Kalawin - stock.adobe.com
Key among the challenges and pitfalls the industry encounters while moving enterprise data onto public cloud storage are the often unexpected costs that arise with cloud, plus the challenges of creeping complexity, data movement and cloud security. So how to avoid these?
Cost continues to be the biggest pitfall with any cloud service, and storage is no different.
Unexpected costs can be numerous, with charges that continue for a period after deleting data, snapshot costs and unplanned, uncontrolled automatic storage growth, for example.
Egress costs are a real issue too. While most people know they exist, calculating how much data you might need to pull from your cloud storage over any period can be very difficult.
An interesting and often-heard comment was that cloud could be “death by a thousand cuts”. In other words, when deploying one service you often need another to make it run.
Then there are charges to move traffic between services, and this gradual increase in requirements needed to deliver a service means cost plans can be quickly undone.
Ensuring at the outset you have the right expertise to guide you and implement strict guidelines on deployment and spending is essential to maintaining cost control.
One of cloud’s great strengths – its apparent simplicity – often leads to one of its most common pitfalls.
Storage in public cloud is simple to consume and quick to provision, and that means it is often adopted without taking the time to properly plan, design and test. It is usually assumed that this can be left in the hands of the enterprise IT generalist, but cloud infrastructure is not a generalist’s job.
To properly design the solution, you need a wide range of expertise. You must fully understand and plan networking, access, high availability, performance and, of course, the potential complexity of your cloud choices.
Failure to appreciate cloud complexity is likely to have a more significant impact on a cloud storage deployment than anything else. Taking time in planning, design and implementation is essential if you want a successful cloud storage deployment.
Data movement challenges
The problem of moving data is a significant challenge to all in the industry. Unlike most things cloud is used for, data has size and that means there is no shortcut when it needs to be moved – we will always be dependent on the amount, the size of links and distance to our cloud provider
Failure to consider data volume properly presents true business issues. One industry experts said how concerned they were about backup data in the cloud and how they struggled to calculate the real time and cost of recovery.
While simple data movement presents concerns, the need to plan for getting data out of the cloud – a cloud exit strategy – needs to be part of initial design or else it could present significant future problems.
Starting to use cloud storage can make sense in many situations, but it doesn’t mean that all your infrastructure will follow. So, how do you integrate cloud storage with the rest of your environment?
First, deploying a secure and robust link to your cloud provider is not a trivial task. Direct links are one option, but these require proximity to an entry point and the budget to support it.
If that’s not an option, it is likely to be a potentially complex mix of VPNs, gateways, appropriate routing, DNS and integration. Then you need to fully understand performance impact – what will a 20ms, 30ms or 50ms latency delay mean to an application, for example?
Second, you need to consider management. Many capabilities that are taken for granted in the enterprise are not a given with cloud storage, meaning that you quickly find the data moved into the cloud can no longer be controlled, secured and governed in the way your enterprise demands.
Cloud security pitfalls
Security should be at the forefront of any IT project, and cloud storage is no different.
Cloud is a shared platform, and while a provider should take care of the separation of its clients, you need to ensure the right separation of resources in your tenancy.
Access control is crucial, and the threat posed by a relaxed attitude to cloud security can have catastrophic effects. A misplaced encryption key or leaked administration account can see an entire tenant, its data and supporting infrastructure deleted with no option to recover.
Governance may demand you consider locality too. Does putting data in the cloud contravene regulatory requirements, for example? While it may not, can you be sure that all copies of your data exist in locations that meet governance demands? Even if the main dataset is in a UK datacentre, do you know where all the copies needed for resilience requirements are kept?
It’s not just about security of our cloud storage. It’s also about protection. What if data is deleted? Do you have a plan to recover? Too often, organisations fall into the trap of assuming it’s in the cloud so it’s the provider’s responsibility.
Avoiding cloud pitfalls
In conclusion, there are several common cloud storage pitfalls and most seem to be linked. For example, more data means more complexity, more security risks, more difficult data movement and greater costs.
However, the consensus seems to be that the biggest pitfall is to fail to understand the complexity of cloud storage adoption. Leaving design, development and implementation to an organisation’s IT generalists can lead to falling into one or more cloud storage pitfalls.
Deploying any cloud infrastructure, including storage, is complex. You need to understand more than storage – networking, security and cost management are also key. You need to take great care to ensure your cloud storage is as robust, resilient and secure as any enterprise IT deployed in your own datacentres.
Read more about cloud storage
- Key questions to ask when specifying cloud storage. These include disk type, performance, availability and the possible hidden cost of getting data out of the cloud.
- We run through the main items charged for by the big cloud storage providers, such as capacity, storage type, transactions, data egress, networks and data protection.