Culture / Development

Should You Really Be so Worried about Cloud Lock-In?

12 Aug 2020 10:15am, by

Let’s start with the spoiler: Concern about cloud lock-in is probably overblown and likely counterproductive. Multicloud is a major buzzword at the moment. Many platforms and tools explicitly sell customers on the fact that they’ll help them avoid lock-in.

So where does this obsession with avoiding lock-in come from? How rational is it? What does it even mean — does an organization need the ability to instantly, seamlessly flip a switch and move from AWS to Azure to be truly multicloud? Or is the ability to move to a different cloud in two months good enough?

The Origins of the Lock-in Phobia

According to Donnie Berkholz, executive in residence at Scale Venture Partners, the desire to avoid lock-in is an entirely understandable reaction not to how things actually work with the cloud providers, but to the type of lock-in big enterprises experienced with data center vendors. They would be stuck with a vendor and not really understand the licensing, then have the vendor do an audit and find a license violation. Next thing you know, the enterprise is writing a check for millions of dollars. “Everyone has seen what lock-in does to you on-premises,” he said. “Will lock-in in the public cloud be the same thing?”

The answer, he says, is no. In the public cloud, users are already being metered and charged for actual usage, so there’s no risk of being “discovered” doing something wrong and suddenly owing millions of dollars. Nonetheless, it’s easy to see why someone who has been through multiple data center vendor audits would go to great lengths to avoid the same kind of lock-in in the cloud.

“How much engineering time and trade-offs have you committed to get to the point of having that flexibility? It’s probably way more than you’re saving in every case.” — Corey Quinn

Indeed, one of the core arguments for avoiding lock-in is to have leverage against the cloud providers. On both an individual and organizational level, no one wants to feel totally at the mercy of their vendor — which is exactly how most enterprises felt about their data center vendors. But what do cloud negotiations look like? “At scale, everything becomes negotiable,” explained Corey Quinn, cloud economist at The Duckbill Group. But there are also limits to both how much negotiation is likely to reduce costs as well as the utility of an adversarial negotiation stance. “Let’s pretend you are the best negotiator in the world, you can flip a switch and go somewhere else, and you absolutely beat them up. You’re talking pie in the sky, maybe a 5% a year savings.”

And therein lies the core problem with lock-in phobia. As Quinn said, “How much engineering time and trade-offs have you committed to get to the point of having that flexibility? It’s probably way more than you’re saving in every case.”

But What if I Want to do Business with Walmart?

This is not to say that there aren’t some legitimate business reasons to adopt a multicloud strategy — though it should also be clear that just because an organization uses multiple clouds does not mean it can move seamlessly between the two.

One concern is around regulatory compliance and data privacy. “I think there’s a lot of concerns around, how do I get my data out if there’s a price change, or if there’s a security event that makes Amazon, or Google or Microsoft no longer attractive to our customers,” explained Justin Brodley, vice president of cloud operations at Ellie Mae. “Having a contingency plan makes sense.”

There’s also the Walmart example. “If you’re a SaaS vendor, your ability to sell to some enterprises is limited if you’re only on a single cloud,” Brodley said. Some enterprises don’t want to support Amazon Web Services (AWS), others don’t want to support Microsoft. You might want to sell to both types of enterprises.

“That’s a very valid business reason to wind up building at least a subset of what you’re doing on a second provider,” Quinn said. Even that, though, can be taken to extremes — it’s better to worry about that possibility when you’re actually talking to a potential customer with those requirements rather than spending loads of engineering time to ensure it’s possible before you have a single customer.

Shining Light on the Hidden Costs

For most organizations, the fear of cloud provider lock-in comes down to costs. Organizations spend a lot of money in the cloud, and their experience with data center vendors has led them to be wary of infrastructure providers. The problem, though, is that avoiding lock-in is not free — but the true costs of doing so often don’t make it into financial calculations.

First, there’s the staffing costs. “Very few companies spend more on their AWS bill than they do on payroll,” Quinn said. “People’s time is the most constrained and expensive asset companies have. Do you want them maintaining a database or fixing whatever business problem your company solves?”

“The question is, what is the risk you’re trying to hedge for by creating a ton of extra cost and losing a lot of capability because you’re not using the native function?”– Donnie Berkholz

Second, one of the primary advantages of moving to the cloud is around time-to-market. But most companies fail to assign a dollar value to getting a new application out in one month versus six months. “When you’re trying to execute on an opportunity in the market, that opportunity has a finite window on it,” Berkholz said.

“This is part of a larger problem of people misconstruing cloud as a cost story,” Quinn said. “It’s not. It’s about improving feature velocity, it’s about speeding time to market.”

So Building Cloud-Agnostic Is a Waste of Time?

According to Berkholz, the number of companies who are truly cloud agnostic is actually quite small — because it’s hard and expensive. “The question is, what is the risk you’re trying to hedge for by creating a ton of extra cost and losing a lot of capability because you’re not using the native function?” he said.

Brodley agrees that that’s exactly what happens when you build truly cloud-agnostic applications. As always, though, sometimes the extra cost is worth it. “The ones that have done it right have done it for the right reasons,” he said. “Those companies have taken the time to think through what their customers need. They really spent a lot of time thinking through the value proposition versus just saying, ‘we’re gonna be cloud-agnostic because that’s the cool thing that all the CTOs are doing, and I’m afraid of costs.’”

So what about those costs fears? Just how irrational are they?

“To date, it’s never happened that a cloud provider has increased prices,” Brodely said. “It’s the big fear that they’re all going to get massive market adoption and then increase prices. It could happen, but I think it’s a relatively low risk based on current track records.”

Amazon Web Services is a sponsor of The New Stack.

Feature image from ErikaWittlieb de Pixabay.

A newsletter digest of the week’s most important stories & analyses.