by Andy Patrizio

Amazon targets compliance-driven markets

Mar 03, 2016
Amazon.comCloud ComputingServers

Amazon Web Services EC2 Dedicated Hosts are designed to give you an on-premises experience in the cloud – for good or bad.

amazon web services summit
Credit: Thinkstock

Heavily regulated industries with lots of regulation compliance rules, such as healthcare and finance services, have found the cloud to be a bridge too far, since they had such strict controls over data, where it resided and how it was protected. 

Late last year, Amazon sought to fix that issue with its Amazon Web Services EC2 Dedicated Hosts, which provide dedicated physical servers, along with the management and visibility tools, to ensure a more granular control over which VMs certain applications and data reside. 

“EC2 Dedicated Hosts are a good choice for any customer looking to save money by leveraging existing server-bound software license investments within EC2. Dedicated Hosts can also help customers meet compliance and regulatory requirements by giving more flexibility, visibility, and control over the placement of instances on dedicated hardware,” says Jim Sherhart, senior product marketing manager at Amazon Web Services. 

Some compliance and regulatory requirements require control and visibility over instance placement at the physical host level. In these environments, detailed auditing of changes is also a must. Customers of the Dedicated Hosts can use AWS Config to record all changes to their instances, he adds. 

Also, licenses for Windows Server, Oracle databases and other services often require specific servers and time periods, or can only be run on servers with a certain number of sockets or physical cores. Many products, especially databases, have migrated to a per-core license fee. EC2 Dedicated Hosts gives greater control over that. 


Because the number of cores is spelled out, EC2 Dedicated Hosts also offers what it calls Bring Your Own Licenses. You can bring your existing server-based licenses for Windows Server, SQL Server, SUSE Linux Enterprise Server and other enterprise systems that were previously used on-premises and run them on the Amazon servers. Dedicated Hosts allows you to match your hosted hardware to the core/socket terms of your license, so it’s another way to reduce your dependence on an on-premises system. 

[Related: Verizon charts a different cloud services path] 

Dedicated Hosts can run Windows Server, RHEL, Suse, Amazon Linux, Ubuntu or Windows Server on more than 30 variations of the multiple AWS instance types. Usage can be tracked through AWS Config to verify license and regulatory compliance. 

The dedicated hosts run the same EC2 instance types that are available through its default tenancy offering, so there is no difference in terms of CPU, storage, memory and network allocation from the virtual hosts. 

A Dedicated Host Reservation price provides customers with a discount of up to 70 percent compared to On-Demand pricing. Good news for tire-kickers, Amazon publishes its dedicated hosting pricing structures

[Related: VMware turns to IBM in the public cloud] 

While Dedicated Hosts will work for customers with compliance issues such as an audit trail or license adherence, it also works against you in that the whole point of public cloud is to scale up and down, notes Tim Crawford, CIO strategic advisor and president of the consultancy AVOA. 

“You have to be careful you don’t get sucked into an on-premises version of a public cloud in that you are making an investment that could be pretty costly,” he says. 

It sounds similar to the bare metal offerings of IBM’s Softlayer subsidiary or Rackspace, but it’s not. In Amazon’s case, the dedicated host still runs the application in an Amazon Machine Image or a Xen virtual machine. You just have greater control over the hardware allocated, and a better audit trail. 

While the market may not be too big, in terms of companies dealing with compliance issues, Crawford says “more times than not” he sees firms in those industries using compliance as an “all-encompassing excuse” not to embrace the cloud at all. 

“Compliance is only for specific apps and data sets. It doesn’t govern the whole company. When you break down the problem it only governs a specific piece or component of data and only those apps,” he says. 

The result is compliance hamstringing companies from moving to the cloud. For example, a medical company has to deal with HIPAA. Ok, what about the rest of the firm? Mail, Office, accounting, CRM can all be moved to the cloud. But they aren’t breaking down the problem and laying out the workloads and data sets, he notes. 

“Let’s say 40 percent of the data needs to be governed. Ok, you put a little more security around it. What about the other 60 percent? Go forth and conquer,” says Crawford.