Watch out for that cloud lock-in

The cloud lock-in is often a greater concern than lockout, but both should be top of mind for organizations looking to deploy cloud seriously, according to Gartner.

The cloud lock-in is often a greater concern than lockout, but both should be top of mind for organizations looking to deploy cloud seriously. That's especially so for those who want to deploy cloud for serious business, according to Gregor Petri, research director at Gartner.

Read this

Cloud failure and the flight to Amazon

Your cloud data: how fast can you get it out? A failed cloud storage company reminds us that yes, we can lose data in the cloud. Now what?

Read More

Lock-in refers to the situation where it is often difficult — because of time and costs — for user organizations to switch suppliers. According to Petri, this is often because after some time the software becomes so closely linked with the way the organization works that saying goodbye to the vendor becomes virtually impossible. It is no coincidence that there are only two industries, IT vendors and drug dealers, that routinely refer to their customers as "users", he pointed out.

"As long as the supplier still has his sights set on expanding its market share, lock-in is often not a problem. But by the time the revenue from the installed base becomes more important than winning new customers, customers often start to encounter regular price increases, increasingly stringent terms of use and less responsiveness from its vendor," said Petri.

For now, that tipping point is still far away as the cloud market makes up only about 3 to 5 percent of total IT market spend, noted the analyst. However, he warned that it was also an industry where lock-in has a lot more impact that in traditional IT.

Most of the time, cloud customers rely on their supplier for the whole service stack: application, middleware and underlying hardware, noted the analyst. SaaS offerings can typically only be bought directly from the authoring organization, he observed.

Plan B and exit strategy

"Just imagine a scenario of a typical cloud provider, who controls the entire stack from application to hardware, unexpectedly going out of business or if that provider decides it does not want to serve a certain company or country anymore. Like how several cloud providers locked out Wikileaks after the first press leaks, or a vendor like Mega Upload, where regular customers lost all access to their data after a judge ordered them to shut down completely based on media industry accusations," said Petri.

Companies can also get cut off from products by reputable providers if they decide those products are no longer strategic, he warned. "The big difference between the cloud and traditional in-house hardware and software is that as soon as the provider stops its service, the custoemr is immediately out of business. This is very different form traditional IT where resources could often still be used for years, even if the hardware is out of warranty and the software out of support."

According to Petri, the cloud era makes having a plan B and an up to date and easy to execute exit strategy even more crucial. Identifying what parties will be allowed and capable to take over is important, though this is only pragmatically possible for open source solutions, he added. "Any good cloud strategy must start and end with an exit strategy."