I’ve looked at clouds from both sides now
From up and down, and still somehow
It’s cloud illusions I recall
I really don’t know clouds
There was no cloud computing when Joni Mitchell wrote those lyrics to her song Both Sides Now in 1967. Today, we’re about a decade into the cloud computing era, and according to David Mitchell Smith, there are definitely some illusions about cloud that obscure what enterprises really know about it.
Those illusions stem from the words we use to talk about cloud, and the fact they don’t necessarily mean the same thing to everyone.
“Just when you thought we figured out cloud, more terms are introduced,” Smith, a VP research fellow at Gartner, said during a recent webinar on cloud strategy.
Is it such a big dealio if HR’s definition of hybrid cloud, for example, doesn’t exactly jibe with IT’s? Yes, Smith argued.
“If people just start throwing these (cloud) terms out there, without thinking about what they mean…you’ll end up with things that contradict and can’t be done,” he said.
He set out to clear up this “cloud confusion” by defining (or refining) some of the most widely used cloud terms — and refuting one giant cloud myth. Here, Smith’s four cloud misnomers and a myth.
Although the number of enterprises deploying hybrid cloud grew from 51 to 58 per cent last year, many people continue to get it mixed up with multi-cloud. Smith said a hybrid cloud strategy “comprises public and private clouds that operate as separate entities but are integrated.”
He described two main hybrid models in circulation these days:
- a full stack hybrid incorporating hardware and software (think of how AWS has upped its hardware offerings, for example)
- a software-based portability layer delivering integration across different technology bases and across clouds that works for both on-premises and off-premises
We know multi-cloud is popular. (According to RightScale’s 2019 cloud report, organizations leverage an average of 4.9 clouds each.) But do we all know what multi-cloud actually means?
Smith defined multi-cloud as “the deliberate use of cloud services from multiple public cloud providers.” The main differences from hybrid? First, hybrid involves both public and private clouds, while multi-cloud only involves public clouds; second, multi-cloud isn’t necessarily fully integrated.
You can have cloud without edge computing, and edge without cloud; the two are complementary and increasingly work together. As Smith explained, cloud is about “services and characteristics” while edge is “all about physical location: where all the data is coming from and (the idea that) it needs to be dealt with there.” In most cases, ‘there’ means closer to where the data originates in order to reduce latency.
Gartner defines repatriation as “the return of data and/or a workload from the public cloud to its own data centre.” Although a perception has sprung forth that enterprises are fleeing public cloud to repatriate stuff, Smith’s own investigative efforts demonstrate that’s not the case.
When he surveyed organizations about this, it turned out a “small amount” have repatriated stuff from SaaS to on-prem, but that clearly ain’t the same thing as moving it back from a public cloud like Azure or AWS; almost none of the organizations he polled have done that.
That brings us to our last cloud confusion trend, which he describes as a myth rather than an urban legend …
The security myth
The myth, according to Smith, is that cloud service providers are responsible for the bulk of cloud security incidents. “Cloud services are not getting breached,” he said. “Most security incidents are the customer’s fault. A lot of the concerns about security have not occurred in the cloud, they’ve happened in the on-premises world.”
Although customers believe cloud providers shoulder the majority of responsibility for cloud security, “the reality,” said Smith, “is that security is a shared responsibility.”
He urged customers to fully understand who must secure what. For example, if you have a SaaS provider, “they’re providing the application secured.” If you have an IaaS provider, “they’re providing the infrastructure secured.”
But if you put your own applications, middleware and database on that infrastructure, “you are responsible, not only for securing (them) but for managing and updating and paying the licenses. If you misconfigure it, it’s your fault, not their fault,” he said.
Smith closed the webinar with this advice for enterprises: Make sure everyone on your teams is speaking the same cloud language. If not, your cohesive cloud strategy could be nothing more than an illusion.