Lessons Learned - Busting Cloud Myths

Tuesday, June 14, 2016


In this missive, I’ll address some of the myths of cloud computing, and AWS in specific.

As a PSA, I speak to a number of  people, (business, tech, and the sub species called sales), many of which have some rather “unrealistic” expectations of what cloud computing in general and AWS in specific can do for them.

Just to follow good security practices, I’ll not reveal so much that anyone can be specifically identified, but I am sure we’ve all heard at least one of these whilst standing at the coffee pot.

And as a gentle reminder, “The Cloud” is NOT MAGIC


Myth 1: “We’ll just put in the cloud”

AWS CAN NOT make your legacy application a “cloud application”, it can offer a stable, scalable environment to host your application. You can “re-factor” existing applications to use AWS services with the goal of horizontal scalability, increased availability, and heightened security. But you will need to think about how to migrate your application to the cloud.

Myth 2: “It’s in the cloud, it’s secure.”

AWS CAN NOT make your application secure. This is a story of in and of.  AWS is responsible for the security OF the cloud, YOU are responsible the security of your application IN the cloud.

Consider a bank vault, the vault manufacturer researches, designs and builds an impregnable fortress of a vault. If the bank manager does not close and lock the vault …

Likewise AWS has some of the most stringent security requirements for its infrastructure, but if you use insecure applications, weak passwords, and poor security practices …

If you do not do a proper job of managing your applications security, there is nothing AWS can do.

Myth 3. “We don’t have to worry about ddos, we are in the cloud.”

AWS CAN help you make your application more resilient. In the days of massive ddos attacks, the ability to absorb large amounts of traffic is inherent in the AWS network, IF your application is built based on AWS design recommendations and best practices, with the ability to either scale out horizontally to meet the traffic load or insert the AWS Content Distribution Network to deflect the attack away from your server, and maintain service to your users.

Myth 4.  “We are on AWS, it will be much cheaper.”

AWS CAN save you money in running your application. The method of “use what you need and pay for what you use” is a game changing concept. In the world of data centers, you have constant cost for electricity, cooling, bandwidth, and space, in the cloud you use what is needed when it is needed and shutdown resources when they are not needed.  This is a function of how you structure your application, and implement your AWS presence.  Simply using one of the many AWS migration tools to “lift and shift” your  application in to AWS, will not generate the cost savings many expect.

Myth 5. “It’s in AWS, it’s bullet proof!”

I’ll avoid the comment of, “If you make it idiot proof, some one will come up with a better class of idiot.”  AWS will not make your application failure-proof. It DOES allow you to recover quickly, even automatically in some cases, this does mean you must architect your environment to use AWS services enabling redundancy and high availability. By using best practices for backups, and auto scaling, long RPO’s and RTO’s (recovery point objectives) are dictated by choice or design, not by capability.

Leave a Reply

Your email address will not be published. Required fields are marked *