The cloud is still full of mystery. After all, you can’t see and touch your applications and data, and you have less control than with their on-premises counter parts. Now that the cloud is maturing, some issues are becoming clearer.
Here is a reality check on 5 cloud myths and beliefs.
1. Moving to the Cloud is Easy
Some cloud services are astonishingly easy to adopt. I mean how difficult is it to set up a Gmail account? True business applications tend to be more complex. If you are migrating applications from in-house to the cloud, there is a lot of work to be done. The new applications have to configured, the data moved to the new systems, and end user access set up. This is not always an easy task.
Because migration is such a chore, choose your cloud provider(s) wisely so you don’t have to migrate from one cloud service to another if you aren’t happy. While not as tricky as moving from on-premises to the ether, it can be difficult sometimes to switch providers due to some provider’s policies over data ownership, and problems with formats and how the software is set up managed. And you have deal with migrating all the data to a different cloud storage platform, and reestablishing end user access.
Even if you are not migrating, but instead setting up brand new application services, there is work to be done. In most cases, IT has to set up all the pieces that support the applications such as network transport services and fast enough LAN and wireless access to give end users adequate performance. Once the app is on place, you may need to fine-tune the network based on real-world experience or an onslaught of new end users.
We rate this issue as still up in the air.
2. The Cloud is Not Secure
Cloud security has long been a matter of debate. In the early days IT believed that apps and data so far away from the data center have to be unsafe.
The opposite is arguably true. The fact is that large cloud service providers have plenty of resources and even more motivation to insure their cloud services are locked down like Fort Knox. More important, they can afford to use the best security tools, do defense in depth and hire top security experts.
On the flip side, the typical IT operation has many functions to provide, and isn’t 100% focused on security. There are few or no dedicated security professionals, and budgets tend to be tight limiting the deployment of security solutions.
Microsoft settled the SMB cloud security debate with a landmark survey. It found that SMBs that hadn’t moved to the cloud worried about security. 64% of these SMBs were highly concerned about cloud security, while 45% worried about losing control of company data.
Microsoft also surveyed SMBs that already moved the cloud and heard a very different story. Here 94% of SMBs that used the cloud had better security. This is because the cloud providers offered current anti-malware controls and based their infrastructure on modern up-to-date systems. At the same time, 65% of SMB cloud users experiences improved reliability and 62% got more privacy.
“There’s a big gap between perception and reality when it comes to the cloud. SMBs that have adopted cloud services found security, privacy and reliability advantages to an extent they didn’t expect,” said Adrienne Hall, general manager, Trustworthy Computing, Microsoft referring to the survey results. “The real silver lining in cloud computing is that it enables companies not only to invest more time and money into growing their business, but to better secure their data and to do so with greater degrees of service reliability as well.”
This doesn’t mean SMBs are in the clear. IT must choose providers based on their security profile. And IT must secure their own side of the network; in particular making sure end user access is protected by proper password policies and identity management solutions.
Learn more by reading our Single Password = Security Failure: How- Two Factor Authentication Saves the Day blog.
We rate the myth as busted.
3. The Cloud is Cheaper ― The Ups and Downs of Cloud-onomics
Cloud vendors promote their superior economics. In many cases, the cloud is indeed cheaper. Cloud providers have massive server and storage farms, which lower their costs due to economies of scale.
But the cloud is not always cheaper. The good thing about on-premises computing is the costs are relatively fixed, understood, and oftentimes already fully amortized.
With the cloud, the provider sets the price and this cost can change over time. Many times it increases because you use more processing and storage than you thought you would.
Each cloud service should be evaluated on its own economics to see if it is truly cheaper. Even when it’s not, it might still make strategic sense to choose the cloud over on-premises.
We rate this issue as still up in the air.
4. The Cloud is Too Slow for Complex Interactive Apps
Cloud performance is all over the map. This is driven by two main factors, the type of application you use and the speed of your network.
Highly interactive applications such as word processors are still faster on a local device, what with high speed RAM and ultra-fast drives. Yet with a good internet connection, these programs can run just fine.
Google Apps is a key example of cloud productivity, but the feature set is still less rich than its Microsoft counterpart. However the more complex Office 365 does stream its full feature set from the cloud, while still offering an offline option.
Richer applications, however, such as 3-D modeling or big data, still require high powered workstations -― sometimes with specialized graphics processing or multi-core CPUs.
But there is another side to this. Some vendors are moving complex interactive apps to the cloud. Just look at Adobe which moved its software suite to the cloud in the form of Adobe Creative Cloud. In fact, the cloud is the only way to get many Adobe programs these days. However, usually the software is still run locally, but is downloaded and licensed from the cloud.
On the engineering side, and an even more demanding application, Autodesk’s apps are available over the cloud through Autodesk Simulation 360. However, the software is designed to work as an adjunct to an engineering desktop workstation. An end user creates a simulation or a 3-D rendering on the desktop, but sends it out the cloud for processing, a task that can take hours or even days on the desktop. This indicates that the cloud is not 100% up to snuff for the rigors of this kind of design computing, but more than fast enough to handle back-end processing of projects.
We rate this issue as still up in the air.
5. Web Apps are Harmless
The cloud/web offers an almost limitless array of services and applications, so much so that end users have a field day downloading, installing and using all these goodies.
But these web apps, often installed as so-called Shadow or Stealth IT apps, are a threat to the network in terms of malware and data leakage.
Some top Shadow apps include DropBox, Google Apps, Box and myriad communication tools such as SnapChat. Because DropBox, Box and Google Apps offer shared storage, they are vulnerable to data leakage. If your company’s data is on these services, all it takes is a simple password hack or social engineering attack to give a hacker full access.
In addition, these web apps can be compromised through attacks such as remote code execution (RCE) allowing the bad guys to run malicious software on your PCs and servers. Top RCE goals include elevation of privilege, denial of service, and SQL Injection.
The latter is particularly common. An HP study actually scanned web apps. The startling result was that
69% of apps scanned had been compromised by SQL Injection, and another 42% were victim of cross-site scripting attacks.
We rate this myth as busted.
When it comes to cloud, it may wise to ‘walk and not run’. Evaluate each new application or migration possibility on its own merits. Over time you’ll likely the find the sky is the limit.