- The Cloud isn’t one big data center in Topeka, Kansas – Google, Amazon Web Services, Microsoft, Rackspace, and VMWare don’t all operate out of one giant data center somewhere. The Cloud isn’t one thing. Microsoft’s Cloud is not the same as AWS’ Cloud, which isn’t the same as Google’s Cloud. The Cloud doesn’t go down, despite the ominous headlines. AWS, for example, has nine regions around the world. Each of those regions has, at a minimum, two Availability Zones. Each Availability Zone is an independent data center. In fact, AWS has 25 independent data centers around the world. What happens at one doesn’t happen at them all.
- The Cloud isn’t a panacea – Simply moving to the Cloud isn’t the beginning and end of the discussion. Putting storage in the Cloud isn’t the answer, in and of itself. The Cloud gives you options you’ve never had before, but it isn’t plug-and-play. If you’re going to leverage the Cloud, you need to architect appropriately. If you design failover in your own datacenter, you need to design failover in the Cloud. You’re still building a datacenter, you’re just not doing it on-premises and with the thousands, or hundreds of thousands of dollars in up-front capital expenditure. The Cloud can handle all of your data needs, even the PII data, but it’s not a place where you can put all your eggs in one basket and walk away.
- The Cloud isn’t insecure – Cloud technology in many places is defaulted to least privilege access. What’s that mean? Well, it means that by default, you’re the only person that can access the infrastructure. How about for storage? In AWS’ S3 storage service, when you create a bucket for your items, you have to manually allow others access to that location. How about networking? With some Cloud vendors, you can create Virtual Private Clouds to isolate your infrastructure, build in security controls that allow only certain IP address access to services, and create user groups for employee access to only certain servers. You have to protect your infrastructure like you did before. If you leave the door open and the key in your new car, don’t complain to Chevrolet when it’s stolen. If you leave ports open and security lax in your Cloud infrastructure, don’t complain to Microsoft when you’re hacked.
- The Cloud isn’t someone else’s responsibility – As we noted before, the Cloud isn’t plug-and-play. You can’t deploy to the Cloud then throw away your patch management strategy, your security updates procedures, or your IT governance. Assuming you’re hosting your own infrastructure, you have to maintain it like you did before. But it can be a lot more efficient in the Cloud.
Matt Jordan is the Cloud Services Manager for JHC Technology. He can be reached at mjordan(at)jhctechnology.com, @matt_jhc, or connect with him on LinkedIn.