Harris Exits Cloud Hosting, Citing Fed Server Hugging

miller60 writes "Despite the publicity around the U.S. Government's 'Cloud First' approach to IT, many agencies are reluctant to shift mission critical assets to third-party facilities. That's the analysis from Harris Corp., which has decided to get out of the cloud hosting business and sell a data center in Virginia, just two years after it spent $200 million to build and equip it. 'It's becoming clear that customers, both government and commercial, currently have a preference for on-premise versus off-premise solutions,' said Harris' CEO."

Server Hugging

[stevegee58]

Have you hugged your server today?

Re:Server Hugging

[hodet]

By fed server hugging the first thing I thought of was the fed having easy access to my servers. That would be a real concern for me if using an American cloud hosting provider, as I am not located in the US. Do these companies have any choice but to bend over to the government when they are told?

Re:Server Hugging

[gstoddart]

That would be a real concern for me if using an American cloud hosting provider, as I am not located in the US. Do these companies have any choice but to bend over to the government when they are told?

You are correct, they have no choice.

The wording of the USA Patriot Act allows them to basically demand data from any US company (it might even be US owned). So, any data there you should consider to be essentially available to the Americans on a whim.

I've done some consulting for the Canadian government, and we legally can't store any data on any servers in the US or host certain data with US owned companies. Because, if the US authorities came in and demanded it, they'd have to hand it over and be legally bound to secrecy and not tell anybody it happened. Not a good situation for confidential government data with private information in it.

So, if you have data you don't want to be subject to US rules, the only solution is to not store it with them, and possibly not with anybody owned by a US company.

I believe the EU has encountered some situations in which companies can either be breaking the EU laws, or breaking the US laws ... it's not possible to be in compliance with both if one prevents you giving access, and the other insists they get it.

The only way to keep your data secure, is to keep it in-house.

Re:Server Hugging

[berashith]

so this is proof that the canadians are terrorists! If there is nothing to hide then why are they hiding it?

Re:Server Hugging

[Anonymous+Brave+Guy]

I believe the EU has encountered some situations in which companies can either be breaking the EU laws, or breaking the US laws ... it's not possible to be in compliance with both if one prevents you giving access, and the other insists they get it.

IIRC, one potential conflict (I know of no actual test case yet) is that EU privacy rules forbid the export of personal data to places without adequate safeguards (which includes the US), but the US has laws that any US-based business must hand over any data it has to the US government on demand under certain circumstances. If the US company operates an office within the EU, normally keeps personal data from the EU within the EU, but gets a demand for the data via its US head office, they could be in a legal grey area (or more precisely, they could be in a very black-and-white situation according to the law in both jurisdictions, but those situations would conflict).

I have to wonder how much subtle background damage US government/business culture might be doing to the US economy today. On the one hand, there is the very laissez-faire attitude to innovation, which includes an unusually tolerant approach (by global standards) to invasion of individual privacy by businesses, which leads to conflicting standards like the one we're talking about above when you start trading internationally. On the other hand, there seems to be a trend that is very much not laissez-faire recently when it comes to government intervention, and in particular government control of communications infrastructure and rights to access data, which was collected by businesses rather than the government itself, on demand in various contexts. Again, the end result is concerns about privacy and even industrial espionage.

Perhaps in the US culture this is supposed to be dealt with by the courts. If an organisation has the resources to bring a successful lawsuit, it can actually reshape the law in the US. (This is very different to the situation in various other jurisdictions, where case law can set precedents for interpreting statutes but can never override them.)

However, the result of that culture is that you have an economy where businesses operate relatively unrestricted yet always under the shadow of government intervention, and where lawsuits are thrown around as commercial weapons as just "a cost of doing business". Obviously having a legal system is not unique to the US, but it does seem to favour a very litigious approach where the ground rules are vague if there are any at all, and that uncertainty always carries a cost.

For example, I have a company in the UK that does IT contract work, and we carry a professional indemnity insurance policy. The terms of that policy specifically exclude any work done in the US (or Canada, curiously) from the cover. That's a pretty clear suggestion that the insurance underwriters consider the risk of being involved in an expensive lawsuit in the US or Canada so high that they would rather lose the custom of any business that works there. That in turn is a strong disincentive for my company (and the many others who belong to the same professional bodies as we do and who take out the same associated insurance policies) to do business with anyone in the US or Canada. I don't know whether that pattern is repeated elsewhere in Europe or around the world, but given that the insurers are basically interested in the money, it seems likely. If so, that's a serious impediment to international trade for business in the US, and maybe we're starting to see the results with stories like the one we're discussing in this thread.

sorry, but nothing changed

[Nyder]

No one wanted cloud storage, but some businesses.

The only thing worse then saying something bad happened and all our data is gone, is saying, the cloud disappeared and all our data is gone.

Re:sorry, but nothing changed

[MightyMartian]

For some of us it's the simple reality that our data is out of our hands. Yes, we can encrypt, and that offers some security, but you're still left with the fact that you're going to need some sort of third site backup to truly make sure your data can survive a catastrophe (including the cloud provider being raided, its/your servers ending up in an evidence room for an indeterminate amount of time) that could destroy or make inaccessible critical business data.

I think there's a place for it, but in the type of business I'm in, where contractual and legislative obligations on securing of confidential data is quite stringent, the cloud just doesn't offer what we want. Data out of our custody is data out of our control.

Re:sorry, but nothing changed

[ColdWetDog]

Don't worry, they're still gunning for your business:

Harris will instead focus on providing secure networks and cloud solutions for customers on their own premises.

'cloud solutions for customers on their own premises'

You keep using that word. I don't think it means what you think it means....

Re:sorry, but nothing changed

[vlm]

Data out of our custody is data out of our control.

Oldest story in the endless repetition of the IT world. Reliability. Lets say you're a midlevel manager in charge of providing email service to the biz.

1) Hire a low level sysadmin to run a server in the basement, he knows he's fired if the server isn't up 100% of the time, if he doesn't respond to your slightest whim at 2am every morning, or instantly correctly answer the dumbest question. Paying a server jockey $60K/yr just to run email, makes sense if reliable email brings in $3M/yr of revenue in your biz and unreliable email brings in $0M/yr. This option gets you a promotion because you did so well.

2) Or cloud it for $50/month, and the boss selected the provider for you on the basis of how good the season tickets were and/or how hot the saleswoman is. The provider knows they have a bullet proof legal contract that makes them responsible for pretty much nothing, and if you leave the provider doesn't care because each customer is only about 0.01% of their total revenue anyway. If its not working as you prefer, you have no leverage over the provider unless you are one of their top 10 customers (if you have to ask, you're not), what are you going to do, make your boss look bad for selecting the wrong provider for you, or cancel a multi-year contract resulting in days to weeks of downtime and involving legal. This option simply gets you fired.

Last cycle of the eternal IT wheel I was a very small cog in a very large machine at a provider fitting option 2 and I know some customers got fired for buying email service from my ex employer, always awkward to call a customer about an old trouble ticket and be told they got fired because of your service (whoops). Clouding your web server today is no different than clouding your email IMAP and POP server a decade ago. Dumb career ending move for management unless you're in such a ridiculous special case that they may as well write a book just about you.

Re:sorry, but nothing changed

[tqk]

The only thing worse [than] saying something bad happened and all our data is gone, is saying, the cloud disappeared and all our data is gone.

Actually, this story sounds a lot like the last high-tech startup I worked with. These guys (Harris) listened to the buzz, drank the koolaid, blew $200m on a data centre/center, yet put no further effort into thinking about how to do it in a way that it would be salable. "But, but, it's the cloud!", expecting the buzz words to do all the work for them. In the case of my HT startup, "Are you wanting to track people or materiel? Do you want to track incoming and outgoing, or location on site if on site?" "Uh, yeah!" They had an idea, but no plan as to what they wanted to do with it.

Secondly, gov't moves slooooooowly. They should have predicted they'd be in for the long haul if they expected this to work for them. Instead, they're quick buck artists, expecting buzz words to do all the hard work. I'm not a bit surprised they're now running away screaming "lalalalala."

"Cyber Integrated Solutions"! Jeebus!

As this market evolves, it's also becoming clearer that customers don't place additional value on trust and are unwilling to move the most mission critical applications to the cloud before less sensitive applications are thoroughly tested and vetted in a cloud environment, Brown added.

Well, WTF? and duh! Who hired these fools, and have they had any experience with large scale IT deployment?

Or, maybe those guys down the road who were doing it right just showed potential customers what doofuses these guys were.

Re:sorry, but nothing changed

[TheRaven64]

Except that's not how it works. If you host the data on site and there is any down time, then you lose your bonus because your department failed to meet targets. You are also seen as a cost centre. On the other hand, you pay that $50/month and you can show the savings for the the $60K/year salary and get a big bonus. Now the down time is someone else's fault, so it doesn't affect you. The fact that the contract doesn't let you charge the outsourced company is legal's fault, not yours, so you keep the bonus. At the end of the year, you put 'saved current employer $100K/year in overheads' on your CV and move onto the next company. Sure, you may have cost the company $3M in lost business, but that's not in your department's accounting...

Re:sorry, but nothing changed

[TooMuchToDo]

So the only option is to virtualize off-site? You still get huge cost savings from doing virtualization in-house, its just not as profitable (with recurring revenue) to a third-party service provider.

Also, I want to stab people who use the marketing term "the cloud". It's not dark magic. Its virtualized, resilient resources.

Re:sorry, but nothing changed

[dkf]

'cloud solutions for customers on their own premises'

You keep using that word. I don't think it means what you think it means....

An awful lot of larger businesses are internally structured as a group of smaller businesses, with "contracts" between business units. (Yes, they're not formally contracts, but the main difference on a practical level is that it is the CEO of the overall company who is the ultimate decider of last resort, not the law.) Within such a setting, an "internal" cloud can still make a lot of sense and the technologies used to implement a cloud are highly relevant in any case. It's very common to have needs that are well met by a virtualized server slice or a segregated piece of diskstore.

That said, Sturgeon's Law applies thoroughly to the cloud, and the 90% includes all the marketing and corporate statements.

Shocking

Because I really was looking forward to putting all my mission critical inhouse infrastructure into someone elses control.

Re:Shocking

[ackthpt]

Because I really was looking forward to putting all my mission critical inhouse infrastructure into someone elses control.

Welllll... there's always Wikileaks.

They seem capable of weathering the worst the world can throw at them.

They did not target startups and small business

[dstates]

Everyone wants to keep their data close to their chest, but only the Feds and Fortune 500 companies have the resources to actually do it. For a startup or small business, cloud services are a god send. Compared to the costs of building a data center and staffing an IT department, a good cloud provider gets you up instantly and expands seamlessly. Harris targeted the wrong audience and/or they could not compete with Amazon.

Re:They did not target startups and small business

[alphatel]

Harris targeted the wrong audience and/or they could not compete with Amazon.

You've nailed the main talking point. Cloud was where you went as an enterprise to get your data stored globally with access from anywhere. But as the internet has evolved, attacks on hosted solutions, both illegal (anonymous) and legal (feds, riaa, etc), have made jurisdiction and prudence competing factors.

If you're a startup you have none of these concerns - you're probably happy if you can find enough money to buy your best client lunch. Once you evolve from the penniless framework you, like every other growth business, will reinvest into locally stored/colocated data inside your infrastructure and outside prying fingers.

The Frog and the Scorpion

[Gothmolly]

So this company, likely founded by someone with a buddy in governement, built a new DC that was supposed to get filled by governement servers, and now because the wind shifted they're caught with their pants down?

Zero sympathy. You tried to cash in on a buzzword, and worse, you hooked your wagon up to the governement. Try a real business model next time.

Re:Unless you are very, very careful

[mounthood]

"Cloud" is today's "Snake oil"

No, SEO (Search Engine Optimisation) is todays snake oil. "Cloud" is just an amalgamation of business models that haven't been sorted out yet.

Re:I am surprised and not surprised

[vlm]

And you want me to sign something that says you're not responsible if something happens?!

That's the key to how cloud was mismanaged by the cloud providers:

Cloud = no responsibility at all and you're in a long term contractual relationship you cannot escape from and due to downsizing you don't have the technical skills to dig yourself out of the hole without $200/hr consultants.

Inhouse = 100% total instant personal responsibility or you get fired and replaced next week by another H1B or another recent grad noob who CAN do it.

Cloud wanted the long term cell phone contract business model. Business wanted the customer of commodity gas station model. Cloud got flushed. Oh well.

Another way to put it is businesses don't like employees who moonlight simply because they can't be stressed out as much as employees who only get one paycheck... and cloud is an outsourced employee with thousands of paychecks who simply doesn't care if you fire him. Thats not conducive to the kind of abusive relationship management desires...

Rememeber ASP's back in the 1990's?

[alen]

Application Service Providers? those guys running Windows NT 4 Terminal Services edition where you had virtual desktops to run MS Office over the slow ass internet of the time? those same guys that failed and their EMC SAN's were on Ebay for 1/5 the new cost?

Same with cloud services

they are only worth it if you're a small start up or mom and pop. if you're a fortune 1000 or someone else with a data center built then why wipe out the investment you already made?

if you're a big company price out how much amazon costs. by the time you pay for the super servers, all the data and backups it's a lot more than buying yourself.

The Story Is Obviously "Paid For" Damage Control

[theshowmecanuck]

This guy is trying to protect his company and himself from investors who should rightly be judging them as less than competent, seeing as how they are supposed to be good judges of the worth of technological innovation. Gee, who would have thought that businesses DON"T trust 'the cloud' for data integrity and security? I like (sarcasm) this bunch of bullshit:

"As this market evolves, it's also becoming clearer that customers don't place additional value on trust and are unwilling to move the most mission-critical applications to the cloud before less-sensitive applications are thoroughly tested and vetted in a cloud environment," Brown added.

Bull shit has been called on the highest order, since he counters his own statement, calling himself a liar before the sentence is even finished. And then there is this:

"But it's becoming clear that customers, both government and commercial, currently have a preference for on-premise versus off-premise solutions."

And the final nail in the "This press release is to cover our asses and hopefully prevent me from losing my job like I should" horseshit parade:

Harris will instead focus on providing secure networks and cloud solutions for customers on their own premises. "These actions allow us to refocus our capital and efforts on the secure, cost-effective communications and IT solutions that our customers are demanding," said Brown.

Cloud solutions on their own premises. Riiiiight. Kind of like an "anti-cloud cloud," is that it? Yeah, that's the ticket. The next buzzword: The Anti-Cloud Cloud. This Brown guy sounds like all 'big thinkers' who don't have time for details: the old boys club who just happen to network really well. Heaven forbid they actually have to understand the core concepts around their business and what their potential customers actually need in order to make decisions. Instead he seems to be focusing on what he can sell them. Fire this buzzword-happy dipshit's ass and let him go back to the used car lot. Sigh... and even if they do, he'll still get a settlement package orders of magnitude more than what most people will earn in their lifetimes. Too bad there isn't a way to do more to offset that kind of crap too.

Re:The Story Is Obviously "Paid For" Damage Contro

[purplebear]

Just as an FYI, Brown is new to Harris. The former CEO left shortly after the data center was functional. He actually went out on top of bringing Harris up to a $6B+ company.
Not defending anyone here, just giving some information. Brown could not possibly be responsible for this blunder.

With that said, I thought the idea was a little crazy to begin with when Harris wouldn't even put less critical data into a 3rd party providers hands, even with sensitivity guarantees. So, why would their government services division think the government would do it with more critical data?

Re:Unless you are very, very careful

[Swanktastic]

Cloud means outsourcing and not much else. Departments don't choose to outsource themselves, so it's not terribly surprising that this isn't happening quickly.

Re:The Story Is Obviously "Paid For" Damage Contro

[theshowmecanuck]

Now that I think of it.... fuck Brown.... he is the one lying about shit and playing spin doctor. I have to learn not to be so nice. :p