Each public cloud computing provider has its own competitive advantage, which it passes along to you, as its customer. How cloud providers extend these advantages to you is more difficult to determine. Not only are there significant nuances between pricing models, it’s also hard to know how you can get the most value from a cloud computing service with your business’ particular workload and data flow.
Whatever decisions you make, be sure to plan ahead—do what you can to avoid the common cloud traps, carefully consider your options, and develop contingency plans for all scenarios. Aside from proprietary interfaces, there are a few caveats of using public cloud resources that aren’t clear to new users. These considerations don’t necessarily represent barriers to the cloud, but knowing which issues you can and cannot accept will affect your decision-making process.
Here are 10 considerations to note when choosing a public cloud provider:
- Controlling vulnerable accounts. When you sign up for their services, public cloud providers generate account credentials for you with full rights. Never use these accounts for anything except making additional accounts with appropriate rights. If an unauthorized person ever gains access to your primary account credentials, you’ll have a hard time regaining control of it.
- Managing keys. Every server, service, user account, and scripted account uses security keys. This can quickly spiral out of control, so most companies use the same keys for everything. While that does simplify key management, it’s a dangerous approach to take with an automated account. For example, automated users (scripts that call cloud functions) require authentication, which developers frequently embed in their scripts for convenience. Developers often have accounts on GitHub where they might publish the code— with the embedded authentication keys—for the GitHub community. Hackers scour GitHub for this very scenario, and when they find your keys, they won’t waste any time running up your bill.
- Paying more. Public cloud resources can help you convert capital expenses (CapEx), such as private cloud hardware and software, into operating expenses (OpEx) that you pay on a monthly or pay-per-use basis. However, it takes a lot of planning to make this conversion work. Most savings from the cloud come from shrewdly using software and platforms as a service (SaaS and PaaS), and then designing the remaining infrastructure as a service (IaaS) to minimize costs.
- Losing data. Virtual machines don’t behave as you might expect in public clouds. For example, if you move a database server into AWS, run it for a week, and experience an issue, you reboot. If that fails, you’ll stop the VM. But when you spin it back up, you’ll find you’ve lost that weeks’ worth of data on the disk. That’s because Elastic Block Storage (EBS) is ‘ephemeral’ storage—when you stop a VM, the storage is automatically reclaimed into the pool. The data only exists while the virtual machine is on. If you want that data, you need to make a snapshot, send it to the Simple Storage Service (S3), and use database services like Relational Database Services (RDS) to keep your database data safe.
- Becoming cloud ready. For cloud providers, “cloud readiness” refers to your ability to rebuild servers quickly. For example, if you build a server in the cloud and something goes wrong, cloud providers expect you to destroy it and build a new one. Conversely, administrators in traditional environments prefer a certain familiarity with their servers. They’re accustomed to investing time into their servers by installing their favorite software, tools, and scripts and by changing their configurations over the years. This operating model simply doesn’t work in the cloud.
- Managing a virtual infrastructure. When you use public cloud resources, you still need a network design—web servers in the front, databases in the back, failover within and across regions. You also need to know how the servers will interface with persistent storage and platforms, such as authentication and security keys. Likewise, you need to determine how the first line will distribute data and how you will implement DNS, load balancers, and autoscaling.
- Getting hacked. It’s not uncommon for people frustrated with all the security keys, security groups, and access control lists (ACLs) to experiment with things they may not understand. This is acceptable in a private cloud, because the firewalls are robust—but public clouds don’t have advanced firewalls. Furthermore, hackers know the IP address ranges for public clouds, and they’re constantly scanning for vulnerable openings. If you don’t know the rules, it’s easy to inadvertently expose your sensitive information to the Internet.
- Surrendering visibility. In traditional environments, you know the precise locations of your servers and data centers. You can see what services are running on which hardware. Public cloud providers simply don’t offer this same kind of visibility. Even if you have a security auditor that demands it, public cloud providers will never reveal the specific locations of their servers or data centers (although they can provide you with the proper security certification documents).
- Going without service guarantees. Public cloud providers only offer “best-effort service levels.” So if you pay for a load balancer, for example, that goes down for a couple hours, the cloud providers won’t charge you for that downtime. But they also won’t reimburse you for the revenue, time, or business value you lost as a result of the outage.
- Overwhelming costs. Realizing cost savings from the cloud requires a thorough understanding of the products and pricing systems. Unfortunately, few people examine the minutiae of what their systems need before deploying them on public cloud resources. They simply choose default settings and hope for the best. It will be worth your while to invest in properly sizing your VMs and investigate how you can best optimize your costs.
To learn more about how you can transition to the a cloud computing model, consider our Cloud Strategy and IT Transformation Workshop. It’s a collaborative, interactive discussion that will give you a better understanding of the marketplace and leave you with ideas on how you can integrate the cloud into your own environment.
You can also download our eBook – Understanding the Cloud—What You Need to Know Before Diving In.