Continuing my foray into the cloud with Amazon Web Services, I am now in a position to place information on the web, for the world to see. I created a new Amazon EC2 machine, carried out some security patching and installed a web server. I don’t have to worry about high availability, e-commerce or encrypting my data.

Now the server is ready to take content that will be available on the Internet. I can do this myself and bypass the traditional workflow in my enterprise. Unfortunately, this proves to be a double-edged sword.

I decide, in a moment of drivelling thickwittedness, to put up a single page with a few helpful details about me and my department. It’s easy enough to create a static page describing the department I work in. I don’t have to worry about high availability, e-commerce or encrypting my data. Of course, this is a trivial example: being able to start a car does not make me a driver. The more complex the business solution, the greater the technical challenges I have to overcome.

My single page can’t do any harm, can it? After all, the server is patched and the site is so simple it is practically unhackable. I don’t have to worry about intruders damaging the company reputation by defacement or other vandalism. Who could I annoy?

  • The marketing department. All the corporate branding is missing. Even the URL is not right. Who would really believe http://ec2-1-2-3-4.eu-west-1.compute.amazonaws.com/ is part of my enterprise? The marketing guys may accept an URL shortener like bit.ly, but not this.
  • The HR team. I am posting confidential data. The terms of my employment do not allow this.
  • The legal guys. I am sending personal data across national boundaries. I have caused regulatory compliance issues for my company.
  • The security team. They don’t know the first thing about this new service, let alone checked the information security.

Experiments like this must not be linked to the enterprise.

The pros and cons of procuring your own IT

If you are a department manager, be careful. You now face a unique challenge. The world of cloud computing is attracting direct interest from business leaders in a way that hyped technologies of the past have failed to do. How many managers have you seen tinkering with blade hardware or ESB software? Any business unit can now instantly procure its own IT, cutting many steps out of the traditional procedure. The minimal effort required to get to this point can be put in by anyone.

Let’s say an enterprise chief such as, ooh, say, Dr. Werner Vogels, the CTO of Amazon.com, has decided on a new strategy to empower every department to use cloud computing (and this is what led to the formation of AWS).  A department manager, who previously relied on the IT department for all that arcane hands-on magic, may solve his headache of scarce IT resources by commissioning his own cloud services. The challenge is to achieve the positive effects and avoid the negative.

Pros

  • Money. The huge long term investment and short term maintenance costs are gone.
  • Time. It takes minutes to create virtual services.
  • Scale. The vast data centres of the big cloud players (AWS, Rackspace, Verizon, etc.) allow practically unlimited growth.

Cons

  • Regulatory compliance. The manager puts customer information in the cloud. The provider moves that information around the world and the company fails its regulatory compliance.
  • Security. The manager puts vulnerable applications in the cloud. Naughty people mount man-in-the-middle, cross-site scripting, and defacement attacks.
  • Cloud sprawl. All departments love commissioning their own IT solutions. The company ends up with dozens of unconnected e-mail systems, web sites, office apps, data stores and so on.
  • Repeating the mistakes of the past. Other little gotchas that burnt the IT department in the past will hurt the other departments again.

The safe path through this maze is to follow the direction of the consultants in the IT department. They know these waters – they have decades of experience evaluating services, keeping stakeholders happy, building  business tools and so on. But how open is the typical IT department to helping a manager go elsewhere? I fear they will not jump at the opportunity – they will have to be pushed.

Missed a piece?

Follow the entire journey of working in the Amazon Web Services cloud from initial sign-up to building applications and beyond.