Cloud computing. Cloud-native computing. Software-as-a-service. They're all secure and reliable. Except when they're not.
Recently, we've seen Microsoft Azure suffer an extended outage and we've seen Docker Hub get hacked. (Docker also has a new CEO.) Gartner published a report (subscription required) on how enterprises should think about adopting SaaS applications, in the context of data backup (or lack thereof). You can get details and context on all of these things by reading the links.
If we hop in our wayback machines and travel just a few years, we'll also re-encounter AWS outages that seem to have brought down the internet; Slack outages that might or might not have halted productivity within thousands of companies; and any number of SaaS startups shutting down, getting hacked or just plain losing data. It's enough to make someone think twice about getting rid of their server closets and packaged software.
But, of course, clinging to the past would be crazy for any company that actually wants to remain competitive by using and building cutting-edge applications. For all but a small handful of companies (some of which actually run public clouds), there is no realistic vision of a successful future that doesn't involve some combination of clouds, containers and SaaS-probably all three. The trick is adopting these things intelligently and accounting for the very real possibility that something will, at some point, go wrong.
What the best solutions look like might vary widely based on the company, although it seems logical to settle for nothing less than cloud-native best practices around high availability and automated security patching. That probably means building resilience into the compute, storage and networking tiers, designing apps that tolerate component failure, and, yes, sometimes using multi-cloud platforms.
And while container security is a newer concern than, say, VM security, there actually are a lot of tools-from startups, large IT vendors and even open source communities-that can provide peace of mind. A SaaS application that doesn't let you export your data is probably not a SaaS application worth using (good news: there's no shortage of SaaS applications).
What we can't do is let fear and uncertainty get in the way of progress, which is what cloud computing, however defined and in all its forms, ultimately delivers. Getting things like security and reliability right might require spending a little more time and money on software, engineers, and maybe even lawyers, but the payoff over the long term should make up for any early investments many times over. Assuming that settling for the status quo isn't a viable option, thinking ahead is a much better option than rushing into the cloud and ending up on the receiving end of an outage, breach or other large-scale incident that could have been avoided with just a little forethought.