Cost, security and performance issues can make public cloud usage tougher than expected.
It’s relatively easy to get started using public cloud platforms. Users with no special technology skills can move data in and out of the cloud or use cloud-based applications by doing hardly more than moving sliders and clicking a few buttons. It’s no surprise that RightScale’s 2018 State of the Cloud report found that 96 percent of those surveyed use the cloud in some form.
However, managing the public cloud is a very different proposition. Various studies illustrate that as public cloud usage expands, companies are experiencing challenges with governance, implementationandoperations along with higher-than-expected costs.
Security is a top concern, and it is compounded by the fact that most organizations don’t really know how many cloud services they are using, how those services are being used or how much they cost. Users often subscribe to cloud-based file-sharing apps and collaboration tools without IT’s approval. Cisco reports that large enterprises typically use more than 1,200 cloud services — and more than 98 percent of themare shadowIT. Worse yet, few organizations have any type of cloud governance in place, nor have they implemented data security tools to identify high-risk cloud-service vendors or cloud anomalies, or to trace cloud-service implementations to specific teams.
Out of Sight
A lack of visibility hampers cloud security. Because workloads are hosted on a provider’s infrastructure, companies have limited ability to see and monitor what’s going on. Traditional network monitoring tools provide little to no visibility when data and applications are running in infrastructures and networks that the organization doesn’t own or control. In a recent AlgoSec survey of IT security pros, 63 percent cited a lack of visibility as their chief cloud security challenge. Most said this issue also made it difficult to consistently manage security policies, demonstrate compliance, and effectively manage a mixture of traditional and virtual firewalls.
There is also a danger of complacency with the cloud. A Forrester Research study finds that companies typically don’t protect cloud data with anywhere near the care they use with on-premises data. They assume that the cloud providers’ security measures somehow relieve them of any responsibility for data protection. That creates heightened riskand is one reason why security analysts say cyber thieves are increasingly looking to hijack compute resources in the cloud.
According to the AlgoSec survey, respondents’ greatest concerns about their data and applications in the cloud are cyber attacks(58 percent) and unauthorized access (53 percent), followed by application outages and misconfigured cloud security controls. These concerns are hampering the wideruse of public clouds, with nearly 40 percent of respondents saying that security is inhibiting further adoption of cloud platforms.
As organizations move beyond using the cloud for storage or file sharing, they often encounter problems migrating mission-critical apps and workloads to the cloud. Migrating legacy apps that were custom-built for specific business requirements based on older operating systems and hardware can be particularly tricky. Often, this will eventually require the app to be re-engineered from the bottom up.
AlgoSec survey respondents reported a range of problems when migrating applications to public clouds. Nearly half (44 percent) had difficulty managing security policies post-migration, 32 percent had difficulty mapping application traffic flows before starting a migration project, and 30 percent reported that their applications did not work after the cloud migration.
Managing performance post-migration is very difficult because the metrics can vary widely across cloud platforms. The major public cloud providers have no standardized measures for network capacity, server scalability, storage scalability, reliability rates, response times, availability rates and more. Here again, the lack of visibility compounds the problem. Without the ability to monitor provider infrastructure, it is very difficult to assess performance characteristics such as CPU consumption, transaction processing times or throughput.
The lack of visibility into workloads can also drive up cloud costs. Most organizations assume the cloud will drive netsavings by reducing spending on hardware, power andpeople. While those benefits are real, it isn’t the whole picture. Without a clear view of application requirements in the cloud, organizations often overprovision resources in an attempt to assure performance. This leads to cloud bill shock — according to Gartner, it is not uncommon for public cloud service bills to be two to three times higher than expected.
According to the RightScale report, half of the organizations surveyed spend more than $1.2 million a year in the public cloud, and a quarter spendmore than $6 million a year. However, respondents estimate that 30 percent of their cloud spend is waste. For the second year in a row, a majority of cloud users (58 percent) said that optimizing cloud costs is their top initiative.
Given these challenges, organizations need a new cloud management strategy to adequately address security, performance and budget issues. Emerging cloud automation solutions can help by continuously analyzing workload demand in real time and matching it to compute, storage and network resources. In addition to resource management, workload automation streamlines migration planning and helps enforce compliance policies. In the AlgoSec survey, respondents who reported using cloud automation said the top reasons for doing so were speed and accuracy of security changes, ability to speed up migrations, audit and compliance reporting, and overcoming staffing limitations.
“The survey clearly shows that most enterprises are driving their business transformation strategies by expanding their useof public cloud infrastructure. But they also have significant security concerns about how they will secure and manage their increasingly hybrid environments,” said Joanne Godfrey, director of communications at AlgoSec. “As organizations increase their public cloud deployments and migrate applications, it’s essential that they have complete visibility across both on-premises and cloud networks, together with the ability to automatically and holistically manage security policies.”