What do you think of when you hear the word “fake?” For many people, fake is a negative term and often evokes an emotional reaction. But not all things “fake” are bad, and some things considered fake are good and can be quite beneficial:
- Fake news can be used to deceive and manipulate people’s perceptions of real facts, events, and statements.
- Fake science or pseudoscience makes claims that have little basis in evidence, often for a specific agenda.
- Fake images can be Adobe Photoshop works of art, or they can be manipulated to change context or perpetuate a hoax.
- Fake or costume jewelry is used by people who like bling at affordable prices.
- Fake or artificial hips enable people with a disability to walk
But in the world of IT Operations, where buzzwords and acronyms are used to market the latest trends or cool new shiny technologies, there is often quite a blur between what is real and what is fake. And nothing exemplifies this more than the obscured fog of “fake cloud.”
What is “fake cloud” and why should you care?
5 Essential Characteristics of Native Cloud
Before we identify fake cloud, it might be helpful to define cloud-native or “real” cloud computing. I always like to leverage the definition from authoritative sources.
- Gartner defines cloud computing as “a style of computing in which scalable and elastic IT-enabled capabilities are delivered as a service using internet technologies.”
- Forrester calls cloud computing “a standardized technology delivery capability (services, software, or infrastructure) delivered via internet-standard technologies in a pay-per-use, self-service way.
These definitions are good, but they do not go far enough. There are many “fake cloud” applications that are delivered over the internet. What other authoritative defining characteristics exist to help separate the real from the fake?
We can look to the National Institute of Standards and Technology (NIST) who identified the five essential characteristics of cloud computing:
- On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
- Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
- Resource pooling. The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, and network bandwidth.
- Rapid elasticity. Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
- Measured service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service.
So in short, cloud-native is an on-demand, elastic, multi-tenant service, accessible anywhere from any device, and with usage that is measured and monitored.
The Warning Signs of Fake Cloud
Now that we know what real native cloud computing is, it is easier to look at the characteristics of “fake cloud.” If you are an IT Operations practitioner, here are some warning signs of what could be fake cloud:
- Software installation is a lengthy and complex process.
- You need to configure your network to enable the “cloud” application.
- You need developer level resources to make the tool fit your use case.
- Your application has a subscription licensing model but is still installed locally.
- Your cloud application is delivered via your own hosted version that is different than other customer’s instances.
- Upgrades and enhancements need to be scheduled.
- You need technical expertise or professional services to increase capacity or deploy new capabilities.
- There is no inherent method to calculate individual usage of the application.
For a real life example of what some may consider a “fake cloud” service, there is the case of a leading operations management software vendor. This company claimed that their solution was 100% cloud. In reality, every customer had their own hosted instance of the “cloud” software. Since this vendor’s solution is highly customizable, many customers took advantage of optimizing the code to their specific requirements. This resulted in countless “versions” of the software that could lead to support challenges.
There is a significant point to be made. “Fake cloud” is not necessarily bad, expensive, difficult to manage, or hard to upgrade. But understanding the differences between “cloud-native,” and what can be considered “fake cloud, ” is important.
Choosing Your Cloud Solution
IT vendors typically market their products by leveraging whatever the latest tech lingo is currently in vogue. Who can recall when “lean IT,” “DevOps,” “agile,” “big data,” and “smart <anything>” was used to describe a product or service? Cloud computing is different in that it has quickly become a ubiquitous way to deliver infrastructure, platforms, and software. How common is cloud? Last year, O'Reilly Media published the study “Cloud Adoption in 2020.” It reported that more than 88% percent of respondents used cloud in one form or another.
And research and analyst firms publish all sorts of tech trends each year that help fuel the marketing hype. For an example, check out the blog “Gartner’s 2021 Top Technology Trends and Their Implications to IT Operations.”
So cloud is no longer a trend, nor a buzzword. It is the current standardized delivery mechanism for technology and software. But many technology vendors will embrace “cloud” as marketing terminology, and their product may not necessarily be “cloud-native” as defined above. As stated in the beginning, not all things fake are bad, and “fake cloud” is not inherently a bad thing. But as an IT Operations professional, you should be aware of what is “cloud-native” or “real cloud so you can make better and more informed technology, resources, and business decisions.
Learn more about the Automox cloud-native endpoint management solution to better understand what a “real cloud” solution can provide. Discover us at automox.com or feel free to sign up for a demo to realize the true value that a cloud-native solution can bring to your IT Operations organization.
About Automox Automated Patch Management
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, macOS, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.