Cloud optimize

Pros and cons of procuring your own IT in the cloud

Nick Hardiman is ready to add content on his newly created Amazon EC2 machine, but he pauses to consider some important factors before continuing on the public cloud path.

Continuing my foray into the cloud with Amazon Web Services, I am now in a position to place information on the web, for the world to see. I created a new Amazon EC2 machine, carried out some security patching and installed a web server. I don't have to worry about high availability, e-commerce or encrypting my data.

Now the server is ready to take content that will be available on the Internet. I can do this myself and bypass the traditional workflow in my enterprise. Unfortunately, this proves to be a double-edged sword.

I decide, in a moment of drivelling thickwittedness, to put up a single page with a few helpful details about me and my department. It's easy enough to create a static page describing the department I work in. I don't have to worry about high availability, e-commerce or encrypting my data. Of course, this is a trivial example: being able to start a car does not make me a driver. The more complex the business solution, the greater the technical challenges I have to overcome.

My single page can't do any harm, can it? After all, the server is patched and the site is so simple it is practically unhackable. I don't have to worry about intruders damaging the company reputation by defacement or other vandalism. Who could I annoy?

  • The marketing department. All the corporate branding is missing. Even the URL is not right. Who would really believe http://ec2-1-2-3-4.eu-west-1.compute.amazonaws.com/ is part of my enterprise? The marketing guys may accept an URL shortener like bit.ly, but not this.
  • The HR team. I am posting confidential data. The terms of my employment do not allow this.
  • The legal guys. I am sending personal data across national boundaries. I have caused regulatory compliance issues for my company.
  • The security team. They don't know the first thing about this new service, let alone checked the information security.

Experiments like this must not be linked to the enterprise.

The pros and cons of procuring your own IT

If you are a department manager, be careful. You now face a unique challenge. The world of cloud computing is attracting direct interest from business leaders in a way that hyped technologies of the past have failed to do. How many managers have you seen tinkering with blade hardware or ESB software? Any business unit can now instantly procure its own IT, cutting many steps out of the traditional procedure. The minimal effort required to get to this point can be put in by anyone.

Let's say an enterprise chief such as, ooh, say, Dr. Werner Vogels, the CTO of Amazon.com, has decided on a new strategy to empower every department to use cloud computing (and this is what led to the formation of AWS).  A department manager, who previously relied on the IT department for all that arcane hands-on magic, may solve his headache of scarce IT resources by commissioning his own cloud services. The challenge is to achieve the positive effects and avoid the negative.

Pros

  • Money. The huge long term investment and short term maintenance costs are gone.
  • Time. It takes minutes to create virtual services.
  • Scale. The vast data centres of the big cloud players (AWS, Rackspace, Verizon, etc.) allow practically unlimited growth.

Cons

  • Regulatory compliance. The manager puts customer information in the cloud. The provider moves that information around the world and the company fails its regulatory compliance.
  • Security. The manager puts vulnerable applications in the cloud. Naughty people mount man-in-the-middle, cross-site scripting, and defacement attacks.
  • Cloud sprawl. All departments love commissioning their own IT solutions. The company ends up with dozens of unconnected e-mail systems, web sites, office apps, data stores and so on.
  • Repeating the mistakes of the past. Other little gotchas that burnt the IT department in the past will hurt the other departments again.

The safe path through this maze is to follow the direction of the consultants in the IT department. They know these waters - they have decades of experience evaluating services, keeping stakeholders happy, building  business tools and so on. But how open is the typical IT department to helping a manager go elsewhere? I fear they will not jump at the opportunity - they will have to be pushed.

Missed a piece?

Follow the entire journey of working in the Amazon Web Services cloud from initial sign-up to building applications and beyond.

About

Nick Hardiman builds and maintains the infrastructure required to run Internet services. Nick deals with the lower layers of the Internet - the machines, networks, operating systems, and applications. Nick's job stops there, and he hands over to the ...

3 comments
Kent Lion
Kent Lion

Funny, I've been hearing a lot of cloud for a while now, but I have yet to see anyone mention the fact that the number one reason everyone has their own computer now is that in the days of mainframes, when the mainframe went down, everyone connected to it went with it. Murphy's law was made for IT. It is amazing how often I want to look at something on a bank web site, only to be greeted with a message like "Sorry...[excuse]...try again later." It even happens on FB. When everything I do on my computer depends on the cloud (including the applications I do it with - e.g., Word, Excel), I can no longer depend on being able to do something immediately. The vision of the cloud that I'm seeing everywhere sounds very much like a global mainframe; effectively defeating the very reason we all have computers. Is the similarity between "cloud" and "smoke" an accident?

melbert09
melbert09

Interesting article and I agree with you on a majority of what you have said, but I would be a bit sceptical with the Pros you listed. Please don???t take me for being in the cloud is evil crowd. I just like to use the right solution for my clients, this has included cloud based services. The comments below are just issues that I have found when using a Cloud based service. Money: this really depends on the service provider. Depending on the cost, it may actually be cheaper to host it yourself over a 3-5 year period. As for the maintenance it is built into your service charge, but you are reliant on them to do it correctly and with minimal disruption to your operations. Then again this is all dependant on your operations and what you are doing. If I needed just to put up 1 web-server then it would make sense to go to the cloud for that. Time: There is the length of time it may take to get a server up and running. Do you need a PO, and then they will spin up the machine once it is purchased? Will there need to be an adjustment to a contract? I???ve seen it take over a week to get a server up and running because of issues like this. Scale: I would agree with you, that you can easily scale your infrastructure and grow as you need. When working with any service provider you really should find a company that is going to work with you and support your business needs. Be pro-active, responsive and act as a partner rather than a company that is just providing a service.

Nick Hardiman
Nick Hardiman

I wish everyone used the right solution for their clients. Crikey, what a mass of man hour grief that would have saved over the years. Do you have any examples of how you eased your clients pain by picking a cloud service provider?