What cloud storage can learn from mainframes
The face of IT is changing forever, thanks to agile business practices, software-defined data centers, flash and cloud.
But before we can turn these technologies into business benefits, we need to change our thinking. The biggest change should be how we think about risk.
The implications are more obvious when moving to cloud computing than with any other area. Cloud Caution 2
I recently gave a presentation on the topic of cloud. During the Q&A session, an audience member said,
I can see how moving to the cloud would be easy for a small business, but you just can’t do this for a big business.
There was much nodding in agreement.
I was more than half expecting this, so I asked how many of the people in the audience did not have a Dropbox account. Only a few hands went up.
I then asked “How many people with a Dropbox account have never put any sensitive corporate data on that account?” Again, only a few hands went up.
There was some nervous laughter, but I’d made my point: Every single company represented in that room had already begun moving their company to cloud. They just didn’t all know it yet.
There are three major challenges here, and they’re all in some way to do with risk:
1. Too Easy A Transition?
In some respects, the challenge with making the transition to the cloud is that it is almost too easy.
But that’s the point: It’s supposed to be easy. Here’s why…
In the past, purchasing an IT asset typically involved large capital purchases, with long times to value. But the risks of making a return on that investment rested almost entirely with the customer: When the million dollar check was written, the sales team celebrated while the customers quietly thought to themselves, “This had better work, or my job is toast”.
To reduce the risk of making the wrong decision, you either placed an immense amount of trust in your vendor, or spent a lot of time and effort in requirement gathering, planning and contract negotiations. You’d also probably buy something massively overpowered, “just in case.”
But none of these mitigations will completely address the risks, and all of them will kill business agility and profitability.
Cloud disrupts the old way of buying IT, because it completely changes the risk profile. Cloud computing is inherently elastic and pay-as-you-go, so if you’ve outgrown your cloud service or it’s not meeting its SLAs, then choose another cloud vendor!
The financial risk of moving into the cloud is now so small that it becomes incredibly attractive, compared to the risks of buying IT the old way. That’s what I call a nice problem to have.
2. Risk Mitigation
The risk isn’t that the cloud service costs too much, or isn’t good enough: The risk is, “what happens when things go wrong”.
Business people tend to think more about the benefits of technology, but IT lives in a world of risk mitigation. Procedural and policy frameworks are reinforced by purchasing hardware with lots of headroom, implementing backups, and doing disaster-recovery testing. It might be expensive and hard to change, but it works and supports the business better than most business people appreciate.
Building that kind of reliable IT means preventing as many problems as possible. So, when IT infrastructure professionals are asked to analyze the feasibility of cloud environments what they see is a lot of eggs into a single basket built from commodity components that are glued together by software that is constantly changing.
Doing this in a datacenter under their own control would be unacceptably risky, doing it in someone else’s seems like insanity. Which brings us to…
3. No Backup Plan
Given the way IT looks at risk, it would be easy to list all the reasons people use when they say you can’t move your business to the cloud: privacy concerns, data security, data sovereignty, backup, performance and reliability—just to name a few.
But the often unstated reason is that there isn’t a readily available “Plan B.” If you stop paying for your cloud storage, that data disappears. And losing irreplaceable data is about the worst thing that can happen in IT.
Cloud is a little like the Hotel California: you might have the right to checkout any time you like, but if you can’t easily move your data back to your data center or another cloud provider, you might never be able to leave. IT has learned many hard lessons about being locked in to technologies you can’t directly control.
Until you have a way of getting out of cloud as easily as you can get in, IT is probably going to find many reasons why the cloud is a fundamentally bad idea. That’s why the notion of a private cloud or a hybrid cloud is so powerful.
The Bottom Line
This conflict in the way business and IT think about risk needs to change.
Your IT department and your vendors must address your need to reduce purchasing risk, and improve time to value. But this is a two-way street: There are risks that the business never sees, because IT does such a good job at making sure the business is never exposed to them.
So take the time to understand the problems that IT’s risk aversion save you from every day. A constructive dialog about the risks across business and IT can help find creative solutions and quell the irrational fears—and the roadblocks they create.
Subscribe to Data Storage Authority
Get the latest posts delivered right to your inbox