Lock-In in Cloud Computing Services

Lock-In happens in cloud as in any other sector, the service provider cloud sometimes make the transition out of their platform more difficult than it could be. As like we wrote in Lock in Effect in Todays Technology and Gadgets, the basic target is actually the same for creating Lock-in in Cloud Computing services. A way in which they implement this Lock-in is through the security checks. The goal of security controls is to restrict access to data : this fact makes it easier for a service provider to invoke the safety requirements as an excuse for the fact that they are not able to provide pieces of data fundamental to allow a smooth transition.

Lock-In happens in cloud : Checking The Points Again

It is important to ask some questions about how security controls are designed so that one can prevent the lock-in in the cloud for a particular cloud service provider. Here are some questions to consider and some strategy to maintain the services that rent and can release and are platform-agnostic. We have divided in to – Who owns your data, Data return policy, Ways of access the data, Ways for access to resources and the cloud computing service model specific points.

Lock-In in Cloud Computing Services : The ownership and management of data

Who owns your data : An important argument for the ownership of data sent to the service provider. Unless you have agreed by contract that the possession of the data is specifically yours, the answer to who owns them may be less clear than you think. A good service provider recognizes that your data without the need for this to be explicitly requested by the client, but not all do so. It therefore good practice to establish by contract that the ownership of data your remains for the duration of the relationship.

Will the service provider will return the data to you ? : Assuming that you have ownership of the data, the question now is how and in what format your service provider will back you these data. One of the problems that can occur is that the data will be returned in a format that is easy to use. Then specify in the contract the format in which you want the data will be returned. Perform tests to verify that the provider can actually meet your requirements.

You can access the data ? : Make sure that any security checks applied to the data – such as encryption – not prevent you from making logical access to data even when you have the physical property. For example, if the data is encrypted you have access to the keys to decrypt them? Also in this case it is necessary to test the processes to be sure of being able to seamlessly access data. Pay attention to database structures that might have cryptography applied to particular elements of the column, as these may not be immediately visible in export and may require intervention by the service provider to provide the keys if encryption is performed at the application level.

How you access to the resources : In the case of IaaS (Infrastructure-as-a-Service), the data in question include virtual images, make sure you have the ability to access at the administrative level is the underlying OS applications. It is not always trivial to gain access when we do not know the administrator password, even when we have physical access. So if your ISP returns the VM images make sure that you can get access to the OS and application level services performed.

Access to user data : You may need additional information in addition to data for your services continue uninterrupted. For example, if your provider uses a datastore that contains information about users (their ID, authentication information), you too need the this information. Make sure you can get back the data as well as user information, as these data could be stored in a separate place than the application data. Test processes that support a smooth transition is a sound strategy to avoid the lock-in of the cloud provider, which is always around the corner.

Choice of service model and Lock-In in Cloud Computing Services

Understanding Cloud Computing Service Models and Deployment is important for Lock-in. Depending on the type of cloud service you need, it will also change the risk of lock-in. Depending on whether you choose Software-as-a-Service, Platform-as-a-Service or Infrastructure-as-a-Service also changes also the company or individual’s dependence on the cloud service. Obviously it also also depends on the quality of the supplier, but it is certainly less risky to use a service that use a service like IaaS over PaaS or SaaS, in the SaaS the risk of lock-in is significantly higher.

In an IaaS service we have greater flexibility and control of resources, while already PaaS services are likely to close your applications within their platform. Applications designed for a particular PaaS provider can not be transported without radical changes. An IaaS provider as Rackspace Cloud Unmanaged Server gives you the opportunity to go back to migration to cloud any stage and allows for greater portability between providers as the Operating System as well as the server images are compatible with exact setup as most are Free Softwares under GNU GPL or derivatives.