Checking off the costs -- and risks -- involved in migrating enterprise functions to the cloud isn't as easy a task as it seems.
Sure, there's the basic cost of cloud storage, and there are the initial startup costs, including identifying, and cleaning up, the data to be transferred and any necessary training. As for risks, security breaches, cloud outages, and data loss top the checklist.
A recent survey by Symantec, however, details the potential hidden costs of adopting a cloud platform. Some of these are unsurprising; others are eye-openers.
The report, "Avoiding the Hidden Costs of Cloud," was based on the real-life experiences of more than 3,000 companies in 29 countries. One of the main problems reported was loss of data. This might have been anticipated, but the problem is dishearteningly widespread.
More than 40 percent of the businesses surveyed had lost information in the cloud, and almost 70 percent have found that cloud-based backup or recovery systems failed to work. Where data recovery worked, it frequently worked too slowly: Around 20 percent of businesses said it could take three days to be up and running again.
That's not what we ordered.
More interesting, though, were some of the more obscure pitfalls described in the survey. These include:
Rogue deployments
Inefficient storage
Compliance and e-discovery
If IT managers think they have a firm handle on business cloud deployment, they should think again. For every properly examined and approved cloud project, there may be 50 employees using Google Drive, another 50 using Dropbox, and any number putting enterprise files in the cloud simply by attaching them to external emails. Cloud services like these are the easiest things in the world for individual employees to adopt and utilize for business purposes.
One of the main attractions of cloud computing should be elasticity. When you need extra capacity, it's there; when you don't need it, you shouldn't be paying for it. But how many organizations are overprovisioning, or wasting capacity by storing duplicate -- or otherwise useless -- data? According to Symantec, utilization across the businesses surveyed is a shockingly low 17 percent (7 percent for SMBs).
Old-fashioned paper discovery (handing over documents in lawsuits) is a headache; e-discovery is a nightmare. Imagine what cloud-based e-discovery is like? Almost 70 percent of organizations served with e-discovery notices had missed the deadline, while more than 40 percent were unable to comply at all.
It's easier to point out the problems than to come up with solutions. These hidden costs are hardly "easily avoided," as Symantec is inclined to suggest.
Sure, policies are important, but enforcing a policy, for example, that employees should not use readily available, public cloud services -- GMail, anyone? -- is much tougher. Similarly, deduplicating data is a no-brainer in theory. Achieving accurate, thorough deduplication without erasing important data, however, can be a big challenge.
What's more, the report hardly scrapes the surface of multi-jurisdictional compliance problems of the kind, for example, that have beset Google in Europe.
Of course, there's little alternative to confronting these issues. The cloud is the future, and there are going to be bumps in the road.
Here's another good example of international compliance conundrums. A French court has instructed Twitter to identify users who posted racist messages illegal under French law. Twitter is resisting, saying it only complies with valid orders from US courts. As the Times says,
The case revolves around the broad question of which country's laws have jurisdiction over content on the Internet. This question has become increasingly complicated as vast piles of information are stored in sprawling data centers, known as the cloud, that are accessible over the Internet anywhere, anytime.
I don't see the problem of rogue cloud deployment being solved any time soon either, especially with the steadily increasing use of personal devices for business purposes.
Lin, I think you're right. Doubtless anyone resident in Europe is protected by European privacy laws. Does it matter where the cloud is? I don't think so, but, well, I'm not a lawyer.
Great article, Kim, in pointing out the often overlooked management issues that result in less than optimum performance and added costs.
It appears that a basic approach to overcoming some of these problems again depends on good overall data design and an architecture that takes into account the current structure, the transition, and the system one is trying to build.
Added note, because of the disparities in regulations (which I don't see being solved any time soon), taking into account these parameters as well.
I guess we keep going back to the good basics to make systems work!
"... Google, which is facing the problem that it can't legally collect and maintain data about European citizens in the same way it does for American citizens"
@Kim - European citizens ... American citizens? I though the geographic/political boundaries defined the privacy regulations in effect (rather than one's citizenship status)?
One big problem with standards for eDiscovery, and compliance generally, is variation between jurisidictions. If a company does international business, it may face different compliance requirements regardless of where its cloud is hosted. One example I have in mind is Google, which is facing the problem that it can't legally collect and maintain data about European citizens in the same way it does for American citizens. European privacy laws are much more stringent.
Standards may be the answer, @abdiah, but I think organizations can control their ediscovery issues if they centralize their cloud rollouts and investments rather than allow these rogue implementations. If IT makes it just as easy for a department to come to them vs pick up the phone and call a cloud service provider, then departments will call IT for cloud rather than look outside for help. Educating department heads or whoever is authorized to sign a credit card for a cloud service about the big issues that may occur with these rogue implementations can help, too; I'd wager that some folk don't realize the Pandora's Box they're opening. They just see a quick, cheap, and easy resolution to their problem.
It sounds like there is a need for agreed to standards for storage in order for facilitate e-discovery, but that too may make cloud implementation less attractive.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Like other leading technology-using businesses, Walmart is starting to look like a vendor in its integration of the latest technologies to serve its customers. That's what led it to buy two Silicon Valley cloud startups this week.
IT executives are worried about business units that use social media, Dropbox, Skype, and other public clouds without working through IT. This "cloud sprawl" creates concerns about security, compliance, and other potential problems for the enterprise, according to a study.
Cloud computing helped Netflix score a big win this week, meeting a thousandfold increase in demand and driving the Internet video service provider back to profitability. It provided Netflix with "availability, scalability, and cost savings," chief executive officer Reed Hastings wrote in a letter to shareholders.
Curious reports this week suggest that HP's blossoming interest in offering converged cloud services puts the PC giant in direct competition with Amazon. That's not how I see it.
Multi-tenant clouds assure security for clients, but not necessarily for their ideas. Here's one thing you should discuss with your cloud provider before you sign on.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Enterprises are discovering that using social networking within the secure setting of a SaaS provider's network gives them an unusual opportunity to freely collaborate with partners, suppliers, and even competitors.
All the recent hoopla about cloud security overlooks an important point, which is that it's not strictly a cloud problem. The linkage of online services into cooperative chains creates the risk, and only biometrics and federation of providers can save us.
Microsoft's recent decision to bundle its Office software with business partner offerings indicates that cloud software may be in the news, but licensed packages are still in demand for failover.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Ushering in a new era of cognitive computing systems, IBM announced today the IBM Watson Engagement Advisor, a technology breakthrough that allows brands to crunch big data in record time to transform the way they engage clients in key functions such as customer service, marketing, and sales.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
Email This
