European Cloud Summit

The Four Most Common Myths About the “Cloud”

by Mario Riesmeier (CGI)

ecs blog

Tuesday, Aug 30 2022

A press release by our Diamond sponsor CGI


Is it a good idea to switch to the cloud or not? Unfortunately, a lot of myths still swirl around cloud computing. What are the most common prejudices on the part of companies, employees, and customers? And how can they be overcome?

Cloud applications such as Infrastructure as a Service (IaaS), Platform as a Service (Paas), and Software as a Service (SaaS) deliver countless benefits. But in many cases, companies are wary of these technologies. They worry about losing control of their own data.

It’s a fact that concern about sacrificing control over data and services is emerging as one of the biggest obstacles to companies entering the cloud. Many CIOs and IT heads are fearful of making themselves dependent on external providers. They fret about no longer being the masters of their own data and services. And if the online link ever fails, they think, they’ll lose access to the services and even their own data – a frequently heard argument.

But taking a closer look, this argument doesn’t hold water. After all, companies can freely decide which services they want to use and where their data are stored: they define where sensitive operational data are processed and where critical backup and archived data are stored. I think it’s understandable that they’re concerned about a vendor locking them into proprietary formats, operating systems, or programming interfaces, which can happen with many cloud services. But these objections quickly vanish into thin air once companies have implemented targeted measures and appropriate strategies such as multi-cloud approaches, PaaS based on containerized microservice architectures, and defined exit and/or migration strategies if push comes to shove. These options enable companies, no matter which services they’re interested in, to secure an optimal mix of business support, flexibility, and security.

Is the cloud actually vulnerable to cyber attacks? Unfortunately, this myth stubbornly persists. But I can assure you that it isn’t true. Protection is provided by regulations like the GDPR and in-house compliance guidelines for the cloud, as well as by on-premises infrastructure. It’s also a fact that many if not most cloud providers apply an even stricter, BSI-approved, and ISO-certified level of security that includes detailed monitoring and security audits. Disaster recovery is another advantage, along with things like georedundancy and multiple local redundancies. Other potential security risks when transferring or storing data also disappear when these are encrypted, and that’s just one example. What’s more, the built-in security mechanisms of cloud data centers provide a very high level of protection from attacks – far better than what companies could implement in their own data centers.

Another widespread but unjustified argument that I hear again and again from companies is that cloud services could overload their IT departments. They claim that the demands of ongoing operation would leave them no time to acquire cloud expertise. While it’s true that migrating to the cloud does require a certain initial investment of time, the new setup actually reduces administrative overhead, and at the end of the day frees up staff for other tasks. The cloud makes it far easier for IT departments to scale up their portfolio of services than is the case with in-house provisioning approaches. But employees benefit most from the cloud’s ability to automate a wide range of tasks and processes. Significantly less time and personnel are needed to administer and use the cloud, and the company’s own IT department breathes more easily as a result.

To justify not switching to the cloud, IT people often argue that their existing IT landscape isn’t cloud-compatible. While this is mostly true, it’s straightforward to fix. I acknowledge that a pile of homework needs to be done before companies can reap the benefits of cloud services. In particular, it can take time to analyze the current situation and stored data. Burdens like legacy equipment, outdated operating systems, or unneeded applications also need to be reviewed before migrating, and the same statement applies to the network’s performance and VPN links. But honestly: regular housekeeping and cleanup of old data records is a must with all IT structures, whether they are cloud-based or not. Finally, identities and authentications have to be checked, tidied up, and if necessary redone. Since companies typically deploy a mix of their own data center resources and cloud services (hybrid IT), they have to ensure their compatibility and interoperability in any case.

To sum up, a lot of the prejudices actually refer to essential steps for properly implementing cloud services. It’s true that the switch initially involves a bunch of extra work, which can be discouraging. But by taking a level-headed approach, IT departments can rapidly achieve a good balance of usefulness, security, and data protection. Within a short time, a weight is taken off the shoulders of IT workers and the entire company enjoys greater overall efficiency.