What keeps fear levels high, even after a successful migration, may be simply that the IT department is effectively outsourcing security and availability of core systems to a third party, which will always be a source of anxiety.
Such concerns are best faced by choosing a reputable cloud supplier with a long track record, ISO accreditations and a verifiable security audit trail. In addition, the SLA should be clear about the sort of recompense available should the worst occur, with any extenuating circumstances laid out, and the procedures to be followed in the event of a buyout, merger or other substantial changes to the cloud provider should all be made clear.
Ultimately, though, security concerns may only be laid to rest once the industry can find a way to hand back some control over data security measures to the CIO, perhaps through an insurance scheme that quantifies risk in a meaningful way, guarantees recompense and provides some real choice and viable options to customers.
Don’t lock me in
Cloud experience seems to allay worries about regulatory compliance too, with 16 per cent of users voicing concern compared with 32 per cent of non-users. Once negotiations have been concluded and a trained legal eye passed over contracts and SLAs, with boxes ticked and liability established in the event of a breach, compliance issues becomes less of a concern.
However - and this will also trouble cloud providers - fears about vendor lock-in actually seem to increase with experience (see figure 2). While it would be unwise to read too much into the results of a single survey, it stands to reason that any organisation that entrusts mission-critical data, applications or functions to a third party is, to some extent, over a barrel. It may be much more trouble than it is worth migrating core applications to an alternative provider or taking them back in-house, and it could be that some less-scrupulous suppliers are pressing home their advantage.
Anecdotally, some readers mentioned that service providers are more than happy to accommodate customers while they scale up cloud operations, but are much less accommodating when they wish to scale back. Other customers have found themselves paying hidden charges to cover services they had assumed were included in the contract.
Customers need to be sure they have a clear and workable exit strategy in place, while for their part, cloud providers can help their long-term prospects by introducing greater transparency into their Ts & Cs, as well as working to ensure standardisation and interoperability.
Before leaping into cloud-based provision of high-performance database-intensive applications where latency tolerances are measured in microseconds, organisations need to take a careful look at the cloud’s suitability for such applications. Latency and performance issues were cited as barriers to further cloud adoption by 23 per cent of serious cloud users, as opposed to just 11 per cent of those with no mission-critical applications in the cloud.
A move to the cloud implies virtualisation. While improvements to hypervisors and processors have been made, there will always be a price to pay, however small, in the performance of virtualised applications. The physical distance that signals have to travel from cloud datacentre to end user will also, inevitably, introduce latency. For this reason, the cloud may never be suitable for applications such as trading systems.
The survey results, showing that concerns about performance rise post-migration, indicate that this is a problem that might be too readily overlooked.
Cloud computing is now reaching the next stage in its maturity. The familiar service subdivisions such as SaaS, PaaS and IaaS are standardising and merging around specific functions to form what is known as business process as a service (BPaaS) - effectively cloud-based platforms that are designed to support industry-specific business processes.
It will be interesting to see whether this latest iteration breaks through the logjam of concerns to create the cloud-based future that many have predicted for so long.