A few big questions about cloud computing service providers
Source: Internet
Author: User
KeywordsService vendors they provided for to ensure that
Most of us have learned from our personal experience that changing from one service vendor to another will be a big challenge. For example, you can think back to the past in changing your http://www.aliyun.com/zixun/aggregation/17385.html "> telecom company, Internet manufacturer or 8200.html" > The bad experiences of mobile phone service providers. Terminating a relationship with a service provider is more difficult than the other interactions you have with them, as is the nature of the business community.
Let's face it, usually the service provider does not provide a seamless process for transferring the business to competitors. However, customers may not realize that the lack of self-discipline of the service vendors may be to retain customers and consciously set the barriers, and in fact they do so. In other words, by increasing the customer's difficulty in the design, we can improve the customers ' loyalty to the service or product they use.
Like stories in other service vendors ' relationships, the same scene is happening in the cloud computing world: cloud-computing providers, especially those with a lack of self-discipline, tend to set up inconveniences and hurdles for users to get out of their platform services. One of the main methods is through security control. The fact that security controls are designed to restrict access to data can make it easier for service vendors to use "security requirements" as an excuse to be unable/unwilling to provide critical data for a smooth transition of vendor changes.
There are a number of issues that need to be addressed to your security control architecture so that users can prevent cloud vendor lock-in. Here are the questions and the strategies you should stick to in buying the service, but not the data.
Who owns your data?
An important question is who your ownership of the data from the service provider belongs to. Unless the ownership of the data in the contract is yours, the answer to the question "who owns it" may be more complicated than you might think. Reputable service vendors can identify whether the data belongs to you without asking, but not every service vendor has the same good reputation. Clear data ownership in the contract will take effect throughout your organization and the life cycle of the contract.
Will your service provider return your data?
Assuming the ownership of the data you keep, the question becomes how and in what way your service provider will return the data. After summarizing the previous experience you will find that the format of their return data is often not easy to use, such as the use of backup tapes, which do not have special tools for you is useless. Therefore, at the contract stage you should ask the service manufacturer to provide you with data in the format you specify, ideally you should be able to provide them whenever you need them. Tests should be conducted beforehand to ensure that the vendor meets your requirements to avoid problems associated with the transition period.
Are you able to access data?
Knowing that any security controls applied to data, such as encryption, can prevent physical access to data, even when you have physical data. For example, if the data is encrypted, do you have access to the decryption key? Furthermore, the testing process ensures that you can actually get all the data elements. Since 1 These are not immediately apparent in the original output, 2 if the encryption is done at the application layer, then it may be necessary for the service vendor to provide the key, so pay special attention to the database structure that applies column-level encryption to a particular element. It is also useful for third-party escrow keys when the vendor terminates the operation, so that when a problem occurs, you don't have to rely on those new unemployed workers to follow in their footsteps.
What about resource access?
In the case of an infrastructure as a service (IaaS), when the data in the problem includes virtual mirrors, make sure you have the ability to access the administrator level of the application and the underlying operating system. When you do not know the administrator password during physical access, gaining access is extremely valuable. So if your vendor returns a virtual image, make sure you have access to the operating system and application layer of the service they are running.
Are you able to access user data?
Keep in mind that you may need ancillary information other than the original data so that your service can continue uninterrupted. For example, if your service vendor uses data stores that include user information, such as their IDs, roles, rights, and authentication information, you may also need to. Make sure you have access to data and supporting user information, because the data may be stored separately from the application data.
It is obvious that service vendors are unwilling to provide easy platform transfer methods. However, it should be noted that service vendors may limit your choice of new vendors, or at least set up barriers for change vendors, and testing to support a clean transfer process is a reliable strategy to avoid cloud vendor lock-in on the development path.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.