Future proofing, in the cloud – Sunday Business Post
Technical Sales Consultant at Ergo, Gavin Lockhart, tells the Sunday Business Post how the evolvement of cloud means businesses aren’t only working better, they’re now using it to optimise their data privacy and security.
As cloud computing continues to be a major part of operations for many businesses, 2017 could be seen as the year where many of its parts became commonplace. One of which is using the hybrid cloud model, a mixture of private or third-party public cloud and on-premise cloud services, to help with operations. It’s certain that the next year will become a case of refinement and improvement for this, not just the technology, but how much knowledge the average business has of it.
For Gavin Lockhart, technical sales consultant for Ergo, businesses are now savvier with regards to how they use the cloud, and recognise that some parts are more suited to it than others.
“[For] hybrid, the likes of Microsoft and AWS, they’re not trying to take everyone’s workload, enterprise workload anyway, all up to the cloud. They recognise that that’s not feasible,” he said.
“Most large enterprises, even some of the enterprises we have in Ireland, would have a big presence in all of the big cloud players . . . and then they also have their own on-premises or private cloud environments. The reason for that is that different parts of the business have different requirements.
“For instance, the marketing department might be doing a campaign where they need to spin up a lot of high-density volume VMs (virtual machines) very quickly for a short period and then take them down . . . whereas there’s other stuff that just won’t go to the cloud – it just won’t be supported on the cloud, or they don’t want them up on the cloud for compliance reasons.”
Lockhart doesn’t see this type of model changing any time soon. Instead, he says that there’ll be a greater uptake in the likes of infrastructure as a service and platform as a service. While platform as a service has been mature for years, infrastructure as a service is catching up as the concerns that used to surround it have been reduced.
By and large, it means that businesses can be smarter about what type of service they choose and how it fits into the grand scheme of things. It’s rare that a business will jump into a general cloud service; now they can be picky as to which service, or sometimes multiple services, they use, for good reason.
“It’s always strategic as to why they want to use Azure for this piece, AWS for that piece or they want to leave it on private – it’s always a strategic decision that is fundamentally driven by the business,” said Lockhart. “IT might influence and advise on that decision, but fundamentally it’s what the business requirements actually are that drive that decision.”
With that in mind, there are certainly reasons why you might go for infrastructure as a service over platform as a service or vice versa. While there are positives to both, they also come with potential sacrifices.
“The advantage of platform as a service is you’re taking away a lot of administrative overhead, but in the same breath, you’re giving away some control – so from a performance perspective, it might be a trade-off that you’re not willing to make,” said Lockhart.
“We do see that sometimes with database as a service, that people will still want to run their own SQL server or their own Oracle service on an actual piece of infrastructure, whether it’s private or whether it’s public because they know . . . [what’s] running behind it. Whereas if it’s platform as a service, it might be a bit of a dark art and they mightn’t get the guarantees that they need for that application so it’s always strategic.”
That’s all before you get to one of the biggest topics in the enterprise space: GDPR. Much talk has been made about fines and deadlines and while they are important, the real push is how it will force businesses to become more privacy – and security-minded.
That, too, extends to which cloud providers businesses choose, and how the responsibility for data protection falls on them, not the cloud providers.
“Companies might decide that this cloud provider will be better served to store this particular type of data in their environment because they have more transparent risk-impact analysis of how their data is stored – they have ISO 27001 certifications so they have better certifications, better compliance regulations,” said Lockhart.
“There’s a very clear demarcation point as to where the responsibilities lie and, by and large, the cloud providers are only interested in protectingtheir own periphery infrastructure. You’re responsible for your own VM or systems up there.
“Platform as a service is a little different as they are responsible for a lot more of the infrastructure, but you’re still responsible for the data, so you need to be conscious of that and look at how you can architect your solutions with extra security.
“It’s not enough to say I’ve spun up a VM, say [it’s on this service] and it’s safe. You still have to take all of the precautions you would take if it were on premise.”