cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

I'm Still On-Premises, Is That OK?

Level 12

Following up on Will I Save Money by Moving to the Cloud? This post is part two of taking an atypical look at the public cloud and why you may or may not want to leverage it.

If you stop and think for a moment, cloud computing is still in its youth. EC2 has only been a public offering since 2006. Gartner first treated “the cloud” as a real thing about a decade ago. Seven years ago, I saw an early version of the IaaS offering for one of the big three, and it was almost unusable. From this perspective, “the cloud” is still maturing. The last several years have seen a dramatic evolution in the plethora of offerings.

Cloud has fundamentally changed the technological landscape, in a similar way as virtualization did a few years before. The benefits of cloud have had many going nuts for a while with cheers of “Cloud first!” and “We’re all in on cloud!” But what if you’re hesitant and wondering if the cloud is right for you and your organization? That’s OK and part of what we’ll explore today—some reasons you may or may not want to consider staying on-premises.

What’s Your Motivation?


In my mind, this is the biggest question you need to ask yourself, your org, and your stakeholders. Why are you moving to the cloud?

  • Is your business highly dynamic or does it need to scale rapidly?
  • Do you need to leverage an OpEx cost model for cash flow purposes?
  • Does your app need a refactor to leverage new technologies?

These are some of the best drivers for moving to the cloud and they bear more investigation.

  • Is your manager prone to moving you on to the next big thing, but only until the next big thing comes along?
  • Are you making the move simply because everyone else is doing it?
  • Do you believe you’ll inherently save money by shifting your infrastructure to cloud?


These things should give you pause, and you’ll need to overcome them if you want a successful cloud strategy.

Risk and Control


In my experience, most people hesitate to move to the cloud because of risk. Namely, your tolerance for risk within your information security program. It seems every week we hear news of a breach from an insecure cloud configuration. Now, is the cloud provider to blame for the breach? Almost certainly not. However, depending on several factors, most primarily your competencies. They may make it easier to leave yourself open to risk. Can the same situation perpetuate on-premises? Absolutely. Just remember, breaches happened before cloud was a thing. Ask yourself if any additional risk from changing providers/paradigms is within your tolerance level. If it is, great! You’re ready to continue your cloud analysis. If not, you need to determine a better move for you. Do you change your platform? Or do you change your risk tolerance?

What about where your data is and who has access to it? One of the early IaaS leaders, who’s still one of the top 10 providers, required administrative access to your servers. How particular are you and your organization about data locality and retention times? What happens to your data when you leave a provider? All these problems can be overcome, but before committing to any change in direction, ask yourself where you want to spend your resources: on changing how you mitigate risk in a new environment or dealing with a known commodity.

Competencies


What do you want your people to do and what do they want to do? Chances are your IT organization has somewhere between one and hundreds of technologists. Switching platforms requires retraining and leveling these people up. You need to consider your appetite for these tasks and weigh it against the costs of running your business should you stick with the status quo.

You should have a similar discussion around your toolsets. In the grand scheme of things, cloud is still relatively young. Many vendors aren’t ready to support a multi-cloud or hybrid cloud approach. As it relates to operations, do you need to standardize and have a single pane of glass or are you OK with different toolsets for different environments?

Finally, you need to think about how your strategies affect your staff and what it means for employee retention. If your business is cutting-edge, pushing boundaries, and disrupting without leveraging the cloud, you could end up with a people problem. Conversely, if you operate in a stable, predictable environment, you’ll need to consider whether disruption from changing your infrastructure is worth upending your team. Don’t get me wrong, you shouldn’t decide on a business strategy solely on employee happiness. On the other hand, engaged teams are routinely shown to be more effective, so it’s a factor to consider.

Cost


Costs as it pertains to cloud is a complicated matter, and you can look at it from many different angles. I explore several relevant questions in my post Will I Save Money by Moving to the Cloud?

All these questions aside, neither the cloud nor the legacy data center is going anywhere anytime soon. Heck, I just installed a mainframe recently, so you can trust most technology has varying degrees of stickiness. I want you and your organization to choose the right tool for the situation. Hopefully, considering a couple of different viewpoints helps you make the right choice.

The conversation continues in part three of the series as we take a look at SaaS in Beyond IaaS, Cloud for the SMB, the Enterprise, and Beyond!

42 Comments
Level 14

Thanks for the article.  I have to admit that I feel like we are a bit behind the curve at this point. 

Level 12

I'm not sure I disagree, but I'd love to hear more of why you feel this way. Just to be clear, this is meant to be thought and discussion provoking. The questions I discuss are ones that I've seen under and/or  badly answered.

BTW: My next post in this series, will offer some thoughts on how those who may be feeling a little left behind can join the party.

Level 13

Thanks for the Article

Level 16

Thanks for the write up .

Level 9

RISK AND CONTROL

Obviously the DOD is ready to accept the risk as they just awarded Microsoft a $10B contract for colud computing. Only time will tell how bad the risk is when they are penitrated, not "if".

Level 12

If you read the DoD Cloud strategy that (if my memory serves me) led to Jedi, they asked the questions around Risk and had the time, budget and wherewithal to address those concerns. They also raise some interesting questions around efficiencies by leveraging cloud, and that there can be the potential to be more secure.   The larger point though is, do the analysis, do the homework, choose the right solution.

https://media.defense.gov/2019/Feb/04/2002085866/-1/-1/1/DOD-CLOUD-STRATEGY.PDF

As you point out, this is a $10Billion contract for dedicated cloud solutions. I would caution most organizations to use that as an example, as it's truly an edge case of an unusual scale.

Thanks for reading and responding.

MVP
MVP

Thanks for the article

MVP
MVP

On premise solutions are still just as valid as cloud based.

If the only audience is inside the firewall, access data inside the firewall there will always be the need for on premise

I doubt we will be more than hybrid for at least a decade

Level 12

I am at 50% on premises and 50% in the cloud and it works out well. VPN traffic has been cut down more than half which is very valuable and for the cost of in the cloud for our data is less than the cost of another hard drive for the server.

If your apps & data are still on-premise you just might be OK.

When a company has been supporting locally-hosted applications like Microsoft Office / Outlook / Exchange, etc., its customers and employees have a history of performance levels they expect to stay the same, no matter if your apps & data are hosted locally or in the cloud.  They'll accept the same kind of responsiveness in the app, but would prefer it to run even faster after you've gone through the work of moving it to the cloud.

But if they experience increased latency and slower app performance, that isn't going to sit well with anyone--particularly if moving to the cloud was expensive in labor and down time.  Moving there was supposed to save money, but if it turns out moving to the cloud decreases performance of every employee, and decreases the satisfaction of your customers, it might be that the cloud isn't right for you.

Such problems might not be the fault of the cloud.  They might be caused your unique apps, database, business needs & use & expectations.  Or it could be that your ISP and WAN providers aren't yet up to the tasks of providing highly available, resilient Internet solutions in your particular area (especially if your company is in a low density community, or a rural area).

So before we say being in the cloud is good or bad for you, consider that what might work well for a company in a major city with multiple ISP and WAN providers probably isn't the environment that's available to a company several hundred miles from a major city.  If the infrastructure isn't there to support the cloud correctly from all your offices, staying local could be a better solution for you.

Do you have true incentive to move to the cloud, or is someone just excited to "stay current"?  Jumping on bandwagons just because an enthusiastic employee heard of them is rarely a great idea.   When you do hear about a great bandwagon to jump on, you might find out that the music you expected doesn't play in your remote part of the world.

So what kind of incentive does it take to get you into the cloud?  Or, what incentives does a company have to stay out of the cloud?

If Microsoft tells you "We'll be happy to provide space for your MS apps in our cloud at a very-low cost.  If you want to keep them locally, that will cost you an extra $6 Million annually for the privilege."

Now you have incentive to move.  As long as the ongoing costs of hosting it in the cloud remain lower than hosting it locally, what's the worry?  There were additional labor costs involved in your move to the cloud.  Maybe there was some additional costs due to downtime to customers & employees as the move was made.   But these were one-time costs, right?  You're going to assume everything should be good going forward, and you've saved the company $6M/year in license fees forever.  Plus you reduced your data center footprint, meaning fewer DC operators required, lower expenses associated with using less floor space in the DC's, using less electricity and cooling, etc.

But . . . there was that word:  "assume."

Did moving to the cloud come with any negatives?  How about any of these?

  • New Internet bandwidth congestion?
    • If your Internet pipe was sized correctly to your pre-cloud need, you might need fatter pipes now because you have MORE internet demand.  Maybe a LOT more demand initially, as you move databases and e-mail to the cloud.
    • And you may need different routers/firewalls on which to terminate the new connections, just to handle the fatter pipes.
  • NAT-PAT exhaustion on your edge routers and/or firewalls facing the Internet?
    • If your firewalls or routers or L3 switches were sized for your pre-cloud-based-apps-&-data, you might find they need to be replaced with bigger equipment that can do more PAT.  Maybe you'll need a pool of external addresses for NAT where you only needed one address pre-cloud.
  • Does your new design result in slower performance for remote WAN-based offices?
    • You could discover your hub sites aren't able to access cloud apps or data quickly enough if they have to come back to your hub before reaching out to the Internet.
    • You might need SD-WAN solutions that enable your branch sites to hit the Internet directly, instead of coming across your private WAN for access to applications & data.
  • If you discover you need SD-WAN solutions, do you also need multiple new ISP contracts and circuits for every one of your branch sites?
    • If the new latency for accessing apps & data bases hosted in the cloud is too great, your WAN-based employees and customers might experience much slower app performance.  Then you'll wish you still had your own servers hosting apps & databases in the data centers your customers were accustomed to using.
    • Your new cloud-access path through an SD-WAN's Internet pipe is a single point of failure.  You could need a second one, with duplicate hardware, duplicate power circuits, in case your new SD-WAN Internet pipe were to fail.   (Assuming Five 9's of uptime is required for your staff/customers.)
  • More firewalls to protect your sites from those Internet-based SD-WAN feeds?
    • If you bought into the SD-WAN solution to access the cloud directly, and thereby decrease latency by avoiding having to send all remote hub sites to your central spoke for Internet service, those sites will need firewalls protecting them from the cloud.  If you're lucky, your SD-WAN solution could include a firewall/router combination.  But be sure it meets your WAN / VPN throughput capabilities before taking the leap.  Just because an SD-WAN router/firewall has a gig or a ten-gig connection doesn't mean it can provide that same throughput for encrypted packets and VPN traffic.  Sizing a firewall to included gigabit VPN is more expensive than what you had pre-cloud.
  • Might you be decreasing reliable access to the database or application?  Places that could hide problems include:
    • Each local ISP supporting your SD-WAN / Internet to your hub sites.
    • Global resources on which Internet access relies--like DNS and BGP.  We've seen those fail on national and international scales in the last few years due to human error or malign intent.  Keeping your data and apps local to your own data centers bypasses these vulnerabilities.
    • More single points of failure from ISP's.  Large ISP's and SOHO ISP's have equal amounts of vulnerabilities; neither is a guarantee of reliability configuration and steadily predictable accessibility.  The right company has the SLA and response times and staffing levels you need to keep your business going 7x24.
    • In rural settings you might find the provider is staffed too sparsely, and all the employees might be up in their tree stands wearing blaze orange come the opening of deer hunting season.  If there's a service-affecting outage during that time, it might affect your business longer when the technicians are out of touch when out hunting.  (This has happened to me.)
  • Problems your ISP experiences now affect everything in your office.  An Internet outage used to mean someone couldn't get to CNN or Facebook, but now you may experience multiple large-scale Azure or AWS or DNS problems that cause your business to stop.  Maybe the problems took down your Outlook/Exchange/Office products for hours--perhaps days.
    • You might have to double up--or triple up--on ISP's, and start managing your own BGP resilience.
    • Sometimes you'll run into situations where one site can't access the data their traditional way, and innovators (sometimes known as trouble sources in your internal staff) might find alternate ways to access that data (via cell phone data plans when the WAN or ISP/WiFi fail)--the result can be someone placing an order into the system, but the folks responsible for receiving the order aren't able to see it.  (That was a problem we experienced several times--right up until we explained to the "helpful" staff innovators that what they were doing was causing problems.)

Remember to get everything writing from the companies supporting your applications, databases, cloud, WAN, Internet, etc., particularly with regard to

  • SLA's
  • Vendor response times to reported outages
  • Them proactively monitoring your ability to access your resources in their cloud
  • Latency
  • Resilience (you DO KNOW which ISP's and WAN providers use the same fiber conduits or buried paths in ditches, right? And you avoided accidentally buying services from two or more vendors that happen to use the same underground path, or same fiber conduit?)

Get an accurate assessment of how your organization will perform in the cloud, because POC's that didn't scale to your company's actual size during their test phase are worth nothing if you expect your enterprise to perform as well in the cloud as it did in your own data centers.

May your packets be swift and reliable!

Rick Schroeder

Level 12

Rick! You win the internet again!

I'm short on time right now, I'd love to dig into your points when I can actually give them the due the deserve. I will say you touch on a points/questions that I'll address in my last post in this series. I'm not sure when it will go up, but I'll be sure to link it back here.

Thank you again for taking the time to share your input!

Level 12

Most technologies I've seen adopted were added because they were The Next Big Thing, even though they turned into a waste of time and money. Therefore I really appreciated this article.

Level 12

Thank you for the kind words.

If this short piece helps people think about problems in a different way, then I guess I've done my job.

Thanks again

Level 12

Rick,

I re-read your post again. You raise many excellent points for people to consider as it pertains to many networking considerations. My goal with this series is simply to get people to think on a little bit deeper level before making key strategic decisions, and your input does just that.

Thank you for taking the time to share valuable insights as it pertains to network performance and operations related to cloud!!!

Scott

Level 13

Excellent points @scott.driver.  We just started going through an analysis of whether it makes sense to move a particular service to the cloud that happens to be highly interconnected to a boatload of on prem applications/systems.  There were several people in the meeting that would flip the switch today if they could, simply because of the feeling of being "left behind".  Yet there are significant risks, and we need to make sure we don't make a service that we occasionally have problems with into one that is even more problematic.  I suspect at the end of the day it will make sense to at least go hybrid, but the analysis will bear that out.

Level 13

Great points Rick - you pretty much hit them all.  Pretty much every organization has all of those dynamics and factors in play and needs to take them into account before making the leap.  Do the homework/hard work, then make the best decision *for your organization* based on the findings.

Level 12

Again, depending on the use case a hybrid approach is a good way to start bridging the gap. I hope that as you progress, you come back and share your experiences with us!

Cheers!

Level 12

We run desktop applications of O365, internet speed was at 1GB before the migration took place, and for extra protection I run daily and weekly backups to an on premises server. Everything is running as smoothly as possible but we will never fully transition to the cloud. There will always be a need for a server.

MVP
MVP

All good valid points but not necessarily new.

These points have existed back literally decades although some of the security issues are newer.

In many ways people need to understand history in order to prevent it from happening again if it is a bad thing.

The history of IT and "cloud computing" goes back to the 60's when you did Time Share on someone else's mainframe.

In the 90's managed services for websites became a thing.  They were cloud based in that you ran your website on their hardware.

Many shops in the 70's/80's/90's and so one ran their datacenter in a managed services providers datacenter.  Everything ran on someone else's computers.

This was mainly due to hardware costs and some software licensing costs.

Today it is much more automated in that less actual hardware is involved with the virtual environment.

The same issues still exist, cost, performance, security, access, availability, etc.

As eluded to, you must put pencil to paper and build a scorecard to see where all this charts out to your needs/finances/risk/etc.

Just remember it is a wheel and not some newfangled rotating widget that is still a wheel with a new fancy name.

Level 9

Thank you for the follow up article. It is fun reading where others are at.

Level 14

Nice job putting this together. Some excellent things noted and terrific comments.

Thank you!

Level 12

I'm glad to hear that your transition to a SaaS service went well. I personally have had mixed results, primarily due to supporting factors.

Sorry if I sound like a broken record, but my next post will talk about SaaS, so I hope you have an opportunity to share more of your experiences and thoughts there.

Level 12

Love the historical context Jfrazier​!

Level 12

I can't agree more. The comments and sharing make this a really fun platform for sharing and stimulating conversation!

MVP
MVP

I am still on prem .. and probably will be for quite some time!!!   Thanks for the article !

Level 12

Thanks for taking the time to read zennifer​    I

Level 9

This article is very helpful. Thank you for sharing.

Level 12

I'm very glad that it's been of some assistance to you. Thanks for taking the time to read. Cheers!

Level 12

Excellent article and good discussion. Now i will have to go back and read the previous post.

Level 12

Cheers! Thanks for the kind words Scott. I hope you also check back in when my next post goes live.  😉

Have an awesome day

Level 12

thanks for the post

Level 12

You are quite welcome! Thanks for taking the time to read.

Level 12

If you're running at the scale required to bump into these sorts of limits, you're most likely already aware of what's going on. However, this is the second time in the last several weeks that I've heard mention of Azure having issues in their East Regions, putting something of a dent in the myth that cloud is instantly and infinitely scalable.

Microsoft Azure customers reporting hitting virtual machine limits in U.S. East regions | ZDNet

MVP
MVP

Thanks for the reminders. Cloud, like all other business decisions, is something that needs to be evaluated - completely - before a decision is made. So many react rather than decide.

Level 12

Completely agree!

MVP
MVP

Nothing wrong with being on-premises.  Just because everything cloud is the current hype doesn't mean it is mandatory or even fit into your business model or needs.

As the author stated, you need to choose the right tool for the situation and not be peer pressured into boarding the hype train.

Level 11

Thanks for the article.

Level 12

Timely questions being asked today in the THWACK Monthly Mission - November 2019 ...

Level 12

Thanks Jfrazier​!

MVP
MVP

Not a problem scott.driver​ !!

Level 14

Once again, a very good read.

Level 12

I Appreciate the kind words!

About the Author
https://virtualvt.wordpress.com/ https://twitter.com/VTsnowboarder42 https://www.linkedin.com/in/scott-driver42/