back to article From slow batches to fast files, how Microsoft is luring folks into Azure

What’s new for Azure at Microsoft Ignite? The key point is not so much the list of new features, but the direction the company is taking with its cloud platform, which is to make it pervasive even for customers working mainly on premises. Azure Security Center began as a dashboard for monitoring the security of Azure virtual …

  1. JakeMS
    Alert

    Still sceptical..

    Still sceptical.. I mean, I understand how running in the cloud can speed things up - but the idea of storing business data outside of company controlled computers like that.. I don't think so.

    I mean for websites and publicly accessible data? Sure go for it!

    But for company data such as accounting details, employee details and any other important details? I don't think so. I mean can you really say with 100% certainty that Microsoft (or Google/Amazon!) will always be able to keep that data safe? That they won't scan it? That they won't profile it? etc?

    I don't know. I just feel like it's open to abuse too much.

    I'll still be sticking to having our data stored on our own company systems.

    1. The Original Steve

      Re: Still sceptical..

      I agree, have an upvote.

      Unfortunately, the way the cloud providers are going, particularly MS, it's not that clear cut. Have your data on prem, but use Azure for monitoring... Meets your requirements but the security, profiling and accessibility / cost risks still exist.

      It's a blurry, hybrid world - or at least that's the way MS are going.

    2. Anonymous Coward
      Anonymous Coward

      Re: Still sceptical..

      Let's see which will be the first cloud company to be hit by GDPR...

    3. BenN

      Re: Still sceptical..

      "Can you really say with 100% certainty that Microsoft (or Google/Amazon!) will always be able to keep that data safe?"

      Can your firm keep that data safe? If you work for Verizon, Deloitte, HipChat, Wonga, the NHS, Virgin America, Equifax... well that's just some of 2017's bigger targets. Chances are that if you work for a smaller firm you might not even know you've been breached, so why not let a larger firm take the hit for it? Let Microsoft/Google/Amazon worry about the cost of hiring security researchers and accrediting the infrastructure, whilst you worry about your *actual business*.

    4. Anonymous Coward
      Anonymous Coward

      Re: Still sceptical..

      Google, Azure and AWS are more secure than your Data Centre.

      Your data is safer in the cloud than on your own servers.

      It might sound strange, but its true. These companies are spending billions on their clouds, they cannot afford a security breach, oh sure, you can for instance leave an S3 bucket unsecured (ignoring the warnings) but the cloud providers security must be bullet proof or they'll be out of business.

      The biggest Govts, Banks, Retailers, Airlines etc all use one or more of the above clouds, think they're naive? No, they've done their research and know public cloud is secure.

      1. This post has been deleted by its author

  2. Anonymous Coward
    Anonymous Coward

    Re Still sceptical..

    You know that you can encrypt your data, right ?

    1. JakeMS

      Re: Re Still sceptical..

      Good idea, but lets be honest encryption will only take you so far. You can encrypt/decrypt files - but then you've got to train users how to decrypt them or put in place an automated means of decryption (potentially making the encryption pointless).

      The "easiest/quickest" way would probably be encryption containers - this would mean only decrypting and encrypting once per session - but again still slowing you down.

      Then of course the majority of features offered by Azure such as change tracking etc simply stop working and the slowdown caused by having to decrypt and encrypt each time a file is changed would make the cloud appear "slow" to users, even more so if it's a manual process.

      So overall If you're encrypting/decrypting data then it kind of makes the cloud pointless as all the "benefits" offered by the cloud are lost upon encrypting the data.

      1. Anonymous Coward
        Anonymous Coward

        Re: Re Still sceptical..

        Guess you don't know much about cloud encryption.

        Decryption is automatic using keys you own. Your users are completely unaware of it, a bit like when you visit an SSL website site using https.

    2. Anonymous Coward
      Anonymous Coward

      "You know that you can encrypt your data, right ?"

      Yes, and any workload needs the keys to decrypt them to perform useful work on them.

      The only data you can store without the keys being also somewhere available on the cloud itself are backups and archives - cold data which are not used but just stored.

      1. Saint

        Re: "You know that you can encrypt your data, right ?"

        Wrong. AWS KMS certainly doesnt work that way

  3. Anonymous Coward
    Anonymous Coward

    The problem is...

    ...cost. The cloud cost so much more than on site unless you're a small business then it might be worth it. But you still need to factor in the cost of the engineer/s to support it. Problem is, directors don't see this and just are under the delusion that full cloud is cheaper.

    Sometimes I long for the 90s and 00s to be back, I'm starting to fear I'll be out of a job I enjoy soon.

    Mark Russinovich who I really like as a developer said it sadly, and made me slightly go off him. Because he's at the top of his game and moving on as the tech is, some of us aren't as bright as him so struggle. But in an interview he said something along the lines of "A lot of engineers don't want to move to the cloud because they know it will put them out of a job. But they have to deal with it". I couldn't watch the rest of the interview after that. Easy to say when you're as bright as a button.

    1. Just Enough

      Re: The problem is...

      "I couldn't watch the rest of the interview after that. Easy to say when you're as bright as a button."

      I can fully appreciate how many might feel the cloud is a threat to their current job, and maybe it is. But unfortunately, ignoring it will not make it go away. So your choice is either to become someone who has the skills to earn a living on the cloud, or become someone who find their skills are no longer required. The surest way to become one of the former is to be actively involved in a project moving to the cloud.

      There's a lot of very experienced IT professionals who should know better than to sit on the sidelines and scoff at new technology, but are doing it all the same. "The cloud just means someone else's computer." "Nothing is as secure as my server in my server room." "It''s just Microsoft plotting to make more money."

      Remember all the old systems that you were involved in replacing 30 years ago? Remember all the stick-in-the-muds who simply refused to use a computer/email/internet? Did their derision and refusal to be involved stop it happening?

      I can understand how you feel. I can sympathise with your dilemma. However that's not going to keep you employed in IT. That's up to you.

    2. JasonT
      Gimp

      The opportunity is...

      ...cost. Yes, you can run your own servers in your own data center, with your own SAN and fiber channel and etc. And yes, if hardware capital costs were the biggest cost, putting infrastructure on the cloud would make no sense.

      But then comes downtime. Yes, we can buy a SAN array with redundant controllers and redundant power supplies. Will never go down, except for when it does; either because you have to have a maintenance window to update the firmware, or because you didn't and it goes down because that firmware fixes a flaw in the fiber channel controller (not imaginary, I assure you). Does your company go out and buy a redundant SAN array for the SAN array that wasn't supposed to go down? Do you rent another cage at your co-lo to put it in? What about geographic redundancy?

      When your capital depreciation is done, do you always go out and upgrade your servers? Do you update your routers and switches? Or do you keep what you have because it's "good enough" and throw more money at developers to try and pare down their SQL statements and bloated apps to keep performance acceptable?

      Big enough companies can spend their way through these problems without the help of Amazon or Microsoft. If you are under a billion dollar company though, good luck on convincing your leadership (or the board) that spending the money to have redundancy and performance is worth it. Until stuff goes down, and you get to update your resume. Downtime has a cost too, it just doesn't get consistently measured.

      Having worked at companies with on-premise (actually co-lo) and cloud, I will take cloud all the time. Yes, there is the occasional horror story like the AWS S3 failures, but it happens far, far less frequently (especially if you stay out of us-east-1) than the outages when you are the guy taking the 2 am call. And there are far, far more tools to build resiliency and redundancy than a lot of companies are willing to pay for to build in-house.

      Security is more work, but there are improvements in at-rest encryption, encrypted VPNs etc. that mitigate a lot of the pain. Engineering is still quite important, I spend less time reading HP and DELL service bulletins and more time working on orchestrating and automating deployments, backups, etc.

      One other thing too, it's far cheaper to experiment and decommission resources in the cloud. Want to stand up a large Hadoop cluster, experiment with it, and then shut it down because it didn't work out? Unless you are lucky enough to work at a company with lots of spare capacity racked up, this is much easier to do in the cloud than if you are having to try and explain why you want to take an early write-down on infrastructure that didn't quite work out.

      1. Ken Moorhouse Silver badge

        Re: But then comes downtime.

        Do a Risk Analysis comparison between on-prem and cloud. Simplest example: A company with one pc. Extrapolate how you wish. All risks are "in series" ie., one link fails, everything fails.

        On-prem risks: pc hardware failure, malware. (Hardware maintenance can be scheduled, so less of a risk).

        Cloud risks: Outage at cloud provider, Administrative problems at Cloud (preventing login - is account-holder around to verify credentials?), telephone outage (impacting on broadband), broadband outage (in its own right), hacker issues (e.g., DDOS), hardware problem with router, problem with LAN cabling, pc hardware failure, malware.

        EDIT: Some may say that Multiple Points of Presence dilute Risk. Yes, in some cases. But it all depends on whether your data has been successfully replicated to other points of presence. You may be accessing out of date data. This is where those who think that Cloud is a solution for non-techies need to review things... with their techies.

  4. Steve Davies 3 Silver badge

    The writing is on the wall

    Well, the MS Wall that charts their path to world dominance of IT

    Soon they will make it so expensive in software license terms to have on premises anything (As compared to this cloud thingy' that the beancounters will just see the price hikes and go for a 'cloud everything' solution.

    Those of us old enough to remember the good old days of Citrix... will smile.

    Those of us even older who can remember the good old days of 3270 (or the ICL equivalent) will just shake their head.

    However all it will take is for one major breach of security on this cloud thing and the server makers will be in seventh heaven.

    The old saying,

    "Your data is as safe as the next security breach" is even more important when it comes to the cloud.

    At least with in-house servers you could pull a few network cables and isolate the errant system. No so easy with it all in Cloud (cuckoo) land is it?

    1. Anonymous Coward
      Anonymous Coward

      Re: The writing is on the wall

      I'm old enough to remember all those things and cloud is way superior,

      Remember when you started your career and the mainframe guys scoffed at PC's or Linux. You're now that mainframe guy and the outcome will be the same.

      Adapt or die.

      1. OnlyMee

        Re: The writing is on the wall

        I agree with this. Move or be moved! .Tech keeps moving. Always been that way.

        There are plenty of clouds projects out there that could be considered missteps, especially all the let's move our legacy ERP to cloud projects, but practically all greenfield projects get to build for one of the major cloud providers.

        A lot of legacy software also runs great in cloud especially opensource side of the fence. I think we are seeing the move to pay as you go cloud infra, but at the same time, we are also seeing a major move towards FOSS software.

        I have experience both on-prem and cloud systems. There are few things to that make the cloud shine.

        Tooling. Monitoring, automation, access control and security are an order of magnitude better than anything you could get in-house unless you work at Google.

        Automation is built in! This is big. I no longer need SSH and manually build everything or hope my "golden image" updates.

        It's not all unicorns and rainbows, however. Lof of this tooling works really badly with legacy software bought from some regional ISV... For this look, if they are moving to SaaS model or at least do they provide premade IaaS images or Cloud deployment guides.

        If not stay away from these projects. They are never on time, on budget and you get the blame....

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like