Low-cost cloud computing and storage can be a boon for IT managers with tight budgets looking to get as much computing power for their money as they possibly can.
One of the major ways this is achieved is through multi-tenancy. Multi-tenancy allows a single physical instance of a resource to be shared among multiple consumers, which allows for consolidation of and more effective usage of those resources. This lies at the heart of cloud computing, taking some models from the mainframe era and porting them to today’s modern hardware. But while multi-tenancy in public and private clouds offers economies of scale, it can also create potential problems for enterprise users.
Infrastructure, whether on-premise or cloud, is about cost, security, performance, control and flexibility. These five key issues are at the forefront of IT managers’ minds when it comes to implementing infrastructure and the applications that run on top. So can cloud providers deliver this in a multi-tenanted cloud environment? Where do they fall short and what can the IT manager do to mitigate risks for their organisation?
To look through the glossy prospectuses that cloud providers provide, many IT managers would think, on first impressions, they may be signing up to the Fort Knox of cloud and all will be well. However, recent investigations by independent security consultancy Context Security found that for many major multi-tenanted cloud providers, this is far from the case.
Many cloud providers will tell prospective clients that data and settings are isolated from others. However, investigations by Context’s consultants found examples where fragments of customers’ databases and other system information could be seen by others. When this sort of information, which Context found included personal, identifiable information, such as parts of customer databases and elements of system information such as Linux shadow files (containing the system’s password hashes), was put together, it could allow an attacker to take control of other hosted services.
Such systems weaknesses are analogous to renting an apartment, only to find the tenants next door can let themselves in and wander around, find your wallet and car keys and then pass themselves off as you while using your car.
This vulnerability reveals itself in the way some cloud providers automatically provision virtual servers, start-up operating systems and assign storage. Faced with this situation, enterprises may well decide that all their data is encrypted in the cloud.
Greg Devine of cloud backup company Asigra says that IT managers need to ask their cloud provider what data encryption levels they operate and whether the customer has control over the data encryption key.
Cloud providers should offer a range of encryption choices all under the control of the end-user. That way “the data is encrypted when it travels over the internet to storage, and the data is also encrypted by the cloud backup application. The user has total control over the data encryption key,” he says.
Devine recommends purchasing cloud services from providers that are FIPS 140-2 certified and compliant with Sarbanes-Oxley, IFRS and other regulatory requirements your industry is required to meet.
These measures, alongside control over password management and rotation - regularly changing passwords every few months - said Devine, mean “a user’s data will be secure and protected in a multi-tenancy environment.”
One of the benefits often mooted in the early days of cloud computing was that you no longer needed to know or care about where the data was as long as you had access to it. But as we see growing regulation on data location and with security breaches occurring with depressing frequency, many companies want to know exactly where their data is.
This seemed easy when organisations hosted all their own applications and data and when a single application or a single business process had its own dedicated servers and storage attached. Though the security of in-house IT was often overstated, multi-tenancy offers no such certainty.
It is up to the cloud service purchaser, not the cloud provider, to know what data can and cannot reside on multi-tenanted shared architecture and also to understand what data can and cannot be co-hosted with other data in the cloud. It could be that an organisation does not want its data to be co-hosted with that of a competitor.
Chris Rae, vice president of Cloud Solutions at CA Technologies, says that customers should not conflate hosted service and cloud service provision.
It is not in the interests of the cloud provider to deliver a single tenancy solution as it undermines the basic economies of delivering a cloud service, so cloud customers need to make their requirements explicit.
“Customers can talk to their cloud provider to make sure that their data is being kept in single-tenancy, but this would need to be agreed as part of the SLA, and it will cost more to the end user,” says Rae.
Strong contracts are essential in ensuring end users get the service and security they require. They are also essential if the worst happens to your data. Martin O'Donnell, hosting and cloud services director at IT service provider Phoenix, is blunt. The amount of control a customer exerts over the cloud services it buys is only as good as the contract that sits around it, he says.
O’Donnell says that if data location, infrastructure segmentation and segregation are paramount then the customer needs to look for a cloud service that will contractually guarantee this. “In terms of data laws it’s not necessarily about where the servers are located; it’s about what country’s legal system the contract is governed by,” he adds.
For example, a service run on a multi-tenanted system hosted by a US company may be subject to the Patriot Act. This means that the US government could potentially have access to your confidential data without your consent. European Union laws are still playing catch-up on this issue.
Last, but not least, O’Donnell warns that contracts should ensure that there is no lock-in for customers. “It’s easy to get into cloud and it should be easy to get out as well,” he says. “If it’s not then it’s probably not cloud."
Performance is a key factor in many organisations’ decision to use cloud services. Whether it is raw compute power bought to handle peak loads or the rapid deployment of a business process via a SaaS application, performance is what the customer is purchasing.
The cloud supplier, on the other hand, faces a more complex equation. Delivering multi-tenant solutions with all customers sharing a common infrastructure allows the supplier to deliver attractive pricies and performance and allows customers to get up and running in a short time.
For cloud providers in general and SaaS providers in particular, this means that they build their architecture around the common performance requirements of most customers. However, these common requirements are not universal, so some heavy-duty users may require performance that the provider cannot or will not provide without breaking its standard model.
There is an additional issue of over-subscription. For the service provider the incremental cost of adding a multi-tenant customer is initially small, but the cost model can change dramatically if additional infrastructure is required to service a growing client base.
As a result cloud providers often oversubscribe resources. For the majority of operations, minor levels of over-subscription are, in effect, a way of managing resources effectively. Not every customer is going to use all their contracted resources at the same time. However, with high performance applications there is a risk that the process can impact the guaranteed level of performance a customer has signed up for.
Jan Sysmans, senior director of Product Marketing at open source CRM company SugarCRM, highlights potential performance issues caused by oversubscription of some multi-tenant services. “Typically this is only temporary until additional infrastructure is added, but this is an inherent risk associated with using a shared infrastructure,” he says.
Cloud computing delivers extremely low cost per hour, per compute cycle or per gigabyte, it can also carry hidden cost, particularly round rewriting of applications to make use of external platforms and the porting of data from your organisation’s infrastructure to the cloud.
John Roberts, head of Managed Services at service provider Redstone, says that end-users should be aware of these issues and look to offset cost elsewhere. One source could be renting core office productivity apps rather than paying out large sums up-front to buy the software outright.
But while popular software is increasingly available from cloud and SaaS providers, smaller software companies operating in niche areas or with few customers may not see much gain in porting their products to an entirely new platform. For IT managers, this could mean that not all applications can be taken to the cloud.
As cloud use grows, cloud providers are moving beyond one-size-fits-all services to provide product offerings that comply with local regulatory requirements. A pan-European cloud provider, for example, will know that in Germany, customer data has to be stored and processed within the country. As a result they will run cloud applications from appropriately sited data centres. But not all providers can or do achieve this.
In these circumstances IT managers must be acutely aware of the governance and compliance needs of their own organisation before they sign any contracts. Ultimately responsibility for compliance falls on the purchaser of cloud services, not the supplier, so it is essential to understand the legal constraints that may impinge on the flexibility cloud offers your organisation.
Keith Bates, chairman of service provider Cloud Computing Centre, says if necessary, organisations should consider taking on specific local providers to meet compliance requirements.
“This is not a cloud-specific problem,” said Bates. “It would not be any different for an organisation that wanted to outsource its IT using traditional methods. It too would struggle to find a single provider that operates in all the territories that would be required.”
Bates highlighted an additional issue where end users should explore the flexibility of contracts with cloud suppliers – the question of how much of your data a provider will allow within the multi-tenant model.
“There is nothing worse than ending up with a contract that does not reflect the business’ needs, and the customer then finds themselves locked-in with that vendor for three years,” warns Bates. He advises organisations to work out how much data will be required, get it written into the contract, and select a cloud service provider that is flexible enough to meet those needs.
Enterprise IT is all about balancing cost, benefit and risk. Multi-tenanted cloud computing model can deliver spectacular cost and service benefits and it can be as secure and compliant as in-house IT operations.
The major cloud providers offer an excellent service with clearly defined terms and conditions. It is up to you to make sure they are appropriate for your organisation. As ever, it is buyer beware.