Hotel California: Can the Public Cloud Hold Your Data Hostage?
What does the cloud and the song "Hotel California" have in common? Well, even if you are an Eagles fan and have been fortunate enough to see them in concert, who would have known that their hidden riddle describes the dark secrets harbored in the public cloud?
Before we delve into those lyrics, let's take a look at cloud evolution. Today, there are public, private, virtual private, hybrid, and multi-clouds, all of which make deciding what’s right for your company extremely complicated. When migrating, or even contemplating a move, there are bound to be questions regarding pricing, uptime, and implementation that not everyone knows (or remembers) to ask about.
Despite possible confusion surrounding the subject, public cloud heavyweights like Microsoft Azure and Amazon Web Services (AWS) always attract big business, often by brand familiarity alone. Early cloud adopters jumped in feet-first with a major player in public cloud, believing it would be more cost-effective versus a private cloud infrastructure. Private clouds were, and still are, perceived as costly due to the consultative element and ongoing management costs. However, many early adopters failed to recognize the hidden costs involved in doing business with a major public cloud provider and have been retreating to private clouds. This move from public to private clouds has become so prevalent that the industry has a name for it—cloud repatriation.
While the term repatriation has military roots (the act of returning a captive back to their country of origin), in the IT world it now means returning, or moving data from a public cloud into a private cloud. In fact, Forbes reported that last year, 20% of cloud users moved one or more of their workloads from the public cloud to a private cloud, and 10% were planning to do the same in the near future.
What is driving this “cloud repatriation”? Andrew Reichman, Cloud Research Director at 451 Research, offers his opinion. “While security is one of the main drivers, greater control, cost, availability, and IT centralization are all a part of the repatriation of applications into the private cloud.”
This is where we come to the aforementioned dark-side of the public cloud, which can make repatriation challenging. We call it the “Hotel California” effect. Why? Because as the Eagles so succinctly put it, “you can check out anytime you like, but you can never leave”. (At least, not without paying a fortune).
Here’s the deal. Typically, public cloud infrastructure companies like Azure and AWS allow for a free upload of data, a very enticing prospect. For companies wanting to migrate data to the cloud, and CIOs looking to optimize their IT department, this may sound like a quick and easy solution. Contracts are signed, and terabytes of data are uploaded, as promised, for free!
But here’s the rub: if and when (and there is bound to be a “when”) you want your data back, a public cloud provider may charge you thousands, or even tens of thousands of dollars. Even worse? Some public cloud software, such as NetSuite and Salesforce, never return the data; at least, not in a usable format. Sure, you may receive an excel export of data, but it may not be easy to work with. And if you read the fine print, they’re not required to offer anything more than that. So, despite a business relationship that may have spanned years, this “divorce” may leave you empty-handed. Companies have had to essentially rebuild their data and setup new software, with no option for recourse against the cloud provider.
Aside from simply being a shady practice, perhaps more disturbing is the abuse of power in these situations. A major benefit of the cloud is supposed to be data protection; many companies move to the cloud to enjoy the security and support of a provider that will safeguard them from malware, Mother Nature, power outages, human error, and any other incident that could put them out of commission. While they may receive these protections when under the provider’s wing, they should also be able to break away with their data intact when they want to—without paying exorbitant fees or receiving their data in an unusable format. Protection should stop, and data should be released, on demand.
Before you get involved with a cloud provider of any type, be sure you understand their policies regarding cloud repatriation. If you want your data back, or want to move it to another provider, be sure to get it in writing that your data will be returned to you in the exact way you provided it, at a cost that is acceptable to you.
In short, make sure that if you need to check your data out of “Hotel California,” you can really leave.