The pros and cons of cloudification

Technology

Mario Galatovic at Utimaco explores the issues that IT strategists need to consider when evaluating a move to the cloud

More companies than ever are using cloud-based technology to extend their capabilities, build resilience and save money. One report has 88% of respondents using cloud technology, and the public cloud computing market is estimated to be worth $800 billion by 2025, representing 14% of all IT revenue.

Cloud computing has some tremendous advantages over previous on-site computing, in which copies of software (Microsoft Word or antivirus software for example) would be stored on every computer that needed it and shared documents and other files would be stored on a central server which could be accessed remotely. That gave network administrators a high degree of freedom in setting up servers and granular control over their operations, but it also meant that one mis-configured component or a missed update could bring down a network or expose it to security vulnerabilities.

Cloudification is a genie that isn’t going back in its bottle since its benefits are often profound, but like many things it shouldn’t be approached as a fix-all for the problems of running an effective enterprise network. Below we will look at the paired pros and cons of cloudification.

Pro: Help along the way

One of the most obvious aspects of cloud services that many people miss is that they are services – there is another company who are experts in what they do helping you to get the most out of their product. This means that you will have support from experts when you need it as opposed to having to work things out by yourself.

Con: Difficulty transferring services

One area in which it is not advantageous to use cloud services is when you have to transfer from one provider to another. Although they will be eager to help onboard you, if your systems are fully enmeshed with one service provider and you decide to move to another you might find that transferring large amounts of data and integrating APIs is a long-winded and costly process.

Pro: High security

Most cloud services can really only be built by extremely large companies like Microsoft and Amazon, and these companies have the capital and expertise to build in professional-grade security. They don’t have a choice – regulations aside, when they have hundreds or thousands of companies relying on their services they need to be able to provide a sense of security alongside other services.

Con: A large target

One of the key reasons for moving from on-site hosting to the cloud is that the large-scale servers that cloud services are hosted on have a much higher capacity for traffic than anything that a smaller company could build as part of their own data centre. This means that they are much more able to withstand Distributed Denial of Service (DDoS) attacks, in which attackers send a large amount of fake requests to a site – at their simplest, having thousands of virtual machines refresh the same page over and over again until the site’s server is overloaded.

The only problem is that while a cloud server could withstand a small DDoS attacks, a sufficiently large attack, or one that takes advantage of vulnerabilities, could knock every company with services on that platform offline. So far this is only a hypothetical scenario on large-scale cloud services like Amazon Web Services, but smaller services, like shared hosting for a corporate website, could feasibly see this happen.

Pro: a wide range of services

Since its creation (cloud computing is arguably one of the first kinds of commercial computing), cloud computing has grown exponentially in terms of both its size (as mentioned above) and the range of products on offer. While a decade ago it would have been unusual, if not impossible, to have accounting or word-processing software on the cloud as opposed to individual machines, today there barely need to be anything stored on individual hard drives as virtually everything can be cloud-ified.

Con: A lack of customisation

Despite the huge range of cloud solutions out there, you are still required, more or less, to use ready-made solutions rather than building your own software. This won’t be a problem for many companies, but for some in areas with specific requirements, like medical technology or R&D, then there may be the need to build bespoke cloud applications.

There are companies who can build and deploy cloud-based solutions, but for many companies the more efficient approach would be to either create their own software along a pre-cloud paradigm or create a cloud-based solution in-house, deployed on their own servers.

Security – best handled in-house?

From our own perspective, the hands-off nature of the security systems might be cloud services’ Achilles’ heel. At enterprise level, security is more than installing antivirus software and making sure that it’s set to auto-update, it’s a vocation that touches on everything from cryptography to psychology.

Although there are many cloud services that can be part of a security professional’s toolbelt there is always an argument that can be made for having the core of a large organisation’s security sit in-house, in a central server with heavy-duty, enterprise-grade hardware modules.

Mario Galatovic is Vice President Products and Alliances at Utimaco. He has a diploma in engineering for information technology with a main focus on applied cryptography from the University of Applied Sciences in Offenburg. Currently, he is very active in the fields of blockchain and post-quantum-cryptography

Main image courtesy of iStockPhoto.com