We are living through a wave of cloud computing hype. It seems like there is a new cloud feature or product being launched by big technology companies almost every day - and sometimes concurrently - and the cloud is at the center of all the important tech industry discussions today, from job creation and destruction to the growth and decline of companies. This hype generates a number of false expectations and concerns that may lead companies into making bad decisions about the technology.
The simple possibility of helping people avoid bad decisions would be reason enough to look into these "myths" that surround the cloud, but other advantages may also come from this exploration: a better understanding of fundamental concepts that can help in the dialogue between vendors, early adopters and those who are still holding back.
The Myth of the Green Cloud
For a few years before the 2008 crisis hit the world's economy, being green was even more fashionable for tech companies than being in the cloud is today. Green IT movements were in full force, and some cloud vendors have been once again raising this banner claiming that moving to the cloud is the greenest decision a company can make. The logic behind this myth is that cloud data centers can optimize the use of computing resources, making them more efficient than any privately-owned data center around.
This, however, is only partly true. What most companies forget is to look for the source of that energy for their data centers. If you operate your own servers in a country where most energy comes from renewable sources (such as Brazil, with a large percentage of hydroelectric power), and you move them to a cloud based in a country whose energy matrix is dominated by thermoelectric power (coal and oil), the net effect may be an increase in your company's carbon footprint. Any cloud is only as green as its power sources.
The Myth of "No More IT Worries"
This is one that almost always causes troubles for first-time cloud users. People move their servers/applications to a cloud environment (IaaS or PaaS) and think that everything will be magically backed-up and updated regularly and that multiple server copies will be hosted on redundant servers without them having to ever worry about it again. This is not true. In fact, Rackspace has been sending out emails to its customers warning them that cloud servers don't come with automated backups enabled, and that they must do this manually. The same thing goes for having contingency servers: you must set this up manually.
It's a common misconception that Rackspace™ automatically backs up your Cloud Server. That isn't the case...
-excerpt from Rackspace e-mail warning that cloud backups aren't enabled automatically.
The Myth of 100% Uptime
This is perhaps the culprit of the "no worries" myth above. Service providers, especially on the IaaS level of the cloud stack, have for some time been offering 100% uptime guarantees. What they don't seem to understand is that no technology is foolproof. I haven't heard of a single service provider out there that has actually been able to deliver on this 100% uptime promise for all customers, so this is simply a misleading promise that may make newcomers feel more at ease than they should. As I've said before, your cloud servers will eventually suffer downtime, and you better be ready for it.
The Myth of Security
The second most discussed issue about the cloud is security, and saying that the cloud is less secure than a private setup has become sort of a knee-jerk reaction for many companies. The truth of the matter is that the cloud by itself is no more (nor less) secure than anything else. On one hand, having services and data concentrated on just a few data centers makes these places much better targets; on the other hand, the concentration increases the likelihood that security patches and updates get properly applied to servers. Who is more likely to maintain updated servers with security monitoring: Rackspace or the thousands of small businesses with Windows XP servers out there?
That is not to say that security shouldn't be a concern. In fact, cloud vendors tend to downplay security to such an extent that it only makes companies more worried about what is going on. What they need to understand is that in order to keep the cloud secure, they need to work together with their customers to establish the proper processes. And, in working together, they need to share the responsibility for the security of the environment as a whole.
The Myth of Cost Savings
Saving the best for last, we come to the greatest enduring myth about the cloud: cloud computing will result in great cost savings for companies. It won't. Cloud computing is about the optimization of computing resources, not their reduction. It allows savings only in the sense that you no longer have to provision servers based on your peak demands, but can instead dynamically grow and shrink your capacity as necessary, paying only for what is in use. If your computing resource needs are fairly steady, there isn't any real gain.
One possible origin for this myth is the fact that, by using the cloud, startups can avoid spending large amounts of money upfront on infrastructure or software licenses. They perceive this lack of upfront investment as cost savings, even if in the long run they may actually spend more.
Myths are a natural part of any hype cycle. Some come from vendors who are overeager to please their customers, others from early adopters who desperately want to defend their positions. By looking at them in a detached manner, we can improve the dialogue surrounding the cloud. While I tried to cover the greatest cloud myths, this list is far from complete. If you think of any others, please share in the comments.
After working for a database company for 8 years, Thoran Rodrigues took the opportunity to open a cloud services company. For two years his company has been providing services for several of the largest e-commerce companies in Brazil, and over this time he had the opportunity to work on large scale projects ranging from data retrieval to high-availability critical services.