Amazon's cloud computing service should not be used for applications that require advanced security and availability, the Burton Group analyst firm says in a report accusing Amazon of secrecy regarding its cloud data centres.
Amazon has helped define the cloud computing market with its Elastic Compute Cloud (EC2), a service offering access to virtual server capacity over the Web. There are many things to like about EC2 and related platforms such as Amazon's Simple Storage Service (S3), but there are also numerous unanswered questions about Amazon's cloud infrastructure, according to the Burton Group.
Amazon seems to do a good job of network and physical security, but overall Burton Group gives the company "low marks for enterprise availability and security" because of a lack of transparency.
"Amazon maintains a strict 'will not discuss' policy regarding specific data centre details. In Burton Group's opinion, this position is unacceptable because it prevents organizations from assessing the risk posed by placing enterprise applications in EC2," states a report titled "Amazon EC2: Is it ready for the enterprise?" written by Burton Group analyst Drue Reeves.
Amazon says its data centres meet Tier 4 specifications, with fully redundant power, backup power, networking and HVAC systems.
"However, no outside firm has inspected or audited Amazon's data centers to verify these claims," Reeves writes. "Due to lack of available information and audited inspection regarding Amazon's data centres, Burton Group cannot verify Amazon's availability claims."
Specifically, Burton Group says Amazon customers have no way of determining the "physical redundancy level and data protection" of physical components such as servers, storage devices, network and power infrastructure. Burton Group also faulted Amazon for replication rates in its Simple Storage Service and a lack of fail-over between data centre regions.