Whats wrong with AWS & other cloud tech?

Lloyd Brown lloyd_brown at byu.edu
Fri Nov 18 08:59:12 MST 2011


When people consider "the cloud", the major objection I've heard is what
you've already articulated:  Data security.  In essence, you (or your
client) needs to decide whether the encryption systems and standards
that they have in place, are enough to sufficiently protect the data.

Working this way is essentially giving up control of the hardware to a
third party.  If you (or they, or HIPAA, or PCI) are okay with that, and
there's a significant business case, then go ahead.  I'd take it slow,
to make sure it gets done right, but if you've answered all the
concerns, then why not?



Lloyd Brown
Systems Administrator
Fulton Supercomputing Lab
Brigham Young University
http://marylou.byu.edu

On 11/18/2011 08:54 AM, S. Dale Morrey wrote:
> Hi Everyone,
> 
> I just wanted to take a moment and start a thread on the current state
> of "The Cloud".
> While it's not a term I'm particularly fond of, I've found the value
> proposition of PaaS like Amazon AWS & Google App Engine to be
> compelling (haven't really tried any of the others).
> 
> Thus far I've only used "The Cloud", for toy apps and demos, I haven't
> even considered banking an entire business on it.
> Recently though I was in a discussion with a client who has run the
> numbers and realized that they will save about 80% on infrastructure
> costs if they offload all their IT into a cloud solution.
> 
> Frankly, this is giving me a gut twisting feeling but I'm not sure why.
> My first instinct was to try and bring up the AWS outage last April
> that knocked so many people offline for so long.
> 
> However this setup is designed to resist that sort of outage by
> leveraging geographically diverse data centers and pushing static
> content to edge servers (Elastic Beanstalk + CloudFront).
> 
> Other than that I can't really think of anymore objections to it, but
> something doesn't feel right and I just can't put my finger on it.
> So I'm soliciting the feedback of the group to help me come up with a
> proper list of pros & cons for moving the workload of about 20 servers
> off into the cloud.
> 
> For the record the client has 20 servers located in a single
> datacenter, and it was during the design of their business continuity
> plan that they realized they suffer from the potential for a
> catastrophic single point of failure.  Client is a healthcare records
> management & billing company, so HIPAA & PCI are both significant
> concerns. But they do have strong encryption on the data and there are
> pretty tight controls on who exactly gets access to what data.
> 
> Thoughts?
> 
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */


More information about the PLUG mailing list