The Perils of the Public Cloud

The Perils of the Public Cloud

Posted in Articles on Thursday, August 28, 2014 by Richard Vester - Director, EOH Cloud Services


Cloud computing services have matured and started to become more widely adopted as a business technology in recent years. Much of this growth has been driven by what we can call "public" cloud services, of which the most well-known are probably Dropbox, Google Drive, Microsoft Azure and Amazon Cloud.

These cloud storage services have made cloud computing easily accessible for businesses of all sizes. While SMMEs in particular have started using them, larger enterprises have also taken advantage of their ease of use and widespread accessibility. Even if the services are not used comprehensively throughout the organisations, employees often use them in piecemeal fashion - for example, to store documents so that they can access them from different locations.

As useful and easy-to-use as these public cloud services are, they really aren't ideal for businesses. Here's why:

Lack of control

Public cloud services are almost always one-size-fits-all solutions. They offer predetermined features that cannot be changed or customised to any specific business needs. It's very much a case of "use what we have" and that's it.

Vendor lock-in

Allied to the above point is the issue of vendor lock-in. Public cloud services usually force a business to use a specific platform with little, if any, choice of software or systems. A business is required to format its information to match the "flavour" of technology that is offered. This might not be a problem when simply viewing documents, but it can become a sizeable headache when it comes to database compatibility, for example.

No service level guarantees

The public cloud storage provider is completely independent when it comes to the reliability of the services. While the providers certainly strive to deliver a usable solution that is available as much as possible, there are no service level agreements to hold them to, and consequently there are no guarantees of data availability. If the services go down there are no recourse or dedicated failover options - the business simply has to wait until the service is up and running again (as happened with the high-profile Amazon Cloud meltdown in 2013). Furthermore, if there is a catastrophic event, it's possible for the business data to be completely lost.

Security vulnerabilities

It's absolutely true that the most prominent public cloud storage providers use high levels of security to protect users' data. But that doesn't make them invulnerable. Data protection and compromise is a constant cat and mouse game, where even the most sophisticated systems are not impervious. In addition, the high profile data storage providers are seen as juicier targets because of their profiles and the vast amounts of data that can be accessed. They are thus more likely to be attacked.

Privacy and data ownership

In countries like the US the laws governing data privacy in a public cloud storage facility are different to the ones that apply to data housed in an in-house or dedicated private business data centre. Public cloud providers are more exposed to subpoenas and potentially to backdoor data monitoring. While a law-abiding business may not view this as problematic, it nonetheless creates privacy exposure.

Perhaps more worrying is the issue of data ownership. Some public cloud storage providers have clauses in their terms and conditions that practically amount to data sharing permission, in the sense that the service provider is allowed to parse the data and mine it for commercial intelligence that it can use for other revenue-generating activities.

So while the advantages of cloud storage are abundantly clear, businesses need to be very careful when using public cloud service providers. The best option is always to use a dedicated cloud provider that can offer a bespoke service tailored to the business, with accompanying SLAs.

Richard Vester has been in the ICT industry since 1997, intimately involved in product development, operations and product marketing. He has worked for some of the leading ICT companies in South Africa and joined EOH as the Divisional Director Cloud Services in 2012. He has a detailed knowledge and understanding of cloud computing and has developed one of the leading cloud businesses in Africa.