Sure to gore some oxen: Not everyone's sold on Azure

[Sky-Knight]

All of my junk in the cloud means I get to run what's left of my MSP in my spare moments between working my full time job.

It also means all my data is safe is my house burns down. Paying for two separate NAS's, and deploying a climate controlled container to mirror into in my detached garage to achieve the same goals is simply never going to be less expensive than paying the $500 a year I pay for my Action Pack. I could spend half of that and keep doing it too, I just get more toys to experiment with this way.

Not to mention having the software to automatically backup all the phones in this house to the same place?

Yes I still have my plex server local, and it will remain so. I have a hypervisor here and a ton of other rather expensive things. But the primary driver is basic M365 services. And if the law came beating on my door, I'm not resisting them any more here than I would in the cloud, so I find your arguments regarding the law enforcement angle exhausting. Microsoft's got the best lawyers on the planet except for perhaps Disney. If they can't win, I won't either.... and such things are a lost cause for many other reasons beyond the scope of this conversation.

 

[britechguy]

A picture, or a document, doesn't matter...it's a file. It's the concept I'm talking about. Doesn't matter if it's a tax return from 2018, or a pornographic picture of a hot red head, or a spreadsheet of money owed from customers on my paper route, or a schematic diagram to help me disassemble a transmission. It's a file....conveniently accessed by a device in my hand via a cloud service linking that device to storage "in the cloud".

And most of those things are not "my" files, in any meaningful sense. Nor, in all probability, are they anything but a select few among the files of all the "mes" behind them.

That's the point you seem to be missing, and intentionally.

No one's saying that there is no place for cloud storage, far from it. But it's a techology that has a place, and that place should never be considered to be "for everything and anything that every person or entity stores."

Stuff in the cloud currently is curated, and is likely to remain so. And that's because that's what makes the most sense.

 

[phaZed]

"Why do you need all of your personal data stored in the cloud"...those were your own words back a few replies. You generalized the convenience in broad strokes..."cloud service".

No, that was a specific question directed at @Sky-Knight, not a statement. Did I generalize in broad strokes? You will need to point that out, I feel I've been fairly clear. Because the OP was "Not everyone's sold on Azure" - I'm talking more or less specifically about Azure, as seen throughout the entire post, but the problems and concerns (gripes) I am trying to convey relate to many company/corporate controlled "Cloud Services", and are not specific to Microsoft or Azure.

Because, you simply replied "<anti> stored in the cloud".

I don't think I did, did I?:

To each their own. I'm not saying it's a bad solution to go fully cloud for many people/businesses...

Cloud works for some, but not all. Your data is questionably secure in the cloud. Those are my only points.

All that being said, I own half a dozen VPS's from Amazon, OVH, DigitalOcean and a2Hosting - all dedicated to certain things that need to be off my network or provide services to clients or otherwise. I'm starting a Website Hosting Service

I think it really depends on what you're doing, and what your needs are.

I deal with the cloud services ad infinitum for clients - and I recommend cloud services to them constantly. I see the benefit for them, but I rather not for myself.

Again, you'll need to point that out to me.

A picture, or a document, doesn't matter...it's a file. It's the concept I'm talking about. Doesn't matter if it's a tax return from 2018, or a pornographic picture of a hot red head, or a spreadsheet of money owed from customers on my paper route, or a schematic diagram to help me disassemble a transmission. It's a file....conveniently accessed by a device in my hand via a cloud service linking that device to storage "in the cloud".

May I ask, what do you think is unique or special about "The Cloud" vs. "Servers on the internet" as it pertains to services? Which services are unavailable on one vs. other?

I'm curious how you would approach things that I described..without some "cloud service". Two cups and a string in between?

A server? You really didn't "define" anything "you described". C'mon man. Gee wiz, how did the world ever communicate in 2005 without "The Cloud"! Must have been a cups and strings!

It's a file....conveniently accessed by a device in my hand via a cloud service linking that device to storage "in the cloud".

So, the action of accessing "data" from afar? You can't think of any other way that could happen other than using Google Drive, Azure, etc? Gee wiz.

Everyone acts like The Cloud is something special or unrivaled or incomparable to a "Server at your house". It isn't. Sure, there can be benefits, but there can also be detriments. That's all I'm saying here.

Who Coined 'Cloud Computing'?

Now that every technology company in America seems to be selling cloud computing, we decided to find out where it all began.

www.technologyreview.com

Some accounts trace the birth of the term to 2006, when large companies such as Google and Amazon began using “cloud computing” to describe the new paradigm in which people are increasingly accessing software, computer power, and files over the Web instead of on their desktops.

WHOOPTY DOO!

 

[phaZed]

It also means all my data is safe is my house burns down. Paying for two separate NAS's, and deploying a climate controlled container to mirror into in my detached garage to achieve the same goals is simply never going to be less expensive than paying the $500 a year I pay for my Action Pack. I could spend half of that and keep doing it too, I just get more toys to experiment with this way.

A Valid point for burning down. I don't understand why you're so obtuse to what a "server" is or can be. Do you have a desktop? Do you need to put your desktop in a climate controlled room? No, no you don't.
Are people building a climate controlled room in their garage for their dinky 5-Bay Synology NAS? No, of course not. That's a server, too, you know?
What type of server resources are you demanding that require such cooling, that is so cheap on a Cloud Service? Just doesn't make sense to me. It sounds like you're saying you basically store files... so why would you need a HPC?
Just because "datacenters exist" and you're using one - doesn't mean that you, as an individual would need the same thing, to accomplish the same thing. If you were Azure's only customer, do you think they would have a 100-Acre Server farm? No, of course not. When you host at your house, you're only hosting for yourself (generally) - and not for Millions of people.

Not to mention having the software to automatically backup all the phones in this house to the same place?

There are no less than 3 dozen "Apps" on Unraid that do that, too... or Synology, etc, etc. Again, that functionality wasn't born of, nor exclusive to, "The Cloud" as a paid third-party service - it was here already.

And if the law came beating on my door, I'm not resisting them any more here than I would in the cloud, so I find your arguments regarding the law enforcement angle exhausting. Microsoft's got the best lawyers on the planet except for perhaps Disney. If they can't win, I won't either.... and such things are a lost cause for many other reasons beyond the scope of this conversation.

You miss the point entirely. If they come knocking at my door, I won't need to resist them because they won't have anything of which to knock for, because I never gave them the chance to gather evidence of which to come-a-knocking. Good luck getting into my encryption - and good luck getting me to divulge the keys. No lawyers needed. No winning, no losing.. just off the radar. It's not really a lost cause - it's an increasing occurrence of people being caught for "whatever" (or even being wrongly accused or convicted; CSAM, but really own Children's pics) because their Cloud Services are being exposed to law enforcement. These things are happening. You can choose to react to it or not, matters not to me!

CLOUD Act – law enforcement access to cloud data

In March we reported on the issue regarding the ability of United States (US) law enforcement to access your cloud-based data, regardless of the country in which it is stored. That issue was to be considered by the US Supreme Court in Microsoft vs the United States of America.

www.buddlefindlay.com

Digital Dragnets: Examining the Government’s Access to Your Personal Data

Caitlin Chin, Fellow with the Strategic Technologies Program, provided a written statement for a House Judiciary Committee hearing on the U.S. government’s access to personal data.

www.csis.org

A Guide to What We Now Know About the NSA's Dragnet Searches of Your Communications | ACLU

www.aclu.org

 

[Sky-Knight]

@phaZed

You just told a guy that lives in desert, that gets well above electronic operating temperatures in the SPRING he doesn't need cooling.

And if you lock your junk into a cabinet, that cannot breathe, in the Summer... you too will have that issue too. Yes, machines need cooling, this includes my desktop. You need a ton less than I do, but they do need cooled. They need space to operate. All these things are part of the cost! And yes all of this combined for a single storage solution is vastly less expensive than anything Azure. But again Azure isn't for single things, it's for resilient things. Azure doesn't have the "one server" option, and it never will, that's not its purpose.

You'll also find that Microsoft defends its paying customers very differently than its freebie customers. Home users vs Business users... very different worlds. And yes, once again, there are ways on the business side to encrypt your data such that Microsoft cannot grep it. You think you cannot, but you can.

The 3rd party apps you mention aren't worth using because they are riddled with security concerns well in excess of the properly maintained services you claim are less secure. Furthermore, the applications in question while they can provide offsite protection they do so either by putting my files in the cloud, or by moving them to another device I own operating somewhere else. Most of them also have further concerns of restore time. SharePoint has my files, if my house burns down all I have to do is turn on my brand new laptop and POOF there they all are. One could consider this to be the realm of opinion though, so I'm not going to harp on this too much other than to say I don't agree with your assessment, we see a very different world.

Finally, you're relying on security through obscurity to keep the overly aggressive tyrant lawman from breaking down your door. Two things about that...

1.) Security through obscurity isn't security, in fact it's been proven time and time again to not work.
2.) Security through obscurity should it work, relies on vanishing within the crowd. The crowd isn't using on premise services anymore, and therefore you're standing out. Which only furthers the concept of Security through obscurity not working.

You can continue to post random BS articles that aren't talking about the thing you think they are. (The US government has authorization to review all communications that cross our national borders by the way. That's rather their job...) And you can continue to argue with someone you obviously see as a random stranger on the Internet.

The problem is the random stranger you're arguing with is up to his eyeballs in CISSP training materials as he chases that new certificate. And if you go lookup what that certificate entails... you'll find it quite relevant to the conversation at hand. Heck, I'd encourage you to chase one for yourself! It's quite valuable to have! And Heaven knows, there aren't nearly enough people with that sort of leadership and training in the world.

 

[YeOldeStonecat]

May I ask, what do you think is unique or special about "The Cloud" vs. "Servers on the internet" as it pertains to services? Which services are unavailable on one vs. other?


A server? You really didn't "define" anything "you described". C'mon man. Gee wiz, how did the world ever communicate in 2005 without "The Cloud"! Must have been a cups and strings!

So, the action of accessing "data" from afar? You can't think of any other way that could happen other than using Google Drive, Azure, etc? Gee wiz.

Everyone acts like The Cloud is something special or unrivaled or incomparable to a "Server at your house". It isn't. Sure, there can be benefits, but there can also be detriments. That's all I'm saying here.

Who Coined 'Cloud Computing'?

Now that every technology company in America seems to be selling cloud computing, we decided to find out where it all began.

www.technologyreview.com

Well, people were using "the cloud" before it became a trend. It's just..someone elses server..on the other side of the internet.
So yeah, before "2005" people were using it. An early example might be...AOL..back in the early dial up days. You could access your email equally from any computer. As much as AOL is frowned up by many IT people, it was very convenient for typical end users. None of those limitations of Outlook Express downloading POP mail on <this device>, and not being able to see the email on your <second device>. (Yes, yes, I'm fully aware that email clients had a checkbox for POP accounts to leave email on the server..I ticked thousands of those boxes back in the dial up days).

Of course we had ways of access files remotely. Back in the Win95 days, we could set up RRAS..and PPTP VPN. Gee..what fun. I sure do miss being able to do that. //insert sarcasm
...yeah there are more modern more secure methods of VPN. Wireguard is an easier VPN client. But still, it's going back in time to "a process that requires more steps, and it just...slower, pokier, clunky, etc".
Some NAS units or other "build your own cloud" services make aren't too bad. (insert OwnCloud or NextCloud again). And they have sync clients you can install on your phone or computer. But it's something I have to maintain again. or set up pizza tech stuff like DDNS for me trying to make my house a data center. Kinda....several steps backwards in time a few decades for me.

COVID got us to flip a log of businesses over to entirely all 365, and other SaaS (their LOB software moved to hosted online). We had been pitching the ease of it prior to COVID, but...businesses nearly being forced by COVID to set staff to work from home, got us to change them over to 365 and other SaaS stuff..and..they got spoiled by it, they have not gone back. No more cumberson 20 year old VPN tech being used, no more clunky remote desktop/Splashtop/Teamviewer to the office, just...get to your data from anywhere...how nice is this? Not a single client asked us to step them back 20 years in time/tech when the big COVID scare was over and staff went back to working at the office. They preferred to continue working more easily, more securely, and having that ease of "get to our business stuff from anywhere" with ease.

Some of us raise the bar higher than others, it may just be my style, but I prefer to stick a bit more towards cutting edge while factoring in security, budget, reliability, support/maintenance required, and ease of use.

Of course everyone has the right to their own approach, whatever makes them more comfortable.

 

[Sky-Knight]

Full disclosure, anyone here that isn't OK with the surveillance / police state the US has become, would find me quite sympathetic. I'm not happy about that reality either.

But as long as I use a smart phone, which I'm stuck with for professional reasons... I see little point in "hiding" my digital activities because the way the law is presently constructed, the government can and will gather all sorts of information on me as I move through the digital realm. I haven't seen anything accessed in this space thus far that's beyond what I'd call equivalent to the surveillance possible in the physical world, but the laws in this space are extremely poorly written, but intentionally incompetent representatives, that do not represent me.

So to say I'm grumpy at the situation by default is an understatement.

@YeOldeStonecat Yeah we've both been there and done that on the VPN thing... If you're TLS'ing hard enough, and authenticating hard enough, VPN is redundant. I have to do the former two no matter what, so ditching the latter is very nice when possible.

 

[britechguy]

Of course everyone has the right to their own approach, whatever makes them more comfortable.

That's the long and the short of it.

Everyone also has to make decisions about what is "secure enough for my purposes." What's "secure enough" for the local art gallery or pizza place as opposed to the doctor's or lawyer's offices as opposed to Equifax or Anthem or Microsoft (or other) cloud services are ENTIRELY different things.

 

[YeOldeStonecat]

But as long as I use a smart phone,

That's another one I chuckle about....I see people "panic" when the lose their phone, or their phone dies, whatever. Absolute panic. Main reason? Because they can lose all their pictures, or lose all their "stuff", When...in fact, there is absolutely no reason they have to lose ANYthing. Except the physical phone itself. I feel like taking a telephone pole and smashing them over the head with "Hello, McFly...."

I can take my Google Pixel...light it on fire. I have zero...absolutely zero..risk of losing anything ..and I can say the same for my laptops, and my desktop computer. I can run out and get a new Pixel phone...sign into my Google account (yeah..that big bad scary cloud thing!!!)..hit the "restore" button..and within minutes...POOF...all my personal stuff is back. Pictures, remembered wireless networks, apps, etc. I sign into my first 365 app..and POOF...all of my work stuff is back. Did_not_lose_a_single_thing. All it took was a feature that both Androids and iPhones have...sign into the account, hit that "enable backup" button once...and you never_have_to_worry_about_it_again. Sure...some people stuck in the 90's might prefer to manually back up their phones...plug in weekly or say...monthly..and do some form of manual backup to a computer. That certainly can do the job. If you prefer that method.

I can say the same thing about my 2 laptops and my office computer...can light them on fire, go get new ones, sign in..and "poof"..all of my stuff is back. Documents, emails, programs, browser faves and passwords, pictures, files/data, preferences, etc etc. Didn't lose a single thing. And I did all of that with ease, just unbuckle a new computer, and sign in. Literally mere minutes on my part...quite literally. Sure, I can go take an older approach and...I could have done full image backups, acronis or some freebie easeus program or macrium or even some better paid for program. Go get a bootable USB drive, and go through the restoration process of putting my image back. I'm at least an hour into the job. Sure, do-able. But I'll take the "mere minutes" approach first.

 

[britechguy]

But I'll take the "mere minutes" approach first.

Which brings us straight back to your earlier assertion, which is spot-on: Of course everyone has the right to their own approach, whatever makes them more comfortable.

You have to do what feels like it's the best fit for you (the generic you). And we all know that what feels best to me, personally, may make others run screaming from the room. The back and forth in this very topic is a vivid demonstration of that.

There is not, contrary to the assertions of many, The One, True Way.

 

[Sky-Knight]

There is not, contrary to the assertions of many, The One, True Way.

No there is not, but in my neck of the woods the people that scream about "the cloud" are also the ones with the least technical ability to live without it.

I'll continue shoving people into M365 just so I don't have to deal with yet another young bride crying in my office because her wedding photos are gone... or calling up the guy that lives down the street that brought me his dad's machine to fix with the dead drive in it... the dead drive that had the last thing he wrote to his family before he passed.

NOPE NOPE NOPE. I've been through too many nightmares, I know end users will never take care of themselves. I do know that if I shove them into M365, they use it, and by using it it basically maintains itself, and their files are in there. So when the endpoint burns, because it always does... Sell a new one, login POOF.

I've drowned in the river of tears long enough. So long that I won't accept work from those that don't take their data seriously. I just don't have the heart for it anymore.

Meanwhile... I'll also keep recommending a Synology, because you can live in MS's cloud, and have it all backed up in the magic box at home. Just in case... that's my doomsday prepper option, and it's quite handy.

 

[britechguy]

@Sky-Knight,

Which brings us right back to the earlier assertions from @YeOldeStonecat:
Of course everyone has the right to their own approach, whatever makes them more comfortable
and myself:
You have to do what feels like it's the best fit for you.

If you now have the luxury of picking and choosing your work then, by all means, glory in it.

In my case, the tag line for my business is, "If it's got you screaming, I'll help you stop." I get great satisfaction in taking a situation where an immense conflagration has occurred and salvaging something from it for the client. It's one of the reasons I got into doing this stuff.

 

[britechguy]

No there is not, but in my neck of the woods the people that scream about "the cloud" are also the ones with the least technical ability to live without it.

Not arguing with you in any way, but I've found over the years that virtually anything "new and different" takes years to gain acceptance not only with the general public, but even within industries.

Trepidation regarding the new and "unknown to me" extends to lots of things.

I have never, ever been a "bleeding edge" adopter of any of the "technological miracles/revolutions" that have come down the pike. And even some that are no longer that (e.g., SSDs) are not the gold standard for storing all things. For backup storage it's either the cloud, good, old-fashioned HDDs, or a combination of the two. The failure characteristics of SSDs make them horrible options for long term archival storage.

 

[Sky-Knight]

@britechguy MFA protected properly secured online services are not new.

"The cloud" is just a euphemism for "The Internet" for pete's sake. The level of ignorance surrounding all this drives me nuts, but it's also an unsolvable problem.

 

[britechguy]

"The cloud" is just a euphemism for "The Internet" for pete's sake.

No, it's not. Most of us do not store all our earthly data in "the internet." That's all it takes to falsify that assertion.

I cannot imagine how you work with clients if the kind of vituperation and dismissal you throw about here, constantly, is what you do with clients. I'd be sending you packing in about 5 seconds. "Help" with attitude and absolute certainty of the provider's own perfection doesn't generally sell well.

 

[Sky-Knight]

There are technical differences in the definition of "the cloud", and "the internet". But for most lay people the phrases are interchangeable. With the latter largely fallen out of the lexicon entirely.

The only time I hear a lay person say "Internet" at all is when it's "down".

Younger people usually complain the wifi is out, which always gives me a chuckle.

As for how I work with clients, the answer to that is wonderfully.... most of the time. I get my issues with personality conflicts like everyone else. But when a meeting I'm in this afternoon extends from an hour to a bit more than two, because the executive on the other side of it is engaged, learning, and loving it while my sales guy is backing me up? When just three weeks ago he was about to fire us because of issues? He's getting ready to drop $20k on a project like it's nothing! And I've got him lined up for another $100k in work.

So you can think that my tactics aren't effective, but I'm living proof they are. And if you back all this up with what I put in the other thread? Yeah... I can bring this kind of power to the SMB too! My issue was never keeping customers, my issue was FINDING customers. Once I had a client, they were mine for life. Because they all know, I will go to my grave fighting for THEM, not the huge corporate monsters. The problem is getting a meeting with a business owner, they're busy people and the pandemic really threw a wrench in the whole in person thing... where I'm by far most effective.

And yeah, I use the crap out of Microsoft tech. But I don't do so because I'm some sort of sycophant. I do so because the products WORK, and they MAKE MONEY. And I know there is no other viable option that offers that much return for that little investment. The case is made on those terms, and that language speaks to Main Street just as much as it does Wall Street.

So I have my four rules:

1.) All software in service is actively supported by their appropriate vendor.
2.) All systems are fully patched and up to date.
3.) All systems have active functional Anti-Virus.
4.) All cloud authentication surfaces have MFA protection configured, and enforced.

Violate one of those and you're not a customer anymore. And yet... I've never had one reject me on those. Sometimes they grumble, until they see how easy it all is. How cheap it can be, and how much stress it takes right out of their lives.

Ever seen a grown man cry because you handed him a hard drive? I've done that... His wife forcing him to take a vacation he's not done in over a decade, and he's TERRIFIED something will go wrong when he's gone. So I gave him a drive that had everything he needed to rebuild his entire enterprise when he got back. The light that came off him when the reality of what he was holding sunk in I'll never forget. I still get Christmas cards from that couple, and they've been retired for over a decade now.

You can dislike me all you want, but I DELIVER. Full stop. And I'm here because I'm trying to help others do the same. And yes, I will get in your face when you don't deliver enough, or you're doing a disservice to your customers via ignorance. But if you think that's bad, you should see what happens when I suspect malice! It's not pretty.

 

[britechguy]

I hear "the web" and "the internet" still used, very frequently. And, in almost all cases, it's referring to something that is "out there" (and, yes, that out there is cloud storage for that stuff) that using a web browser (or email client, but people treat email as its own thing) brings (downloads) "right here."

The web or the internet are data sources for data supplied by others. Even I give zero consideration of what I get when I go to a given webpage resides in true cloud storage or in a server on someone's LAN that communicates directly "with cyberspace." I have no idea, none, where the actual information that downloads into my browser window actually physically resides. So if you want to consider absolutely anything that has any contact with cyberspace "the cloud" then that would be accurate. A definition that loose would mean that the system disc on my machine is part of "the cloud" because my computer is in constant contact with cyberspace, but the data I have stored on it is not, and is not accessible (with any ease or intent, anyway, hacking doesn't count) to any random person "surfing the web."

Something on NAS or a server that only communicates within a LAN is not, in any meaningful sense, "in the cloud" if there's no way to access it from beyond the network it's resident on. That's still "local storage."

And "local storage" still has its place, for a multitude of reasons. As does cloud storage. Tool to task.

 

[Sky-Knight]

And "local storage" still has its place, for a multitude of reasons. As does cloud storage. Tool to task.

Especially for media, engineering, or backups. It's impossible to get a low RTO and RPO without an on-premise device, if the dataset is also on-premise.