The cloud is the new IT economy these days, and for all intents and purposes, the public cloud marketplace has become a vendor landscape essentially monopolized by the big four providers: Amazon Web Services, Microsoft Azure and the IBM Cloud. If you throw in hybrid and private clouds, then VMware’s vSphere is also making a major impact in the space.
One would think that three industry giants competing against each other in a veritable death match might be nothing but good for customers, and in many ways it is — prices are coming down, functionality is on the rise, and there is a lot of integration with other third party software vendors to enable key scenarios. But this type of landscape really comes with its own challenges for patrons of the public cloud: how to stay on top of a constantly changing technology stack with the same limited resources they already have.
RightScale, a cloud portfolio management company, recently released a report entitled “RightScale 2016 State of the Cloud Report,” and inside it reveals that, according to respondents to its annual survey, 32 percent of cloud users find lack of resources and expertise is their chief challenge when embracing and consuming cloud services. Somewhat incredibly, this lack of experience and education about cloud services and specifically how to use them trumps security concerns, even among enterprise IT teams and security pros, two groups whom you would think would have security at the forefront of their mind.
To me, it is telling that the cloud has become so complex and evolved so quickly that even professional IT workers and CIOs cannot always get their heads around what is possible. What are some factors that go into this phenomenon? Three come to mind immediately:
1. There are myriad different services from different providers
The cloud wars have basically resulted in a battlefield with three industry giants duking it out: VMware, Amazon Web Services, and Microsoft Azure. The RightScale survey indicates that AWS leads in adoption, with 57 percent of respondents as customers. Microsoft Azure has a combined adoption rate among the RightScale survey takers of 30 percent between IaaS and PaaS solutions, and 44 percent of respondents say they use the VMware vSphere private cloud product.
Each of them has strengths and weakness; obviously a VMware cloud is attractive for shops who have standardized on the VMware hypervisor, whereas organizations that predominantly use Windows Server naturally gravitate, at least from a usability perspective, to Microsoft Azure. Of course Amazon Web Services is the grandfather of them all and offers a vast array of platform as a service, infrastructure as a service, and other types of offerings. How does one map a service from one provider to another in order to compare apples to apples? How does one reconcile the types of virtual machines available in Microsoft Azure against the same machines in Amazon Web Services? This is a real challenge.
[Related: IT is getting cloud storage security all wrong]
2. Hybrid cloud muddies the picture
If your cloud efforts simply involve signing up for public cloud services like hosting, storage, and mobile notifications, then that is one issue. But what if you are trying to tie together complex on premises systems with their cloud brethren? What if your end goal is to configure failover and redundancies so that you can burst up to the cloud when circumstances and demand warrants, and then bring your workloads back down when those same circumstances change? What if you have complex data residency requirements and other regulatory impediments? How does each of the big three cloud providers handle these type of hybrid cloud specific scenarios?
3. The cloud moves at the speed of light sometimes
It seems like every week or two I get an e-mail from Microsoft with an Azure pricing and services update. Amazon and others operate at a similar speed, which is far, far faster than enterprises are generally used to dealing with (cough, see Windows XP migrations, cough, cough). With the products, offerings, and pricing changing several times a year, how do you keep up? How do you remember which management portals do what? How do you know which Azure portal (the new, the semi old, or the classic portal) to use to launch new services?
“Right now, educational resources are very scarce, and seldom standardized,” says John Obeto II, CEO at Logikworx, a managed services provider based in Marina del Rey, Calif. “Prospective businesses do not know what to expect when they hire that cloud maestro, and with there not being any standardization is qualifications or certifications, you could hire a nitwit who would end up costing you not just money, but time – time to deployment and implementation, time to market – and heaven forbid, kill your brand.”
[Related: Cloud adoption soars, but integration challenges remain]
This lack of expertise and resources is risky, especially as cloud adoption increases. Some of the downfalls include:
- It is more expensive to be skill challenged. How are you to know if you are spending too much on one solution, or if another provider can carry out your objective better, faster, or cheaper? Sometimes it is expensive to be unaware, and it can be quite costly to staff an IT team dedicated to managing your private cloud or hybrid cloud that has one hand tied behind their back because they’re not experts. Investing in the training and education for these folks is necessary, but it is yet another expense to manage.
- What you do not know or understand can indeed hurt you. Gartner predicts that 95 percent of security incidents involving the public cloud will actually have a root cause pointing to a customer introduced problem. (For more on this very sobering prediction, check out the original Gartner report. Your security breach will not be Microsoft’s fault, or Amazon’s problem, or VMware’s responsibility: that is most likely going to fall squarely on the shoulders of your organization.
- If you adopt the cloud more slowly, you will have a slower realization of the benefits of cloud technology. A survey from the Cloud Security Alliance and Skyhigh, a consulting firm, shows thatg over 30 percent of respondents said that a “lack of skilled security professionals to maximize full value of new technologies” ultimately hinders more general adoption of the cloud. That is a costly phenomenon as well, as rather much of the benefit of moving to the cloud is reducing capital expenditures and consolidating other expenses in an operational profit and loss statement. The math there is relatively simple: if there is a longer payoff, it turns out to be a more expensive investment.
What can we take away from this? Ultimately, cloud providers need to further invest in training and education resources that customer organizations can know and trust. “Any cloud implemented MUST have an educational track for training and certification,” says Obeto, “that is verifiable using metrics that even the average IT administrator would understand.” Until then, customers are left with a shiny sales pitch, lots of buzzwords and promised opportunities, and a lot of complexity—without a corresponding amount of resources to figure out how to get from point A to point B. That is expensive and risky. Be aware.