Don’t get caught in vendor lock-in IT provider trap
If you’ve ever tried to change your bank or home internet provider, you will understand the concept of vendor lock-in.
Making it difficult for customers to move is part of the customer retention strategy for many businesses. At a personal level it’s a minor hassle that we all have to deal with – but in the context of your business IT strategy the consequences are much more serious.
The cost of convenience
Global giants such as Amazon Web Services (AWS), Microsoft Azure and Google Cloud (referred to as ‘hyperscalers’ in industry jargon) are essentially selling convenience, and pitching their solutions as the ‘go to’ option because they have millions of customers. In a nutshell the sales pitch is tick the box, sign the contract and just keep adding products and services as and when you need them to support. No one ever got fired for choosing Amazon or Google, so what could go wrong? Well, quite a lot actually!
For many customers, the convenience that hyperscalers offer is worth paying for – but some businesses don’t realise the true cost and consequences until long after contracts have been signed. This is why more and more businesses owners and managers of startups and SMEs are looking instead at open source solutions, which is our recommended option.
There’s a shift amongst some big businesses too. Dropbox is reported to have saved $75million over two years by building its own tech infrastructure; Snap Inc (the company behind Snapchat) is believed to be moving away from reliance on Google Cloud; and the business behind project management platform Basecamp announced last year that it was changing its IT strategy due to AWS price hikes.
It’s worth noting that using a US based hyperscaler means being aligned to US government policy due to the Clarifying Lawful Overseas Use of Data (CLOUD) Act. This allows law enforcement agencies to access data stored by US-based companies, even if that data is hosted outside the United States. For customers in the Isle of Man, UK and EU this raises serious concerns about data sovereignty, privacy and compliance risks. A major risk is that it can put customers in conflict with local regulators or violate data residency requirements, especially in countries with strict data protection regulations. Choosing a cloud provider that offers clarity on data sovereignty and compliance, or even considering non-US-based providers, can help mitigate some of these risks. Last, but not least, there’s also the question of technical support which can be difficult and expensive to access from hyperscalers, particularly as support requirements grow.
Always read the small print!
Here are the key points to consider before you sign on the dotted line with a hyperscaler.
• Software and technical debt
Hyperscalers provide software that developers use to optimise applications for specific cloud services. If your business relies on applications that are tightly integrated with this software it can require substantial redevelopment if you later choose to move to a different cloud environment.
• Low-cost software bundles
A common sales pitch involves offering low-cost software bundles with cloud services. A great offer at first glance, but no so good when these become essential to your business and fees go up at short notice.
• Data gravity
The greater the mass of data you have which is held with a hyperscaler, the more difficult it is to move – both in terms of the logistical challenges of migrating data to another hosting provider and the financial cost.
• Geolocation & data sovereignty
Many hyperscalers don’t offer clear guarantees regarding where data will be physically stored. Not being able to guarantee which data centre or even in which country data will be stored creates major compliance and regulatory problems where such guarantees are essential. It’s not just businesses that face this challenge, governments do too. Earlier this year Microsoft revealed that it cannot guarantee that UK policing data will be hosted within the UK.
• Proprietary tooling & ecosystem lock-in
Many cloud platforms offer exclusive tools that simplify operational tasks. Again, the problem here is that these are deeply integrated into the platform’s ecosystem which means it becomes very costly and time consuming to rewrite applications which work on a different provider’s platform.
• Contractual & SLA constraints
Long contracts with big financial penalties for early termination are the biggest vendor lock-in challenges for many businesses. Service Level Agreements also limit the customer’s ability to dispute bills or claim compensation for service interruptions.
• Loss of negotiating power
The more reliant a business becomes on the hyperscaler’s products, services and infrastructure, the more their negotiating power decreases.
• Limited multi-cloud options
A multi-cloud strategy can mitigate some of the risks caused by vendor lock-in, but it can also create new problems because it introduces complexity.
The Domicilium open source software solution
We use open source technologies as a key strategy to avoid vendor lock-in because it offers more flexibility, freedom and control. Open source solutions offers many more advantages too, but here are the top 4 in the context of vendor lock-in issues.
- Interoperability: Open source generally works across different platforms
- It’s cost-effective & there’s more certainty about future costs
- Global community support: The global open source community enables efficient development via peer-reviewed code which constantly improves security, scalability & functionality
- Security & transparency: Unlike hyperscaler solutions, open source software offers transparency regarding the code it uses. This plays a key role in optimising security
Summing up
Our advice for any business is to always weigh the pros and cons and consider the open source option. For business start-ups we can help you to avoid the risks of vendor lock-in from day one – and if your business has already signed up with a hyperscaler and is having second thoughts, we have lots of experience helping clients in that scenario too.
