Companies seem to be moving to public cloud in droves, as conventional wisdom would have us believe it’s more user-friendly, scalable, and affordable than private cloud. So is it ‘bye bye’ on-premises storage? Is that the way to go? Not necessarily.

While public cloud has been increasingly adopted over the last several years, there is also a new trend where organizations are waking up to the hidden costs involved, both in fees beyond the quoted price per GB and in the potential cost to a business’s data security. Companies are finding that data transit fees for public cloud storage can double the cost of basic storage, and can be as high as three or four times if data is moved often. Yet, these fees are frequently ignored when organizations are considering the use of public cloud. This leads to gross miscalculations and over spending. Then there is the question of data security and availability. Breaches of public cloud have become commonplace, and yet organizations are lead to believe the public cloud is safe for the most sensitive data. How can this be?

The answer is two-fold. The major public cloud providers have huge marketing budgets and with that comes the ability to dominate the airwaves with their message, getting in front of a large set of customers. Secondly, public cloud can be the right solution under certain circumstances, primarily for short-term storage. But with recent headline-grabbing public cloud outages from the likes of AWS S3 and Azure, and related data leak risks coming to light, the fundamental importance of keeping greater control over the most critical data has come back into focus. 

A related problem is that CIOS and IT leaders are failing to read the fine-print on their public cloud contracts. In many of these contracts, the vendor has very little obligation to the customer. In reality, durability and availability should be managed just like an on-premises storage structure, where the CIO needs to superimpose an architecture on top of cloud to establish the desired level of certainty.

This all leads to organizations investing heavily in public cloud solutions that not only lack control over security and data locality, but also in the long run, cost more.

So why does everyone think public cloud is cheaper?

Perception and reality of the public cloud do not always align. Although the public cloud may appear more affordable, and is certainly marketed that way, the reality is that once organizations are tied into recurring monthly fees, this is an expensive outlay. Not to mention that transit and other fees can be vastly more than you ever imagined. Some cloud service providers also charge per user, so although public cloud promotes unlimited scalability, this can come with a heavy price tag. 

Many companies also use public cloud as a way to ensure increased data resilience, where data stored in the public cloud can use a form of data protection called erasure coding. However, erasure coding only protects against certain hardware failures. It does not protect against input errors, human maliciousness, ransomware, malware of all kinds, or software corruption. Erasure coding can also add significant latency, affecting application performance and response time. It is also common for public cloud vendors such as Amazon to charge for replication, or the copying of data, across multiple data centers, adding to the cost further. As a result, IT teams often end up selecting a less sophisticated public cloud vendor, in effort to save cost, but this then introduces more risk as these smaller vendors also have less sophisticated protection.

In contrast, on-premises private cloud can provide the same agility as the public cloud, but within the organization’s own environment, offering more functionality such as higher performance, local control and protection against malware.

Data is the lifeblood of an organization and critical to its success, which is why more businesses are retaining information for longer and using this to gain insight into customer behavior and trends. Storage is therefore critical and companies need a comprehensive IT infrastructure that is built to offer the same agility of the public cloud, such as seamless file sharing, but with the added security and capability on-premises offers, to safeguard a company’s most sensitive data long-term. 


Availability and security

Relying on third party public cloud providers also brings into question availability and security. As the aforementioned outages demonstrate, public cloud services are not immune to suffering through downtime. This is something smaller organizations especially cannot afford. Although AWS, for example, recovered from its outage several months ago, and only suffered a small impact in terms of its revenue, it’s not always the same story for SMBs that may not be able to recover. Downtime in any form for smaller organizations can have critical consequences.

So is public cloud too risky? To be clear, public cloud isn’t going anywhere and it provides crucial benefits to many businesses. However, before opting to trust a public cloud service provider with all of your data, it’s important to understand what data is most critical to business survival. For this data, too much is at stake to place it in the hands of an outside party, and with the additional cost, nothing about it is worth it. The only way to maintain full control, while also minimizing expenses, is through an on-premises solution as part of your infrastructure. This way, organizations can achieve the agility of the cloud at a lower cost and with guaranteed control over data privacy, availability and security when it’s most important. 

It’s time we updated the conventional wisdom on the role, limitations, and true cost of the public cloud.


This article was originally posted “What You Don’t Know About Public Cloud Might Hurt You” from Cloud Strategy Magazine.