After the first few forays into cloud usage, many organizations are shuffling those cloud assets around from one cloud to another, from public clouds to private clouds and even from the public cloud back into on-premise systems.
It's being called the second wave of cloud computing.
CompTIA’s Fifth Annual Trends in Cloud Computing study found that 44 percent of companies had moved either infrastructure or applications from one public cloud to another; 25 percent of companies had moved from a public cloud to a private cloud; and 24 percent of companies had moved from a public cloud back to an on-premise system in the last year.
What is driving this second wave of cloud computing?
Shift in preferred cloud provider
A significant amount of public cloud use over the past few years was done without IT oversight and approval. As companies develop their formal cloud strategies, it often means moving away from the cloud provider that was initially chosen by a line of business or an individual group and moving to a different public/private cloud or even back onsite.
Unexpected cost and management issues:
- Costs of moving data
- Difficulty tracking systems to decommission
- Weak technical support
Many companies are realizing that they had not accurately estimated things like cost savings when they selected their public cloud environment. For example: while migrating data into a public cloud may be inexpensive, many companies have been surprised by the hidden cost of extracting data from these environments or moving data between regions. Also, without constant monitoring and management of public cloud environments, many enterprise companies fail to efficiently decommission under-utilized workloads and therefore never realize any significant pay-as-you-go cost model savings.
Another area of misaligned expectations is in technical support. Simply put, most large public cloud providers do not offer the level of technical support expected by the majority of enterprise companies. This issue becomes critical given that the typical enterprise company may only have a handful of internal employees that have a deep understanding of public cloud architectures. When you combine limited cloud expertise with the inability to get enterprise-level phone and tech support, we often see the “scaling or phase two” portion of cloud projects hit an impassable roadblock.
Security: Increased surface area of risk
While network-layer and physical security in public cloud datacenters has proven to be adequate for most enterprise companies, many CISOs and security execs are very concerned about the risk of data exposure. This risk can be greatly increased in public clouds for two reasons:
One, there are new administrative accounts that will have access to data and workloads. These accounts must now be managed and monitored by the IT security team and these accounts represent both a data exposure risk and a data protection risk (for example if an admin accidentally deletes a workload that hasn’t been backed up).
Two, multiple copies of sensitive data can be replicated in a cloud environment. This may be due to the public cloud provider’s underlying replication technology, or simply due to a company’s lack of data security controls in a cloud environment. For example, if a company had planned to implement business analytics in the cloud, it may require multiple copies of sensitive data to be sent to the cloud in order to complete the analysis reports. Even if this data is protected with encryption and identity management, a simple identity breach (the most common type of breach today) could expose that data in cleartext.
The result of this increased risk, especially given today's threat climate, is causing many companies to abandon certain cloud projects unless more comprehensive data protection technologies (such as tokenization or data masking) can be implemented.
One of the simplest reasons for these statistics is the recent availability of choice. While it may be hard to believe, computing giants such as Google, Microsoft and VMware had no public cloud offering for enterprises just 18 months ago -- and even companies like HP and IBM had only very limited private and hybrid cloud options. As enterprises develop a more mature cloud strategy, they are now able to select the best cloud environment for their individual cloud projects.
Author’s Note: Thanks to Charles Moore of Delphix for his contribution to the content of this article.
This article is published as part of the IDG Contributor Network. Want to Join?