sitting in a central server and travels there via a single pipe, once again making potential compromise easier.
As with any solution affecting your data, you should conduct a proper assessment of the cloud vendor before you buy. As I always say, security is security, so you should have the same expectations and assessments for a cloud solution as you do for your own network and on-premise solutions. Here are a few key questions to ask:
- How is your data protected? (application, architecture, physical, personnel)
- Is data encrypted both in motion and at rest?
- Who manages the keys?
- Does the vendor follow secure development principles? If so, what are they?
- What compliance mandates, security audits, or certifications do they have?
- How does the service provider detect a compromise or breach? How are you alerted?
- What is their disaster recovery plan?
Cloud Economics: Are There Hidden Costs?
As I mentioned, data centers are extremely expensive to build and maintain. The cost of hardware, such as commodity servers and even networking equipment, continues to decline, but the vast majority of data center expense (around 80 percent) is from electricity or power costs. The other big chunk of cost is bandwidth. Fat pipes are very expensive, and in addition to the cost, central data centers often need to throttle your bandwidth to accommodate the many servers or companies using that pipe.
These high costs are often passed on to the customer. Although some companies (such as Google) can offset the big data center expense through advertising revenue, most vendors need to charge it back to their customers. This has resulted in a high disparity in some segments -- cloud storage being one of those that has a broken economic model. You can buy a 2-terabyte external hard drive for around $100, but that same 2 terabytes could cost you hundreds if not thousands of dollars every month depending on your cloud provider. That just doesn't make sense.
In other instances, the cloud offers the cost-effective economics and affordable monthly subscription you need. My point is to not just assume the cloud is cheaper, either initially or over time. Here are few cloud cost considerations to evaluate before you move to the cloud.
Private versus Public Cloud
The key question here is whether you can you afford the infrastructure. Your cost analysis should include the facility and equipment as well as personnel, security measures, and disaster recovery processes.
Look beyond base subscription fees
When evaluating the overall pricing, look beyond the initial license. Many cloud solutions create pricing buckets based on number of seats or users; data usage (per gigabyte, per database row, etc); number of instances, and so on. Just as overstepping your cell phone's usage or text limits adds charges to your bill, cloud solutions can also become more expensive if limits are exceeded.
For example, Web hosting companies often create plans based on total Web traffic or data used on the site. Nearly all cloud storage providers have a per-gigabyte fee, where the first 10 gigabytes may be one pricing tier, but if you use more space, you are charged for the next tier. A business intelligence tool I used previously utilized buckets of rows, where once you went beyond 10 million rows, the next bucket was up to 100 million rows, so the price per month was significantly higher.
When going into the contract, ask about any pricing tiers, and build growth into your budget assumptions. Also, make sure to check whether premium features (such as 24x7 support and data restoration) are included in the base subscription or they are available at additional cost. That's another way fees can add up and surprise you.
Share Costs with the Business
This is one of the benefits of cloud solutions, particularly SaaS applications used by the business. Many companies now share costs across IT and business, where IT pays for the initial set-up and deployment costs and the business side covers the ongoing subscription fees. This, of course, works best when the application is a clear business productivity tool, such as customer relationship, marketing automation, travel and expense, employee evaluation, or billing. Because most IT shops still tend to carry the bulk of Capex budget, the operational expense can come from the business side.
SLA Financial Penalties
Service level agreements (SLAs) are standard with cloud solutions, but increasingly, the customer is able to negotiate around penalties if the SLA isn't met. This is particularly important if a time of delivery is critical to your success, such as in an order-to-cash process where if an invoice is not received within a stated time frame, you could be penalized, so you want to share that penalty and risk with your cloud provider. Another obvious example is uptime or mean time between failures (MTBF), which is a vital issue if you're outsourcing eCommerce or other business-critical processes that directly impact your revenue stream. What happens if your site is down more than a couple of minutes? Have this SLA discussion upfront.
Moving to Another Cloud
This is becoming a bigger issue now that we have used cloud solutions long enough that we are now dealing with migration. How easy or hard is it to move data from one solution to another? I know personally I have stayed with a CRM tool far beyond the honeymoon period because I dreaded the pain of moving data to a different solution. Increasingly, cloud brokers or integration providers are helping with this transition -- for a cost, of course. Look into this before you sign the contract. And this is valid across nearly all cloud platforms, such as moving apps from one PaaS to another, moving data between SaaS applications, or transferring data from one IaaS to another.
As I've inferred, integration is often the forgotten stepchild in the cloud but the one that can hurt the most. With a hybrid environment becoming the norm, how you will share information across applications or across cloud and on-premise infrastructure needs to be considered and architected upfront. Integration should be considered along with service-oriented architecture (SOA), because developing a SOA shared services layer could significantly assist with integration requirements.
Cloud Ecology: Is the Cloud Really Green?
From the beginning of our cloud-hype cycle, one of the key elements of the cloud was how green it was. This is because for most companies, leveraging cloud-based platforms decreased their carbon footprint and eliminated the need for new hardware or software. However, this did not take into consideration the data center behind every cloud provider's solution, which was contributing heavily to our carbon output and energy consumption. In fact, the EPA states that 2 percent of North American energy consumption goes to servers and data centers.
"There have been increasing attempts by some companies to portray the cloud as inherently 'green'despite a continued lack of transparency and very poor metrics on performance or environmental impact," stated Greenpeace in its recently published How Clean is Your Cloud report. Greenpeace estimates that approximately 2 percent of the global carbon footprint can be attributed to data centers.
This is why you are seeing cloud vendors locate new data centers in creative places, such as Facebook's new facility on the edge of the Arctic Circle, where natural cooling will save in air conditioning costs. The thousands of servers in a data center aren't just hungry for power; they also create a great deal of heat, requiring massive cooling capability. Ironically, many of the large clusters of data centers are located in hot climates, such as Nevada and Arizona, where power and land are cheap but the cooling needs are greater.
One of the key reasons data centers are just energy "hogs" is that they are built for peak usage periods, such as during the Christmas season, when eCommerce providers need to accommodate huge spikes in processing demand (for higher traffic and orders, for example). Each industry has its own peak periods. As a result, a huge percent of data center capacity is inactive -- but still requiring power -- most of the time. Industry analysts such as Gartner estimate that up to 85 percent of data center capacity is, on average, sitting idle.
In spite of this, we are seeing a record level of data center build out around the world because digital data is growing at record rates. IDC researchers say we are creating 58 gigabytes of digital data every second, and the amount of electronically stored data is expected to skyrocket to over 35 Zettabytes by 2020. To accommodate this amount of digital data would take hundreds if not thousands of data centers the size of Google's.
You could argue that cloud providers help with this issue, because, as with security, they bring best practices and an absolute focus to this shared infrastructure. For example, we can assume that cloud providers such as Amazon are well equipped to optimize capacity well beyond the average and can quickly add more capacity as requirements grow, whereas an individual company may not be able to afford a team or have the agility to quickly add more capacity.
We will also continue to see increased efficiencies in technologies and architectures powering cloud solutions, such as multi-tenant architecture, virtualization, multi-core processing, distributed databases, and distributed load balancing. The one common theme here is the leveraging of distributed systems to do more with less.
We are also seeing a trend beyond distributed system to decentralized approaches, as the question remains whether we can support data growth and overall demand with the current centralized model. Decentralized cloud architectures leverage existing resources to create a "network" across many locations and users. For example, in the data storage world, we could leverage all that existing capacity lying idle to store electronic data without deploying more physical hardware. There are commercially viable examples of de-centralized cloud services. Skype is a good example of a successful peer-to-peer network, where users help power the global telecommunications service by letting Internet calls and video be routed through their bandwidth.
A Final Word
Although data centers will continue to play a vital role in our IT requirements over all, particularly for high-volume transactions, data warehousing, search, and disaster recovery, we should continue to look for ways to optimize existing infrastructure and explore decentralized models.
Margaret Dawson is vice president of marketing and product management for Symform, a cloud storage and backup provider. Prior to Symform, she ran product management and marketing for Hubspan, a B2B cloud integration provider, and at Microsoft she led a product management team for two network security products.
Ms. Dawson has more than 20 years of experience in global leadership for both start-ups and Fortune 500 technology companies. She is a frequent author and presenter on cloud computing, data management, network security, integration, and other business and technology themes and sits on the Cloud Connect Advisory Council. You can contact the author at Margaret@symform.com.