In October of 2008, Congress enacted the Emergency Economic Stabilization Act, more commonly known as the bailout of the financial system. It was deemed that certain U.S. financial companies and institutions were too important to the systemic stability of the system to be allowed to become insolvent. The understanding was that catastrophic financial consequences would be the result of the failure of these entities and that those aggregate failures could devastate the U.S. As a result, they have been heavily regulated and controlled with the intention of protecting against that type of exposure again.
The recent major outages in the public clouds services inevitably lead to the same question being asked of this new industry. That is, whether or not certain public cloud services have become so critical to the functioning of the U.S. economy that those systems should be subject to the same strict scrutiny and control as the financial systems. Are they so intertwined with U.S. commerce that a “Cloud Dodd-Frank” should be considered by the 115th session of Congress? Although hard to precisely verify, it has been reported that a recent public cloud outage affected service to more than 50% of the top 100 online retailers. What happens when a major public cloud problem brings down half of the 911 systems across the U.S., or even one-third of certain critical state and local government systems? Everyone, from the federal, state, and local governments to public and private industry, is using public cloud services, and the trend is continuing to accelerate.
As this growth perpetuates, our reliance on the public clouds for critical services will also continue to grow respectively. Can we continue to allow public clouds to be unregulated? The often-used metaphor of the “Wild West” is quite appropriate in this case. At what point will our use of the public clouds be so critical to the functioning U.S. infrastructure that it will require prudent regulations applied to protect the critical functions and even infrastructure that they support? It is reasonable to conclude that the public clouds are sufficiently embedded in critical infrastructure as to be considered equivalently critical to other public utilities.
As the rapid expansion of public clouds continues and the complexity of the clouds becomes daunting, customers must consider how to protect themselves from the inevitable calamities that will occur if and when a public cloud service experiences a serious and sustained outage.
Let’s discuss some of the steps customers should consider taking so that they can avoid becoming a causality when a major outage occurs.
Going Hybrid—or Not
Many companies confuse the expertise obtained when doing development work in the cloud with building the skills needed to deploy enterprise-wide applications in the cloud. It is very simple to enter a corporate credit card and immediately start utilizing the compute resources, network, and storage resources provided in the cloud. It’s so easy—if you need more resources, you just ask.
It is true that the cost of using infrastructure is diminishing due to the economies of scale enabled by the cloud. However, the costs of engineering reliability, security, recoverability, and scalability are significant. Many companies don’t understand that the exercise of “forklifting” applications into the cloud is very different than architecting a valid strategy for effective and sound business operations in the cloud. Expecting the cloud to be perpetually available without interruption is a recipe for disaster. Just ask the top retail sites that were disrupted due to the recent outages if it was good for their business. It is likely that they regretted their unquestioned faith in the reliability of their public cloud infrastructure.
These recent outages reinforce the need to partner with a qualified provider of cloud infrastructure who can work with you to make sure there is a clear understanding of the business requirements around availability, security, and recoverability. The public cloud should be treated as a commodity. It is a wise approach to work with an infrastructure provider who can offer access to multiple public clouds. A well-developed cloud infrastructure will be architected with the specific requirements pertaining to reliability, recoverability, and security for each individual customer. It is important to work with an infrastructure provider who understands the different strengths and weakness of the various clouds and can match an organization’s needs to the right solution.
Vendor Lock-In
Many of the cloud services providers offer unique features and capabilities. Each specific feature or capability may be proprietary to a specific vendor and may result in vendor lock-in. It’s necessary to work with a provider who can help determine if the advantages of that feature or capability are more important than the respective disadvantages within the context of the specific customer requirements. In 2015, a major coffee retail chain experienced a public cloud outage that took down thousands of stores in the U.S. and Canada. That company learned firsthand the dangers of putting “all your eggs” in the proverbial basket of a single public cloud provider. Apple computers put their infrastructure eggs in one basket that same year and had 200 million iCloud users affected by a disruption in service.
Both these situations could have been avoided with a properly designed hybrid-cloud approach. Moving forward, if these organizations choose to adopt a hybrid cloud solution, they may regret a decision to choose a proprietary feature a vendor offered in their public cloud.
Software as a Service
Forbes magazine reported a few years ago that 83% of healthcare organizations were using cloud-based applications. Did these organizations put all their infrastructure eggs in one basket? How would the quality of care be affected if the cloud vendors used by these hospitals experienced an outage? And, what happens to our personal HIPAA information if these healthcare organizations stop using these vendors?
The same types of questions should be asked of any company in any industry doing business in the cloud. When a company uses Salesforce, it is common practice to store a copy of the contract in the application. Today, it is common practice to store source code in the cloud. What happens when a vendor experiences a security breach? And, what happens when a vendor used by one of the cloud service providers gets breached? The recursive logic is daunting. Will you get notified if this multi-level exposure occurs? Security is only as strong as the weakest link, and along the same lines, a firm’s level of cybersecurity is only as good as the cybersecurity of its vendors. As more organizations co-mingle data in the cloud, the exposure increases exponentially. Are all the parties involved taking the proper steps to make sure the data is secure? The question is clearly rhetorical.
New Capabilities, New Challenges
According to the IDC “Worldwide Semi-Annual Public Cloud Spending Guide,” the amount of funds allocated to public cloud services will soar to $122.5 billion this year. The cloud infrastructure that exists today to support all this spending is immense. Arguably, it is the most complex technology infrastructure that has ever existed. With all this complexity, there will be future outages as we continue to learn how to support it all. But, as more critical infrastructure relies on the cloud, will there be a time when critical infrastructure regulation will be required? When will cloud infrastructure be too big to be allowed to fail? With companies moving more of their critical capabilities into the cloud, it is important that they work with an infrastructure provider who has the skill and expertise to help properly assess the requirements of recoverability, security, and availability.
As the cost of using cloud-based infrastructure drops due to the economies of scale of the cloud, investments must be made in engineering cloud solutions that guarantee reliability, scalability, recoverability, and security. Because this new paradigm of cloud computing co-mingles a company’s infrastructure and data with that of other partners, it is important to remember that this chain of new capabilities is only as strong as its weakest link.