Bad apples threaten small-business cloud adoption

If you ask 10 people charged with IT at a small business to name their primary concern about going to the cloud, you’re bound to find a lack of trust is dominant. After all, it’s difficult for smaller organizations without great depth in IT to trust what they cannot see. At the same time, this group also wants IT to be simple, uncomplicated, and ideally, not their problem any more.

That dichotomy leads to an interesting challenge for cloud service providers trying to market to this growing segment. From what I’ve seen, most providers tend to lean toward simplifying their pitch and hiding as much of the complexity in cloud services as possible. The fewer questions you open up, the easier it is to sell.

However, there’s one enormous drawback of this approach: The customers aren’t forced to develop basic fluency with the services they’re using — and it’s all too easy for your clients to develop inaccurate expectations around performance and reliability. Worse, an uninformed customer is unlikely to be able to separate the well-run cloud services from the fly-by-night operators common in any emerging market.

An understandable reaction might be to suggest that customers not fluent with cloud services should stick to the big, known providers who (one hopes) won’t rip them off or lead them astray. However, these smaller businesses are precisely the organizations the big providers — Amazon Web Services, for example — aren’t well-suited for. Amazon and its peers simply expose too much technical complexity. Typically, smaller providers that either act as a front end for larger clouds or run their own can provide the care and feeding needed by smaller businesses, especially those with limited or no IT staff.

Sadly, it takes just a few of these providers to give the cloud a bad name and ruin it for everyone. Whether due to financial instability, inexperience, or actual malfeasance, a small number of cloud hosting companies are the source of a large share of the horror stories you hear passed around. I recently had an opportunity to see how much trouble an undereducated, overtrusting customer can get into when lined up with an incompetent service provider.

Several years ago, a small business in a regulated industry put out an RFP to replace its on-premises server infrastructure and provide ongoing IT support services. One respondent suggested it could provide the hardware and the support, as well as host the server infrastructure in its own data center. The proposal ended up being the cheapest and seemed to make business sense for many of the same reasons that the cloud makes sense today — it was accepted. For several years, everything went reasonably well. The systems appeared to be well-managed, and users’ needs were supported effectively.

Today, the hosting company is being acquired by another service provider that isn’t interested in maintaining customer-owned hardware. The hosting company informed the customer it would need to move its gear — and within a fairly short time. Of course this isn’t good, but all manner of service providers have gone out of business or changed business focus, so it’s not something you can truly avoid.

However, the short notice and physical move turned out to be the least of the customer’s worries. After securing outside help to effect the move, the customer found it couldn’t just remove its hardware and rehost it elsewhere or even bring it on site.

Why? Because the hosting company had used the same hardware to provide other customers with hosted services. Their mission-critical regulated data had been commingled with other companies’ similarly regulated data at a file level, without any form of encryption, multitenancy, or security whatsoever. Worse, the provider couldn’t find archival copies of data it was charged with backing up. The icing on the cake was the provider’s insistence that it securely wipe all hardware before allowing the systems off its premises — coincidentally, an excellent way to hide its actions.

Although this situation is exceptional, it’s a prime example of what can happen when an uninformed customer finds itself dealing with, at best, an incompetent service provider (in this case, perhaps criminally so). Although you’ll never eliminate every such combination, and the simple directive “caveat emptor” applies as it always does, cloud service providers must do a better job of educating these kinds of customers. Simply glossing over the complexity of the cloud in an effort to simplify matters for small businesses (and, one could argue, consumers) ultimately results in a marketplace full of customers who can’t discern between well-run cloud services with appropriate data protection and security measures from those without any such attributes whatsoever.

This means investing extra effort into appropriately setting customer expectations, offering as much transparency as possible when things go wrong, and providing clear educational materials to raise potential customers’ understanding of what the cloud is and does. It’s not just in the customer’s best interest; it also works to the cloud provider’s advantage — lest they risk being painted with the same brush applied to the bad apples in the barrel.

This article, “Bad apples threaten small-business cloud adoption,” originally appeared at InfoWorld.com. Read more of Matt Prigge’s Information Overload blog and follow the latest developments in storage at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.