Horror stories don't just happen at the movie theater. In a few cases, companies make a big play to use the wrong cloud application or experience widespread outages in their connection to cloud storage.
While vendors claim that cloud services are secure and reliable, that's not always the case. A better way than relying or vendor promises? Make sure your migration plans, budgets, existing infrastructure, security and any ancillary services all match up before making the jump to the cloud.
What Happens When a Cloud Provider Declares Bankruptcy?
Late last year, a cloud storage company called Nirvanix shut down and gave customers only a few weeks to move data to a different provider. According to Charles King, an IT analyst, this meant companies with terabytes or even petabytes of data in the cloud had to act quickly. "A business should always have a strong sense of the assets it has stored in the cloud, but it needs to consider those points in terms of the time and cost of retrieving them," King says.
In the case of Nirvanix, one client noted that, due to the company's download bandwidth limitations, it would need 27 days, in a best-case scenario, to recover all data. "That was cutting things pretty close since they were given just 30 days' notice to remove everything," King says.
What If the Wide Area Network Is Faulty?
Before attempting to use cloud applications to run your business, you might want to check with your network engineers first.
John Eisele, the vice president of business development at The DDC Group, a business process outsourcing company, tells the story of a major networking snafu. A preexisting condition related to router configurations at a customer location became exacerbated once the company started using cloud apps. Slow, sometimes broken connections were the main problem, though there were some issues using a virtual network with an external VPN. Fortunately, the network engineers and WAN experts ran diagnostic tests. The culprit? Outdated router configurations.
"In the end, the customer's end-users could successfully access the cloud-based applications quicker than they could before the migration – which should be the case with all cloud solutions)," Eisele says.
What If Your Cloud Service Provider Has No Disaster Recovery Plan?
Disaster recovery is far more than just having a good backup. There has to be a more thorough way to get a system back online. This can include restoring data, applications, server access, user accounts and much more.
Code Spaces, a company that let developers host their code on a cloud server, learned this the hard way. Last month, the company announced that its Amazon Web Services account had been breached. The hack wasn't just a way to change passwords and block access, either. Code Spaces found that its Apache Subversion repositories and Elastic Block Store volumes had been deleted.
It gets worse: The company posted a message on its site saying that it wouldn't be able to rebound from the attack and would be closing its doors. A spokesperson for Amazon told CIO.com the breach had nothing to do with the AWS services and that companies must follow the AWS security precautions.
What if You Forget About Compliance and Security?
Most companies know the cloud is a secure portal. In some cases, the disaster recovery techniques and backup processes are even more rigid than an on-premises approach. According to analyst Rob Enderle, though, that's not quite the whole picture.
Enderle tells the story of two engineers at an enterprise-level pharmaceutical company who were tasked with analyzing the results of a drug trial that required an investment in hardware and software. The IT contacts told the engineers the budget would be around $100,000 and would take nine months to deploy. They decided not to wait. After finding a cloud provider and spending about $3,600 using their own credit cards, they rented the resources and finished the work. Then an executive found out.
[ Commentary: Cloud Availability Trumps Security When it Comes to Shadow IT ]
"The engineers were terminated the following day for the massive violation of security policy," Enderle says. "There was no way to determine where the data resided after the work was done but, generally, it was believed to be in Eastern Europe."
How should your company respond to all of these horror stories? With due diligence. The experts all says cloud infrastructure is just an extension of your own data center and computing services. Somewhere, there's a server and a storage array housed in another city – or another country. Research all of the variables, ask the right questions and be thorough about your strategic plan.