Blog
Tags:
Cloud only sounds secure... until your revenue goes up in smoke for an hour
More and more companies are making the switch from cloud first to cloud only.
It sounds appealing: no more servers in your own data center, no hardware on the balance sheet, no IT department tinkering with screwdrivers. Everything neatly organized by one large provider, who promises to be available at all times.
But that picture is often too good to be true.
On September 4, something happened that many companies don't consider: Google was completely down. Between 8:51 and 10:00 a.m., in the middle of the morning rush hour, companies were unable to function. For organizations that ran cloud only on Google, this meant that their business was at a standstill for over an hour. No orders, no customer service, no production. Most of the day's turnover evaporated in sixty minutes.
Less than a week later, on September 8, Google Meet was down for an hour. At first glance, this may seem like a minor issue. For Dutch companies, it happened at the end of the working day. But imagine if this happened on a Monday morning, when all internal and external meetings are scheduled. How much would it cost you to reschedule all your meetings? How many decisions would be delayed? How many customers would drop out in frustration?
The promise of complete peace of mind is an illusion. The cloud is not flawless, and your internet connection is an additional weak link. Whereas you often had redundancy and direct control on-premises, you now rely entirely on an external party—and that makes you vulnerable.
In this blog, I will take you through the main risks of cloud only – and how you can reduce them before your business comes to a standstill.
The silent Achilles heel of your cloud provider
We often talk about the advantages of the cloud. Scalability. Flexibility. Costs that move with your business. But one reality is still too often ignored: cloud providers also experience outages.
In September, Google went down several times. But AWS, Azure, and smaller providers have also had their moments of total downtime. Sometimes for an hour. Sometimes for several hours. And during that time, their customers are left waiting helplessly. The flow of orders stalls, customer service is unavailable, and internal processes come to a standstill.
And even if you still work cloud first instead of cloud only, you are not safe. Many organizations have moved their identity management to the cloud. Sounds logical – centralization, simplicity, single sign-on. But as soon as your identity provider goes down, your access to on-premise applications also stops. A single failure can therefore paralyze your entire IT landscape.
That's a problem. Because yes, cloud providers are often more redundant than what you ever had on-premise. But redundancy is not a panacea. It protects against hardware crashes or servers catching fire. Not against errors in the complexity of the cloud itself.
And that complexity is only increasing. Whereas on-premises you had to deal with a few servers and switches at most, cloud providers are gigantic ecosystems of thousands of systems, services, and layers of configuration. One wrong DNS setting can take an entire region offline for hours. A routing error or a misconfiguration in load balancing can affect millions of users.
The irony? It is precisely this complexity, which is intended to make everything more secure and robust, that creates new risks that you never had before.
That is why trust alone is not enough. Anyone who uses the cloud needs to think about how to deal with downtime.
And how dependable is your connection to the cloud?
Many organizations take their cloud connection for granted. You take your existing internet line, put a VPN over it, and you're done. It works. So no one pays any attention to it after that. But it is precisely that carelessness that makes you vulnerable.
Even if you opt for a more expensive option—an EVPN, an MPLS connection, or a leased line—you are not immune. Because one connection is not a connection. Fiber optics can be dug up. Network equipment can break down, either at your end or at your provider's. It happens more often than you think. We've experienced it ourselves several times. Once, it even took three weeks (!) for KPN to resolve the problem. Three weeks during which the organization in question was completely paralyzed.
What is often forgotten is that it is not only the cloud provider that can fail. Your access to it is also a Single Point of Failure (SPOF). If that connection is down, your entire IT is down. Email. CRM. Production. Customer portals. Everything.
Ironically, on-premise connections were usually more robust. Multiple uplinks, various routes, sometimes even different providers. As soon as companies move to the cloud, that awareness disappears. The critical WAN connection is often set up as a single connection. And that is precisely what makes your cloud strategy fragile.
If you want to seriously commit to cloud only or cloud first, you also need to seriously consider redundancy in your connections. A single line is asking for trouble.
How to prevent downtime (even when the cloud fails)
There is no such thing as complete security. But you can significantly reduce the risks of cloud only. That starts with identifying your risks. Not every application is equally crucial to your business. If your Tour de France pool is down for a few hours, sports fans will be disappointed, but your business will survive. If your ERP or CRM is down, your organization will come to a standstill. It is precisely these critical applications that deserve extra protection.
The tricky part is that the measures you need are rarely offered as standard by cloud providers. So you have to take control yourself.
- Work multicloud. Spreading your most important applications across multiple providers increases your resilience. Moving a virtual machine from Azure to AWS is not something you do lightly. But with good data connections and replication, you can ensure that one provider can take over if the other fails.
- Make sure you have a backup connection. The simplest option is a 4G or 5G line that automatically kicks in if your main connection fails. A more robust option is to have multiple fixed lines from different providers. Please note: physically separate routes are crucial. We once had a customer whose “redundant” connection ran through exactly the same trench. That trench was dug up, and both lines were lost.
- Run a local copy of your identity management. If your login mechanisms run entirely in the cloud, a malfunction will block your access to everything. With a local copy, you can continue working. Are you already fully in the cloud? Then make sure that multiple providers have your identity data, so that you are not dependent on a single point.
These measures won't make cloud-only flawless, but they will make it much more robust.
Security in the cloud starts with making the right choices
Cloud only or cloud first can make your organization agile, scalable, and cost-conscious. But only if you don't ignore the risks. One failure at your provider. One dug-up cable. One error in your identity management. And your entire business comes to a standstill.
Don't want to find out when it's too late?
Then now is the time to take the right measures.
At Sciante, we work with you to identify the risks in your cloud strategy. We show you where your single points of failure are and how you can resolve them in a smart and affordable way. This allows you to build a cloud environment that is not only flexible, but also truly robust.
Want to know what this looks like in your situation? Make a no-obligation appointment with me. Together, we'll make sure your cloud not only sounds good, but is also reliable.