Just as we went through the outsourcing phase (with quite a bit of it being brought back to the US), we'll go through the "outsource the datacenter" phase.
The story of how GM outsourced/spun off its IT department and then brought it all back in house once they realized it was a competitive advantage should be required reading.
The power grid isn't nearly as affected by latency as data connections. Several years ago I worked at a company that outsourced its IT midway through my time there. The latency was so terrible that it took 45 minutes just to check one's email at the start of every day, a task which should have taken 5.
That works because the power grid and power generators are heavily regulated by the government. Is AWS ready to classify itself as a utility and be under government regulation?
That seems like an unreasonable jump to make. Building power plants doesn't work ONLY because of a regulated energy market, though I'm sure it helps. What if the parent commenter hadn't used a utility as an example? If the example of "economies of scale" were ethanol fuel production, would you ask if AWS was ready to classify itself as a corn field?
Power only became regulated because it became so central to a functioning society.
In a couple more decades cloud computing will be almost ubiquitous and yes, it will become more regulated.
The AWS GovCloud region is already a move in this direction. Also the private cloud they are building for the CIA shows that AWS is willing to jump through various hoops for $$.
GM's reasons for bringing IT back in-house are probably one of a handful of examples of people back-tracking on outsourcing at that scale. IIRC, GM realized that so much of their IT knowledge was tribal (read: poorly run, no docs, tons of religious ceremonies required to keep the lights on) that they were making serious risks to try to have anyone else take it over.
For a lot of companies, they're viewing moving to cloud systems as a sort of "second chance" to green field IT more inline with what they were hoping for out of their datacenters they built out decades ago. In a lot of these cases, server deployments can take weeks, months just to have some random CentOS or Windows 2008 R2 image plopped on there when people just want to test a couple pieces of software from a vendor.
Cockcroft's right about how auditing datacenters for security is such a pain due to disparate / badly integrated tooling that the cloud will become much easier for performing audits. So even if it's a little less "secure" than your existing datacenter (I would bet everything I've got that most Fortune 500 datacenters are far less secure than what Amazon has setup) you will come out ahead on dealing with incidents faster and cheaper.
I'm working directly on one of these datacenter exodus projects named in this article and the cost savings early on are already monstrous compared to the charge-back that's done internally, and our internal cost to support cloud is projected to scale logarithmically as opposed to super-linearly while maintaining our in-house IT. The amount of (typically unhelpful, terse) support staff required to support our IT is absolutely insane and most of the time the IT budget is so strapped you can't even get the budget to upgrade any hardware ever again, so moving to a constantly-improving cloud is a better long term proposition by that metric at least. The internal IT is a stereotypical example of a real-world enterprise datacenter with a hodgepodge of 25+ different vendors' tools from different fads and different account managers' legacies from years ago that are impossible to consolidate together effectively. No enterprise software vendor likes to make integrations with anyone else without a partnership agreement and the overall engineering results are atrocious and fundamentally much more expensive and high-risk than just throwing everything into a third party's highly reputable cloud environment. Meanwhile, there's a massive body of software now that works with AWS and as these large corporations start to acquire companies that are already deployed to AWS, it will make M&A cheaper and technically higher likelihood of follow-through.
Maidsafe ... should be a solution to the datacenter problem. Ultimately we want to aim for a completely decentralized/distributed internet where a virtually infinite amount of available resources (CPU+storage+bandwidth) can be summoned on demand from anyone participating in the network, -AND- expect people to get paid for donating these resources. I remember an HN article like a week or two ago on IPFS, another step in the right direction..
This will be the undoing of the datacenters - the problem is, there's ZERO incentive for the millions of connected users to donate their resources and unless this changes, the decentralized internet will remain a pipe dream.
The problem with Maidsafe is they've been working on it forever....
...which is the problem with all completely-distributed, server-less Internet schemes. Hell, I was working in this space when I was in college in 2002. There were a lot of people interested in it then, probably even moreso than now, and yet it was a complete tarpit that yielded very few long-lived results (BitTorrent, basically - even Kazaa and the rest of the music filesharing apps ended up getting replaced by centralized systems).
It's an area where I really wish someone would succeed, but having worked on some massively-distributed systems at Google in the intervening years, I'm skeptical that it's possible.
Even if you get around all of the other problems, you can't escape latency. There's still going to be significant advantages to co-locating a bunch of computation for some non-trivial percentage of needs.
It is that the momentum of this "put it in the cloud" will carry over to late-comers like government/s, who will dump huge swaths of personal data that should never sit in a "public-cloud" because even when the IT-sec guy warned against it, some x-cloud-provider-sales-guy wooed the thick-headed upper-aboves and then ... attacks on that "public-cloud" will become wholesale with some script-kiddy (it could even be a 13 year old running a script) will then have personally identifiable info of x-amount of citizens.
Managing infrastructure is a controllable-cost for any company, and if your company is not doing it right, that should indicate a bigger inefficiency problem in the organization (as a whole).
Most Fortune 100/500 companies are incompetent at managing the efficiency of their infrastructure for many reasons and there's a revolving door of CIOs trying to make them more efficient. DoD before cited "environment standardization" as their primary reason for buying a ton of VMware licenses rather than the usual themes of DC consolidation and business agility, which completely boggles a lot of peoples' minds even at VMware.
I've been writing IT operations automation software for about a decade now and people still are having trouble with a basic "open a ticket when something breaks" workflow and having humans do things is very common. Even into 2014 I was hearing of $500k+ contracts to spend a month in meetings to wind up with a SOAP / XML-RPC call with about 40 lines of XML just to open a new ticket in some custom ticketing system... that will then be triaged by people because they have focused so little upon thinking about making their IT systems usable for their own staff.
My primary concern is that if these same organizations that are that incompetent at managing their IT business in the first place go into the cloud, what's keeping them from screwing it up there too? All it takes is for someone to push an AWS access key to a Git repo and half of the US could be getting their identities stolen. I think this is what the conversation really means when people say that enterprises are still scared of cloud security a decade into the cloud IaaS movement. In reality, they're scared of their own organizations' competence to handle the power of cloud systems.
Most controllable costs get outsourced. It's not that everybody can't run their own datacenter. It's that often it makes a lot of sense not to.
You're implicitly assuming that having not-terribly-tech-savvy organizations (like governments) protect their own data is somehow better.
In theory you could keep all the personal data not connected to the net at all, in any way. In practice, before long nobody is going to do that except extremely paranoid organizations like the NSA, CIA and military (and equivalent non-US organizations.)
> You're implicitly assuming that having not-terribly-tech-savvy organizations (like governments) protect their own data is somehow better.
Quite often, it is. If all the data is in one place, the payoff for hacking it is much greater than if each bit of data is on a different machine. As the man said, "why do you rob banks? Because that's where the money is."
The story of how GM outsourced/spun off its IT department and then brought it all back in house once they realized it was a competitive advantage should be required reading.
Aren't fads wonderful?