Peering into your Public Cloud’s Data Centre?

As a CFO, why should you be concerned about your cloud provider’s data centre? Isn’t not having to think about the data centre — about all those boxes and wires, vents and air conditioners, landlords and leases, staff and security, access and uptime — one of the reasons you moved to the cloud in the first place?

It would be pretty to think so.

Public cloud computing (that is, multitenant, off-premise environments) can remove much of the pain of running enterprise IT. Your cloud provider (theoretically) takes care of everything so you can sleep soundly. The prevailing perception is that reputable public cloud providers are running best-of-breed IT infrastructures, supported by best practices, and meeting minimum industry governance, security, and operational standards. Typically, their data centers are protected by layers of physical and electronic infrastructure, contain multiple layers of redundancy, and offer a level of resilience that cannot be matched by traditional, on-premise centers. In fact, unless you devote a great many resources to IT, it’s unlikely that you could improve on your cloud provider’s levels of service and security. Running a data center is not your business. Your business is something else. But the data center is the cloud provider’s business. Without it, there’s no cloud and no business.

So, why worry?

A Jacob’s Ladder of Dependencies
Here’s why. When you sign your public cloud provider’s contract, or accept its online terms of agreement, you sign away any and all input, control, or say over how its data centers are run, managed, or secured. In the case of your software-as-a-service (SaaS) provider, remember that it is most often hosting its offering — the one you’re paying for and depending upon — in a third-party provider’s data center. The performance of the SaaS application you’ve signed up for therefore depends upon the good governance of the underlying data center and the balance, integrity, and enforceability of the SaaS provider’s contract with its hosting provider, as well as all the other parties that make up its computing ecosystem.

Read the full article here