The last decade saw explosive growth in enterprise migration to the cloud, a trend driven by the promise of lower overhead costs and greater scalability. Given this, many have made the leap and moved both non-mission-critical workloads and mission-critical functionality into the cloud.
This is where “data gravity,” a phrase coined by Dave McCrory comes into play. Data gravity is the “effect that attracts large sets of data or highly active applications/services to other large sets of data or highly active applications/services, the same way gravity attracts planets or stars.” So, in the simplest terms, data gravity is the idea that increasing volumes of data can cause data to function like an anchor, making it increasingly difficult to move as the data in question continues to increase.
The Drawbacks to a Data Gravity Well
As Principal Research Analyst Eric Hanselman at 451 Research, part of S&P Global Market Intelligence, explains it: For enterprises storing their data and applications in a cloud environment, if the growing data “takes place in public or private clouds that are not easily accessible by the enterprise using them, the full value of that data can’t be realized, and the enterprise will be trapped into spending exorbitant sums to free it.” Unrestrained, data gravity can lead to “limited innovation, poor customer and employee experiences, increased costs, information silos, compliance issues, security concerns, and slow decision-making for the enterprise.”
These security and latency issues pose a special risk to enterprises in heavily regulated industries, such as health care and financial institutions, that need to ensure their IT infrastructure and capabilities meet strict compliance requirements.
Given this, a careful understanding and consideration of the nuances of data gravity presents an opportunity for enterprises to craft data-centric infrastructures and networks to capitalize on the new capabilities that might be unlocked.
Vertical Cloud Computing and Legal Strategies: A Potential Solution?
Opposed to a “one-size-fits-all” cloud model, vertical cloud computing is a more specialized solution that allows enterprises to meet niche regulatory and market requirements. At a high level, a vertical cloud computing model is a cloud infrastructure offering designed and optimized for a specific vertical (i.e., for a particular industry). For example, last year Microsoft launched a vertical cloud offering called “Microsoft Cloud for Healthcare,” which is designed for organizations in the health care industry.
One particular benefit of the vertical cloud model is that it forges a “two-way street” between the enterprise and the public cloud via a fault-tolerant connection that also allows enterprises to port back applications. These direct data interconnections allow enterprises to have their data more readily accessible and controllable, allowing enterprises to circumvent some of the latency and data unavailability issues caused by data gravity.
While vertical cloud computing solutions provide a data-centric IT infrastructure optimized for a customer’s specific industry, there are certain risks that remain and that customers should address in their contracts with service providers. For example:
- Customers should seek strong business continuity protections to maximize control over their data and applications. No matter how secure the cloud platform is, outages in internet connections, for example, can risk loss of access to mission-critical data by both the cloud service provider and the customer. Where possible, contractually pushing for strong business continuity protections such as hybrid backup and archival tools, will enable customers to enjoy the security provided by self-service without losing the commercial benefits of the cloud.
- Customers should be careful and explicit when negotiating access and usage rights to any data. When data is migrated to a cloud solution, one of the key concerns is who will control the migrated data and to what extent. For customers that wish to maintain as much control of such data as possible, it is important to ensure that the contractual fine print does not provide (explicitly or implicitly) cloud service providers with any rights or licenses to use or leverage the data in a way that makes the customer vulnerable. For example, customers should ensure that any licenses to the data stored should have time and usage restrictions, and customers should push for strong data retrieval and access protections. This will allow customers to have a more active understanding of where their data is and any data vulnerabilities that might exist.
- Customers should be aggressive in ensuring stringent security and compliance requirements. Ultimately, the main risks posed by data gravity include making customers vulnerable to security breaches and non-compliance with regulatory data protection or privacy requirements. For heavily regulated industries, where possible, customers should ensure that the cloud service provider’s standard security measures are supplemented to provide customers with optimum protection. This recommendation even applies to vertical cloud offerings that are often designed with enhanced security protections in mind. Additionally, to err on the side of caution, customers should consider hybrid tools, or local data backups for mission-critical data.
Given the enormous amounts of data that are being used and stored by today’s business applications, conventional approaches to data analytics need to be reconsidered to make these volumes of data more manageable and accessible as well as compliant with various regulations. Understanding how data gravity may be impacting an organization’s data will better enable that organization to improve and run its business and avoid being overwhelmed by the demands of big data and enterprise data analytics architecture.