Risks And Rewards Of Moving Data To The Cloud 

The cloud is flying high in the IT sky; but a number of anxious companies remain firmly anchored on the ground, because they are concerned that moving to cloud-based systems will negatively affect their businesses. Indeed, there are six perceived risks that seem to worry many C-level executives when it comes to the cloud: lack of safety, security and reliability; loss of control as a result of not owning the hardware and facilities; power and performance; compatibility; complexity and ease-of-use; and price and cost-effectiveness.

Before I address (and, hopefully, dispel) each of these perceived risks, it's important to acknowledge the real-world fears that a host of companies have about migrating to the cloud – down time, mission-critical-data loss, and business disruption-damage.

Some CIOs, for example, fret that if their enterprise resource planning, inventory management or billing systems move to the cloud, and there's a problem, they'll be forced out of business. Other CIOs have channeled a huge amount of time, energy and budget into the customization of their corporate data centers, so, in their mind, jumping to the cloud is akin to having a digital organ transplant. And still other CIOs get a headache just contemplating re-location to the cloud, because they think it's an overly complex and totally unaffordable transition.

The good news is that a growing number of companies are, in fact, moving essential parts of their workload to the cloud. A recent survey by UBS AG of 101 CIOs in the United States and Europe, for instance, found that more than half will move some critical data to a public cloud, but in a gradual way; at the same time, a third of respondents said they were moving to a public cloud as quickly as possible.

I believe that these numbers will grow, and that the pace for moving mission-critical data to the cloud will pick up – but only after companies are satisfied that the risks of going to the cloud can be efficiently and effectively offset.

With that in mind, let's look at those six perceived risks again – and, this time, let's confront each one of them.

Lack of Safety, Security and Reliability

IT expects that its data and applications will be protected from theft and unauthorized access, and that its technology will be run dependably, 24x7x365, in order to keep the business humming along, meet regulatory requirements and protect the company's assets.

To help insure this, IT must choose an IaaS provider that meets proper security and regulatory requirements, in terms of how data centers are designed, built and managed, and in terms of features that provide the level of security that's needed – whether it's data encryption or dedicated vs. shared infrastructure, for example.

IT must also make sure that the SLAs (service level agreement), RPO (recovery point objectives) and RTO (recovery time objectives) are clearly defined and capable of being delivered by the vendor infrastructure. This is a critical area that is often glossed over when choosing IaaS vendors, and/or when designing the data management platform that's built upon basic IaaS building blocks, like block storage and object storage.

And, even if IT is using an IaaS vendor's hardware, IT will still be responsible for insuring that there's no data loss and down time from inevitable failures in the underlying IaaS hardware. The inescapable reality is that executives will continue to hold IT accountable for keeping these systems up and making certain that there's no loss of data.

By designing the IaaS using best practices that IT has known and trusted for decades – for example, using high-availability features like RAID, automatic failover for critical services and scheduled storage snapshots found in a NAS filer – and harnessing an appropriate level of IaaS redundancy, the SLAs, RTO and RPOs can all be met. They may not be met solely by the IaaS platform vendor, however, so using a combination of IaaS building blocks, plus third-party tools like NAS filers, clustered databases and automated backups, may be essential.

Loss of Control

IT management fears the loss of power that comes with turning over some, or all, of its IT infrastructure to a third party. So this type of transfer is usually viewed as unnecessary, and it's often greeted in an unwelcome way.

It's true that with IaaS IT no longer has to worry about replacing failed equipment, such as switches, routers, disk drives and servers; but these are low-value jobs that can be readily handled by IaaS vendors possessing good operational discipline and systems.

It's also true that IT and DevOps continue to control how the IT infrastructure is architected, designed and deployed at the application and data levels; and there's plenty of room here for monitoring, management and insuring the right levels of redundancy and high availability.

Too many IT managers get hung up about the loss of physical control over their own data centers; they also fail to realize that when they're in the cloud and IaaS world there's plenty of room for operational control over IT operations. In other words, they can control how IaaS is leveraged to make sure that business needs and objectives are all met.

So, the IaaS vendor has physical control, and IT and DevOps have operational control. You can also look at it this way: IT and DevOps deploy virtual servers and work with virtual data interfaces, rather than also owning the physical layer. This actually allows IT and DevOps to focus their time on doing a much better job at operational control in the cloud, since they're no longer responsible for the physical layer.

Power and Performance

IT is accustomed to delving into every detail of IT infrastructure hardware, architecture and design in order to insure that the power, efficiency and performance that's required will actually be delivered.

IaaS that is delivered in the cloud is, of course, still based upon underlying hardware; but IT no longer has to be concerned with every detail of the hardware. Instead, it can choose from a much broader range of virtual computing services, and readily switch and upgrade to get the level of service needed, without incurring the usual capital expenses and overheads associated with equipment ownership and maintenance.

Unfortunately, some of the features and capabilities that deliver the level of performance for data access and management are not available at the IaaS basic-building-block level – for example, RAM caching, SSD caching, deduplication and compression. But they are available from a NAS filer. Just like in the traditional data center, the NAS filer provides the powerful features and levels of performance needed by IT to deliver its applications.

Compatibility

IT is used to choosing best-of-breed hardware and infrastructure components like switches, routers, firewalls, servers and storage systems. And it's used to deploying industry- standard interfaces to maintain compatibility. These IT infrastructure decisions are no longer relevant when you move into the cloud, because IT infrastructure is delivered "as a service," rather than "as component building blocks."

The positive here is that, because IaaS is delivered as a set of virtual services, which insulates IT and applications from physical devices, virtual servers and virtual data access provides a much broader range of compatibility for IT systems. NAS filers should provide another layer of compatibility across various IaaS systems, making it easier to move, share and access data across any IaaS vendor system or hardware.

Complexity and Ease of Use

IT has always dealt with highly complex systems, and it actually expects complexity to be an issue – and area – that it resolves for its business-unit customers. When moving into the cloud, another IT department becomes the agent of simplification for the business by making IaaS easy and convenient. This further reduces IT's value-add and control.

Complexity and security are the enemies of ease of use in most enterprise systems. And complex systems require experts who are trained and certified to manage the complexity and security to acceptable levels.

The ease of use and on-demand convenience of the cloud and IaaS need to be meshed, enabling any IT administrator or DevOps team member to have access to the powerful NAS capabilities – but without the complexities, inconveniences and specialized knowledge and training associated with prior generations of legacy NAS filers from traditional enterprise vendors. In the cloud, ease of use trumps complexity; and complexity isn't required to enjoy the benefits of powerful, enterprise-grade storage in the cloud.

Price and Cost-Effectiveness

IT has traditionally owned and managed a large capital budget for its data centers and equipment, plus a large operating budget for its human capital and other resources. Renting IaaS means giving up this large capital budget, relinquishing power over vendors and infrastructure decisions, and possibly losing some of the people who are no longer required to manage this infrastructure in-house.

The upside is that the rental model turns what used to be a CapEx-heavy investment and long-term commitment into a short-to-medium-term operating expense commitment, where IT pays only for what it needs, as it needs it, instead of paying up front for all the future capacity that it may require over the next three to five years. This provides the business with a more cost-efficient model that depends less on accurate prediction of the future and more on operational agility, which is the focus of DevOps.

The Cloud's Profitable Future

The bottom line here is that making a business case for the cloud will become increasingly easier as a growing number of businesses successfully move their mission-critical data there.

That said, there are still companies who attach tremendous risk to this technology migration. Ultimately, however, I believe that these more conservative enterprises will find many of their fears unfounded and offset by the profitable and expansive future that the cloud represents.

Rick Braddy is founder, president, and CEO of SoftNAS, a storage software company that manages mission-critical data for virtualization and cloud computing. Similar to legacy Network-Attached Storage (NAS) appliances employed by the largest corporations in the world, SoftNAS offers the first IT-friendly, on-demand, network-attached storage system that runs both in the cloud and on-premise as software-as-a-service (SaaS). It is fast, reliable, easy to access and use, and works with the most popular cloud computing platforms – Amazon EC2, VMware, and Microsoft Hyper-V. Based in Houston, SoftNAS is privately held.