Even though cloud technology has developed a great deal and is now very widely used, there are still a lot of people who, for one reason or another, haven’t adopted cloud-based services. ADM Hosting Managing Partner Klemens Arro helps bust some of the more common cloud myths that even you might still believe.

1. Cloud services are only meant for personal use (to back up music, photos and videos, for example) and small businesses (i.e. for e-mail) and are not suitable for larger companies.

This myth might come from the fact that most people are talking about PaaS (Platform as a Service) and SaaS (Software as a Service) cloud services like Dropbox and Google (for Photos, Drive, Gmail, Docs, etc.) or specifically targeted SaaS services that are geared towards personal use and small businesses. Actually, IaaS (Infrastructure as a Service) can offer companies such a wide array of options that any sized company can win from using them.

2. Cloud services aren’t as secure as your own server.

This fairly old myth also isn’t true. Comparing cloud services to on-premises servers, achieving a secure system using a cloud service is noticeably faster, cheaper and more realistic. First, a large cloud service provider can protect its physical infrastructure better than anyone with their own small data center can. This includes better control over access, network, reliability and staff accessibility. Very few large companies and government agencies can afford the processes and requirements implemented at AWS. Third parties are also continuously carrying out audits to ensure that all prescribed security requirements and processes are properly implemented and followed at every step.

Looking at our level of security service-by-service, cloud services have built-in encryption solutions, firewalls, DDoS protection, audits, detailed options for user rights and access management, and so on. All of these are very quickly and easily applied in a cloud-based infrastructure and some are already part of the default package. Building your in-house server requires investments in hardware, license fees and a huge amount of time, which, put together, means a pretty big economic argument for using cloud-based services. Also, often companies attempt to build on-premises servers but find out the actual time and economic cost half way through and end up cutting corners, thereby undermining the security of the whole system.

Gartner analysts have said that even when cloud services have security problems, they are caused by user ignorance and not the cloud itself. According to them, by 2022, 95% of security risks tied to cloud technology will be caused by user error. Therefore, it’s important to remember that if you decide to switch over to the cloud, it’s important to do so with an experienced partner. As Gartner stresses, IT systems managers at companies need to ask themselves: “Am I using the cloud services securely?” not “Is the cloud secure?”

3. When you choose a cloud service provider, you have to migrate all your IT over to them.

This misconception is not true in the real world. It’s quite common for large companies with a wide IT service portfolio to use all the larger cloud services at the same time in addition to their own in-house data center.

The interaction between different service providers and on-premises servers is completely specific to each case. For example, different services might be migrated or even built onto different cloud service platforms for various reasons. From there, they can interact using APIs or be so independent of each other that they don’t interact at all. Another option is placing the same application on different cloud services as well as your in-house data center, which allows you to share the load between different parties as the specifics of the solution dictate (i.e. a location-based solution). A third and very popular option is to use different cloud services as an extension of your local data center.

4. Clients don’t have an overview of where their data is located.

Actually, clients get a fairly clear overview of where their data is located and how it is moved. This is given to the level of data centers. It’s true, at the data center level, it isn’t possible to figure out which specific server holds what data. But, as a rule, the service provider doesn’t know that either. With AWS, the reason is that the AWS EBS, or virtual hard drive, doesn’t save all of one client’s info on a single physical drive.

For security reasons, data is encrypted before it is saved, then split into small pieces and spread out between different servers or hard drives. This ensures that anyone who gains access to one hard drive, even physically, won’t find any recoverable data. The locations where a client’s data is saved are decided when the cloud service architecture is created. Therefore, you can choose the data centers where you want your infrastructure built and accordingly also the services you want from the available regions.

5. Clients don’t have an overview of who has access to their data.

Actually, clients have complete and sole control over their data and access to it. Every cloud service provider has security procedures in place that clearly describe who, when and how data is accessed. If you need even better control, you can specify your needs as the architecture of your solution is put into place. For example, you can choose specific services to clearly regulate the handling of your data. You can also encrypt all the data that is stored on the cloud or moved by way of the cloud.

We also recommend that clients use different auditing and login options that give them a clear and constant overview of who has accessed what data and when.

6. Working with data on the cloud is slower than working with data on your own server.

Here, we must distinguish between connection speed and processing power.

As far as connection speed, there’s no real difference in whether the server is located in Estonia, Sweden or Ireland. With servers located in the U.S. or Japan, a slight difference becomes noticeable. If you ping servers in Estonia and Ireland, the difference in speed is about 0.2 milliseconds, or practically non-existent. Also, most cloud services can use a CDN service, which creates a buffer to the closest EDGE service (with AWS, the closest ones to Estonia are in Finland and Sweden). This, in turn, means that when someone in the region uses a website that you’ve stored on the cloud, all subsequent users can access that data from their closest EDGE service.

The same thing applies if your website is hosted in Ireland: if the buffer works globally, then someone visiting your site from Japan will access it by way of their closest EDGE service, making their download from the cloud even faster. Even though the difference is so minute when it comes to simpler websites that site visitors probably won’t even notice it unless they are located in a country with a very slow connection, the difference becomes noticeable with loading larger files, such as videos, from global sources.

Since cloud services, as a rule, are virtual environments, people have claimed that their processing power is smaller than with hardware. This is true because the virtualization layer takes up some of the processing power, but you still have to account for two factors. First, if the client is looking for bare metal processing power, then practically all cloud service providers offer special bare metal machines that don’t have a virtualization layer. Secondly, it’s been a long while since I’ve seen anyone run their data center applications on bare metal hardware. Nowadays, even bare metal hardware has a virtualization layer to simplify processing and to better utilize the hardware for multiple services.

7. Cloud technology is more expensive than owning your own server (park).

This may be the case for certain isolated cases. For example, if a company has an old computer and they run their website and FTP server on that. In that case, moving to a cloud server may, indeed, be more expensive. The same can happen with larger solutions where you may have to account for the architectural limitations of the application you are hosting or third-party licensing fees.

But, for the most part, the cloud is cheaper than having your own server (park) if you use it right. The most common mistake that we see is that people migrate to the cloud simply by transferring all data as it is and hoping that this is enough. In some cases, this may seem like a win economically and when it comes to reliability but the real benefits of using a cloud become apparent when the migration solutions are thought through for a cloud-based context (i.e. what parts can be scaled based on time or work load; which services can be switched out for cloud managed options; what services could be migrated to something more effective, etc.).

When a web application is migrated along with all its development and test servers, the company should see significant benefits just from the addition of scalability because the client only pays for how much of each service they actually use. Your own servers work constantly at the level of resources needed to handle a maximum workload.

That’s only one aspect to consider in your TCO. With your own server park, you also have to account for the depreciation of hardware, the cost of the premises, electricity, an internet connection, the duplication of all those aspects, human resources, time spent managing, growing or changing the server (park), and much more. If a potential client has a question about whether the cloud can benefit them in a specific situation, I suggest that they either do their own TCO analysis or order one to see how much they could really benefit from migrating to a cloud-based solution.

8. All cloud services are similar; the main difference is in the price.

The real world has shown that it’s actually the opposite. Different cloud services can build your architectural solution for similar prices. Since service providers are trying to lower their prices, there’s even a sort of competition between them to see who can give the lowest price. The main price difference comes more from the services offered. The more common services should be more-or-less similarly priced between different providers. The real difference comes in support services, architectural solutions, and things like that.