Google Cloud Platform (GCP) has announced it will annul data egress charges for customers that say they want to leave the cloud provider.

However, the move is explicitly aimed at customers that will move away from Google. That means there are limits to who might benefit, with concerns over the time period allowed to migrate data off Googles systems.

Having said that, the small print also suggests customers that do not fulfil the headline criteria may be able to take advantage of no egress charges.

We look at what Google is actually offering.

Ordinarily, all outward cloud traffic termed egress in cloud storage is invoiced by quantity of data downloaded, whether back to an on-site location, elsewhere to another application, or to another cloud.

GCPs move now allows it to stand apart from Amazon Web Services (AWS) and Microsoft Azure by not making such a charge, but only in certain very specific circumstances.

In a notice posted last week, GCP told customers that if they want to quit Google and not have to pay egress fees as they do, they must fill out the Google Cloud Exit form.

Following that, Google will review the request and let them know when they can download their data without charge, being very clear it is in anticipation of terminating [the] Google Cloud agreement. After that, the customer has 60 days to migrate their data.

So, the key stipulation is that to take advantage of the waiving of egress fees, the customer must have declared they want to leave GCP.

To do so, they have to fill in a form under the Google Cloud Exit programme. After that, the Google team responsible will tell the customer when they can initiate the migration, and thats when the 60-day limit applies.

The offer only applies to customers on the Premium Tier Network Service Tier, and Google reserves the right to audit customer movement of data away from Google Cloud to ensure compliance with terms and conditions.

Having said that, the Google FAQ says its team will review cases where customers want to migrate some of their data and dont want to leave Google Cloud.

Google doesnt elaborate on what that means, but for some customers, perhaps it means that if they have the leverage, they might be able to convince Google to waive egress charges under other circumstances.

In waiving egress charges upon customer contract termination, GCP is conforming with a European measure voted in last summer under the framework of the Data Act that obliges cloud suppliers to facilitate data migration, particularly when they are constrained by contractual clauses imposed unilaterally.

This isnt a question of lowering costs for transfer of data out of Google Cloud in the framework of a classic use case, said Franois Denis, cloud consulting director for France-based integrator, Wenvision.

It does, in fact, apply only where the customer has stated that they plan to totally quit Google Cloud, for data hosted under certain services BigQuery, Cloud Bigtable, Cloud SQL, Cloud Storage, Datastore, Filestore, Spanner, and Persistent Disk for customers of premium-level services, and that the offer has successfully passed validation by Google.

Denis said its an offer that looks like it puts Google in the vanguard and AWS and Azure may soon follow suit, but it is likely to benefit very few customers.

A duration of 60 days in the context of an infrastructure of reasonable size is actually quite short, said Denis. And in the context of a project that involves cloud egress, the most important costs arent those involved in leaving the cloud, but rather the actual migration costs themselves, such as technical details, planning, organisational change and building teams for the new environment.

Visit link:
Googles data egress offer no such thing as a free migration? - ComputerWeekly.com

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Cloud storage is a cloud computing model that allows data storage on remote servers operated by a service provider, accessible via internet connections. Its a scalable and cost-effective storage solution for businesses offered through a subscription service. When assessing the overall security of cloud storage and choosing a solution tailored to your business, it helps to determine its features, potential risks, security measures, and other considerations.

Cloud storage utilizes remote servers accessed through the internet, while local storage saves data on physical devices directly connected to a users device. It excels in remote access, scalability, and security, with distributed storage options and privacy adherence capabilities. Local storage prioritizes direct access, potential cost savings, and reduced reliance on the internet, yet lacks the scalability and security of the cloud.

Heres the difference between cloud and local storage in terms of accessibility, distribution, security measures, and more:

Cloud storage stands out as a secure solution because of the security expertise provided by cloud security providers (CSPs), data recovery capabilities, and specific security advancements such as ransomware defense integration, business-focused cloud transformations, increased deployment at the edge, and adoption of NVMe over fabrics.

CSPs professional security expertise substantially contributes to the security capabilities and improvement of the general resilience of cloud storage. Cloud experts actively monitor and respond to potential threats, guaranteeing a continual update and alignment of security mechanisms with the latest requirements. CSP collaboration improves the security environment where theres a need to mitigate the emerging risks quickly and comprehensively.

Cloud storage makes data recovery easier in the event of an accident, deletion, or overwrite. According to Unitrends 2019 cloud storage research, 62% of respondents had successfully recovered data from the cloud. This trend is expected to increase as Gartner projects a threefold rise in unstructured data capacity by 2026. The increased scalability of cloud storage can assist effective data recovery solutions.

Cloud storage combats ransomware threats with integrated protection mechanisms and extensive methods recommended by cybersecurity experts. This integration ensures that the storage environment is capable of detecting, preventing, and recovering from ransomware assaults, which contributes to the overall resilience of stored data.

Gartner predicts that by 2025, 60% of organizations will require integrated ransomware defense strategies on storage devices, up from 10% in 2022. The significant increase in organizations requiring integrated ransomware defensive methods indicates heightened cybersecurity threat awareness. As ransomware threats get more sophisticated, businesses now recognize the importance of strengthening their security methods to protect data from malicious attempts.

Cloud transformations to accommodate the changing business needs now offer the capacity to quickly deploy and adapt. That means implementing new measures or changing it as needed. Cloud storage provides businesses with key benefits, such as flexibility, agility, business continuity, and faster deployment, all of which contribute to overall organizational responsiveness and better security.

In Fortinets 2023 cloud security survey of cybersecurity professionals, 52% selected storage as the service their firm deployed in the cloud. They cited lower risk, enhanced security, and cost savings as they go through migration.

The increased deployment of cloud storage at the edge immediately addresses security concerns over latency. Organizations shorten the time it takes to transmit and process information by storing it closer to where it is generated, reducing the window of risk and improving overall data security during transit.

The huge increase in edge computing and distributed data processing (40% by 2025, up from 15% in 2022) emphasizes the relevance of edge computing and distributed data processing. Organizations attempt to reduce latency and improve real-time data processing capabilities by storing data closer to where its generated.

The use of NVMe over fabrics improves the security of cloud storage by boosting data retrieval procedures. The improved performance and reduced latency of the technology mean that data may be accessed and recovered promptly, lowering the danger of prolonged exposure and potential security issues associated with delayed data retrieval.

The rising adoption of NVMe over fabrics in external business storage arrays (30% by 2025, up from less than 5% in 2021) suggests a trend toward high-performance storage solutions. NVMe over fabrics starts to become an important technology in cloud storage. This trend is particularly vital for core workloads, as enterprises seek faster data access and lower latency.

Despite its obvious benefits, cloud storage still faces common challenges, including misconfiguration, data breaches, insecure interface, unauthorized access, DDoS attacks, insider threats, lack of control, encryption problems, patching issues, compliance, and monitoring issues. Understanding these risks helps firms implement informed risk management and mitigation strategies.

Human errors during the configuration may expose sensitive data or services. Vulnerabilities happen when you incorrectly create permissions, leave default configurations unmodified, or mismanage security settings. Conduct regular audits of cloud configurations and create automation for configuration management. Provide ongoing training for individuals involved in setup and maintenance.

Data breaches frequently occur due to exploited vulnerabilities in cloud infrastructure or applications. Cybercriminals use various ways to acquire illegal access and exfiltrate sensitive data, such as exploiting software flaws, phishing assaults, or using compromised credentials. Anyone with sensitive data stored in the cloud is vulnerable in the event of data breach, so enforce strong encryption, authentication, and patching measures.

Attackers can use interface and API flaws to modify or circumvent security protections. It results in illegal access, data manipulation, or malicious code insertion into the cloud environment. Users connecting with cloud services via interfaces/APIs are in danger, as are enterprises relying on safe data transactions and interactions with external systems. Employ thorough API measures, regular validation of input data, and proper authorization protocols.

Unauthorized users may get access to cloud resources due to lax password regulations, inadequate authentication systems, or compromised user accounts. To address the risk, create strong access controls, enforce strict password requirements, and conduct regular access checks to identify and revoke unnecessary permissions.

DDoS attacks flood cloud services with traffic, overwhelming capacity and causing service outages. Attackers take advantage of weaknesses in the network or application layers to disrupt routine operations. Counter this by using DDoS mitigation services, establishing redundant network designs, and testing the resilience of your systems against simulated DDoS attacks on a regular basis.

Malicious insiders may purposefully abuse their access privileges, whereas reckless insiders may accidentally expose critical data or misconfigure security settings. The lack of awareness, employee dissatisfaction, or social engineering attacks targeting an employee may all cause insider threats. Perform extensive background checks during the hiring process, set stringent access controls, and provide employees with continuous cybersecurity training.

Inadequate data storage and access control may result in unintended data exposure. The lack of control comes from failing to enforce security policies, monitor user actions, or install appropriate encryption mechanisms. To protect sensitive data, evaluate and update security policies on a regular basis and use encryption solutions.

Your data is vulnerable to interception if you dont encrypt it before transferring or storing it in the cloud. Cybercriminals can listen in on communication channels or get unauthorized access to stored data, jeopardizing confidentiality. To mitigate the risk, install end-to-end encryption, encrypt data in transit and at rest, and stay updated on encryption standards and technology.

Security patches not applied promptly make systems vulnerable to exploitation. Cyber attackers target known vulnerabilities, exploiting them to obtain unauthorized access or jeopardize the cloud environments integrity. Create a solid patch management strategy, automate patch deployments when possible, and conduct vulnerability assessments on a regular basis.

Non-compliance with data residency standards and legal requirements occurs as a result of a lack of awareness or a failure to establish procedures to guarantee data is stored and handled in accordance with applicable laws. Its important that you remain updated on data residency requirements and that correct data classification and handling policies are in place.

Inadequate monitoring tools and insight into cloud systems make it difficult to spot suspicious activity in real time. Security issues can thereby go undetected, potentially resulting in extended data exposure or illegal access. Implement comprehensive monitoring solutions, detect anomalies using advanced analytics, and establish incident response protocols.

While cloud storage has many advantages, you must address its weak points to secure data. To lower the possibility of risk, consider using authentication measures, encryption, backup routine, monitoring, and other security measures.

Specifically, here are a few ways to secure your cloud storage from potential threats:

Small and midsize business (SMB) and large enterprise security professionals both prioritize preventing cloud misconfigurations, emphasizing the critical requirement for secure configurations. Securing major cloud apps emphasizes the continuous relevance of businesses application security. Its a prerequisite for all types of businesses to defend themselves against malware and maintain regulatory compliance when implementing comprehensive cloud protection.

While SMBs and large enterprises have overarching needs in cloud storage solutions, they have different limitations and requirements to prioritize.

Common SMB needs include a hybrid option, on-premise storage for regulatory compliance, scalable and cost-effective solutions. They also look for easy data migration paths, the ability to address latency and performance, and a reputable service provider.

Large enterprises often require advanced analytics, comprehensive SLAs, customization, elasticity. They also need enterprise-grade security, global accessibility, high-volume data management, and redundancy and disaster recovery:

Businesses must strike a balance between applying the inherent security features of cloud systems and actively participating in the continuous effort to tighten their security posture in order to fully realize the potential of cloud storage. Cloud storages capabilities are great assets but to achieve their full potential, combine it with active knowledge and adherence to solid organizational security practices.

Next, get deeper insights on how to secure cloud environments to experience the benefits of cloud storage while establishing data integrity and protection.

More here:
How Secure Is Cloud Storage? Features, Risks, & Protection - eSecurity Planet

It is a truth universally acknowledged that egress fees the rates hyperscalers charge customers to move data from one cloud to another suck. Enterprise customers hate them and cloud competitors claim they harm competition. But could they finally be on the way out the door?

NeXt Curve founder Leonard Lee thinks so, but not everyone is so sure.

In a surprise move, Google Cloud recently decided to eliminate egress fees for customers leaving Google Cloud Platform. The catch is that this applies only to customers exiting Googles cloud entirely and even then only to a handful of its services. These include its data warehouse and storage products, including BigQuery, Cloud Bigtable, Cloud SQL, Cloud Storage, Datastore, Filestore, Spanner and Persistent Disk.

A Google Cloud representative told Silverlinings the move provides choice for customers in a cross-cloud world.

Lee thinks the change could mark the start of a new trend which will be driven by rising pressure from large enterprise customers.

Organizations are starting to realize that control of their data, the environments and the data paths are increasingly important, he told Silverlinings. Those with multi-cloud strategies want to be able to place data near workloads where they are best served across a portfolio of cloud service providers they retain. The egress fees present walls to gardens they would rather not be confined to.

Amazon Web Services (AWS), Google Cloud, IBM Cloud, Microsoft and Oracle all charge egress fees. Pricing tends to be charged on a sliding scale based on the amount of data transferred.

For instance, AWS offers the first 100GB of data egress from its S3 service for free, but charges 9 cents for 100 to 10,000 GB, 8 cents for 10,000 to 50,000 GB and 7 cents for 50,000 to 150,000 GB.

While this doesnt sound like a lot, transfers can quickly run into the hundreds or thousands of dollars. In a June 2023 filing with the U.S. Federal Trade Commission (FTC), Oracle claimed it would cost upwards of $23,000 to transfer 500 TB of data out of Azure and as much as $40,000 out of Google Cloud (though Oracle noted AWS fees are higher than everyone elses for workloads of any other size).

Oracle argued the sole purpose of egress fees is to frustrate competition on the merits by locking in customers to their legacy CSP.

Cloudflare has also been campaigning against egress fees for years now, claiming in 2021 the markups associated with them were wildly egregious and designed to lock customers in to their infrastructure.

An AWS representative contended in a statement to Silverliningsthat "over 90% of our customers pay nothing for data transfers out of AWS because we provide them with 100 gigabytes per month for free to use for any purpose."

The rep added that in compliance with the European Data Act, AWS can only charge eligible European Union customers enough to recoup its own costs to support switching or parallel use in other relevant clouds.

In response to questions about whether it plans to eliminate egress fees, the spokesperson also pointed to AWS' own filing with the FTC, in which it argued "Compensating providers for the substantial cost of transferring data and building and operating a complex and expensive network is the only way to facilitate large-scale data transfer of the kind customers demand."

Silverlinings reached out to Microsoft but the company declined to comment andOracle did not respond to a requestfor comment by press time.

While NeXt Curve's Lee was hopeful aboutegress fees making an exit, not everyone is as optimistic.

Sid Nag, VP of Gartners Technology and Service Provider group, told Silverlinings that Google Cloud's supposed "elimination" of egress fees isn't as straightforward as it sounds.

In addition to only applying to data stored in certain services, Nag pointed out thatcustomers exiting Google Cloud have to apply to have their egress fees waived. If they get the green light, they have to finish their migration in 60 days and will receive a credit on their final bill covering the fee amount.

This 60-day time limit is a huge hurdle, noted Nag. And while Google Cloud makes onboarding easy, it's not clear what resources the cloud provider will make available to expedite the egress process.

"Exiting a cloud is not for the faint of heart. Its not a decision you make suddenly, and its also done incrementally over a significant period of time," he said. "So, I think the 60-day thing will be really interesting."

He added that Google Cloud is notablykeepingegress fees in place for active customers with multi-cloud environments, which is likely due to the fact thatthere are real network costs associated with transferring data and implies that perhaps some sort of hardware think along the lines of a giant thumb drive will be used for exiting customers, allowing Google Cloud to waive those egress costs without losing money.

That said, a quick read of Google Cloud's blog on the announcement makes it apparent that egress feesaren't really at the heart of its move, according to Nag.

Amit Zavery, GM/VP, Head of Platform, for Google Cloud, wrote: "Eliminating data transfer fees ... does not solve the fundamental issue that prevents many customers from working with their preferred cloud provider in the first place: restrictive and unfair licensing practices."

Nag said the connection between egress fees and licensing practices isnt clear. But what is clear is that Google Cloud is trying to use the attention gleaned from its move to highlight an issue it truly cares about.

"Microsoft charges higher licensing fees for their software torun on a foreign cloud than if it was running on their own Azure Cloudand they [Google Cloud] want to highlight that problem by doing this move," he said.

Egress fees, Nag concluded, are "definitely not going away."

Read the original here:
Are cloud egress fees on the way out? Maybe. - Silverlinings

Last week, Google announced in a blog post that it is waiving data transfer fees for businesses and customers looking to migrate their data away from Google Cloud to other cloud providers or on-premise solutions. Google said that this decision is to accommodate evolving customer requirements and a step against restrictive and unfair licensing practices.

Customers should choose a cloud provider because it makes sense for their business, not because their legacy provider has locked them in with overly restrictive contracting terms or punitive licensing practices, said Amit Zavery, head of platform, Google Cloud.

Taking a dig at rivals like Microsoft and AWS, Google said that they levy heavy cost in cases customers decide to use competitors cloud infrastructure, thus limiting interoperability. Quoting a June 2023 study by non-profit trade association CISPE, Googles blog said that such restrictions impose a 300% cost increase to customers.

To be sure, this data migration expense comes under the larger umbrella of data egress fees. Also called bandwidth or data transfer fees, it is the cost levied by cloud providers for moving data from the cloud storage where it is uploaded to another provider/on-premise. This fee is in addition to the fees organisation pay for cloud storage and computation. A 2021 study by IDC showed that egress fees may be up to 6% of the total cloud storage costs.

Googles decision to eliminate data transfer costs comes on the back of a probe announced by the UKs Competition and Markets Authority (CMA). In October 2023, the UK Office of Communications (Ofcoms) reported that certain features of the cloud market, dominated by AWS and Azure (driving 70-80% of the business) could be stifling competition. One of these features was the heavy egress fees levied by cloud providers. Taking cognisance, CMA appointed an inquiry group to carry out the investigation, with a deadline for the agencys final decision of April 4, 2025.

Earlier in June last year, Google complained to the US Federal Trade Commission against Microsofts alleged anticompetitive practices, accusing the tech giant of locking customers in its cloud services. Google said that Microsoft uses restrictive software licensing terms which makes customers tap onto other providers like itself. Google had raised similar objections against Microsoft with the European regulators, as reported by The Register.

In 2022, Microsoft and AWS combined accounted for 62% of the cloud market share, as per an IDC report. Apart from these players, Google Cloud, Alibaba Group, and IBM are leading cloud providers of the world.

Read more:
Explained: Why is Google Cloud eliminating data transfer fees - TechCircle