When managed service providers (MSP) and systems integrators decide to partner with a larger cloud provider rather than build their own cloud services, there's a real chance they could become victims of cloud lock-in from a contractual or technical standpoint. But if your team asks the right questions and makes the right development decisions up front, the cloud lock-in threat can be mitigated.
"If you don't [expend] enough effort to figure [out] how you disconnect, how you would migrate your applications and data, the form the data is in, who owns it and where the data resides, [cloud lock-in] could be a challenge," said Kevin McDonald, executive vice president of Alvaka Networks, an MSP in Irvine, Calif. "There are thousands of questions that you would ask if you were doing this locally that people aren't asking when it comes to the cloud environment."
There are thousands of questions that you would ask if you were doing this locally that people aren't asking when it comes to the cloud environment.
Executive Vice President, Alvaka Networks
Mike Chase, chief technology officer for dinCloud Inc., a Los Angeles-based cloud service provider, said there are two types of cloud lock-in that should concern cloud integrators: hidden "gotchas" in contracts or service-level agreements (SLAs), and technical issues that could make it very difficult for integrators to migrate applications or data away from a cloud provider should they wish to make a move.
"Let's be clear: [Cloud] lock-in can be great when you're loving the situation, but it all depends on the scenario," Chase said.
With this in mind, there are five simple things that cloud integrators and MSPs can do in conjunction to minimize the chances that they will find themselves trapped in an untenable partnership.
1. Assess the financial health of the cloud provider. Although this may seem logical, don't overlook the need to check references and ensure that your chosen cloud service provider has the capital to keep going over time.
"When [providers] run into trouble, they might sell off control or assets," said John Carter, president of CDI Managed Services, the cloud service and integration division of Computer Design & Integration, based in Teterboro, N.J. "You need someone small enough and close enough to their customers to be flexible and to be a true partner. But you want to make sure they are capitalized."
2. Make sure the provider has an adequate data backup and disaster recovery plan. This addresses a different type of cloud lock-in -- the kind that occurs when a partner puts a customer's data or its own into the cloud and never sees it again because the cloud provider has neglected to protect its own infrastructure.
This somewhat relates to the first point, but an incident last year involving Amazon’s Web Services was a gripping illustration of the cloud market's immaturity. In some instances, some of that data was lost forever.
"We have to remember that cloud computing is still like the Wild West," said CDI's Carter. "The laws are still emerging."
3. Understand the data migration plan. If an MSP or cloud integrator decides to take its cloud infrastructure needs elsewhere, how easy will it be to extricate the data? In many cases, it's no simple feat. Cloud lock-in is a real concern here.
More cloud tips for MSPs
Cloud services may be cheaper, but MSPs have much to weigh before going up
Hybrid cloud can help MSPs with cloud transition
Datapipe bets its MSP service on Amazon cloud
"Cloud, to me, can involve lock-in because you have data mixing going on, shared stores, different ways of backing and storing data," said McDonald, of Alvaka Networks.
Sometimes, the process of migrating data will cost more than the money than an MSP or cloud integrator would save by starting over with another cloud provider. That's why it is important to understand cloud portability and migration implications, and even run a test at the beginning of a contract to see how easy it is to get out, should you need to later.
4. Study the fine print of the contract. Integrators and MSPs that are serious about the cloud must understand how easy -- or challenging -- it will be to legally break a contract with the partner provider if business requirements legitimately change.
For example, if your client doesn't need that server or feature any more, can it be turned off with little penalty? Who owns the licenses for any software that is being used on the servers? These are all questions worth reviewing up front to dodge cloud lock-in.
5. Avoid developing directly to the cloud service provider's proprietary application programming interfaces (APIs). Brian Day, director of application services and Platform as a Service (PaaS) strategy for integrator Logicalis, which has its U.S. headquarters in Farmington Hills, Mich., said the simple act of moving an application onto a cloud-hosted server isn't really a problem. But moving an application onto a cloud-hosted development platform (such as Azure, the Google App Engine and so on) could create challenges.
Although there are performance benefits that could be gained by developing directly to a specific API, Day said integrators and MSPs should consider the migration implications down the road just as they would if they were considering an on-premises solution. "You probably want to code the application in such a way so that you are writing to a generic service layer," he said.
Heather Clancy is an award-winning business journalist in the New York area with more than 20 years of experience. Her articles have appeared in Entrepreneur, Fortune Small Business, the International Herald Tribune and The New York Times. Clancy was previously editor at Computer Reseller News, a B2B trade publication covering news and trends about the high-tech channel.