that more companies are going to look at the assets they have , and make a decision about either moving to the cloud , or look to find a SaaS alternative .
Typically , moving to the cloud requires a significant investment both in infrastructure and in skills . Running a cloud program is hard , and organizations will have to evaluate when they reach what I call the application life stage when an application comes to the end of a hardware cycle , or it is time for a mandatory upgrade . At that point , they will make a decision . My sense is that a lot of companies won ’ t do too much until they have to .
DL : John , Rackspace is placing bets in both public and private clouds . What do you see are the tradeoffs and what are you advising your clients in terms of where to put their stuff ? Is private cloud really the anti-public cloud or is it anti-legacy ?
JE : I think the cloud is an upgrade over your existing legacy . It certainly makes your legacy environment a lot more accessible to you and your users . It makes it something that is more agile and nimble and automatable , and those are all the good things that people love about public cloud . At Rackspace , we are seeing companies upgrade their on-premises environments to be a private cloud or more like a private cloud . Many companies are working hard to figure out how to make private , on-premises environments more cloud like .
I do agree that public cloud makes complete sense if you ’ re a small clean company or a startup without existing data centers . IT is messy . Sometimes existing IT was built over dozens of years , with multiple generations of hardware , software and networking gear . There are also politics involved . People have built their careers around a particular stack of technologies . This can lead companies to use both private and public cloud . Many companies that we encounter are using public cloud for some portion of their IT infrastructure and private cloud for other portions . They intend it to be a long term , multi-year cloud arrangement .
DL : Is security still a compelling argument for leveraging private cloud ? If so , what specifically is the issue ?
BG : A lot of what is called security is really compliance , which is a very important reason why companies might require systems to run on their own premises . I think of security as how resistant the resources are to attack , or how well they ’ re protected against intrusion . I think it is difficult to make the claim that a private cloud can execute security better than what the public cloud providers do on that dimension . We haven ’ t seen anywhere near the kind of intrusions and hacking into public providers that we ’ ve seen in companies running their own data environments . From what I ’ ve seen , there seems to be a gradual acceptance towards public cloud .
JE : I agree with Bernard on some aspects . Public cloud providers are very good at security . Google , Amazon and Microsoft are top notch at running security at scale across very large environments . They have a very large investment in the security operations , as we similarly do at Rackspace . Having said that , there are some companies that have very specific security requirements . For example , financial services institutions are responsible for certain regulated data that they don ’ t want to hand over to a third party . In some cases it is just untenable for them to let that data out of their own facility .
I think that clouds can be secure , but public clouds can also be insecure , depending on how they ’ re operated . This is something we ’ ve found at Rackspace as we ’ ve interacted with customers that are using both public and private clouds . A lot of the security depends on what is hosted in the cloud and how that application has been built and architected . The cloud doesn ’ t magically make an application secure or insecure ; it has a lot to do with how you manage it , the policies around it , and compliance sometimes is what forces your hand .
DL : Are we dealing with practical reality , or are we protecting our jobs and egos more than we are protecting data ?
BG : For some companies there are a portion of their applications that must reside on premise for these compliance and security reasons we mentioned . The key question is , do those requirements apply across the entire application fleet ? Warren Buffett says you should know to never ask a barber if you need a haircut . Similarly , if you ask the people who run the on-premise systems if you need to keep your stuff on-premise , the answer is probably going to be yes . If
FALL 2016 | THE DOPPLER | 85