Using somebody else’s cloud for scalability and redundancy is reducing one risk vector by increasing a different risk vector.
It makes some sense to use a cloud service of a company which is around the same size as your own, with whom you have a proper contract in a jurisdiction where it’s legally enforceable in a timely manner and even then you’re now taking in the risks associated with them going bankrupt.
I avoided that kind of situation exactly because having worked in IT already for almost a decade when this kind of thing came out, I had already some experience with what can happen if one puts oneself at the mercy of a 3rd party entity for whom even your business isn’t worth much (either because you don’t even pay or because you’re a tiny, tiny customer).
That is way more so when we’re talking about having an important point of contact with the outside world like one’s e-mail address under control of such a 3rd party entity (e-mail, like phone numbers in many countries, should be something you can take with you from provider to provider, but we’re not there yet and may never be given that unlike with phone numbers, it would require a transnational regulatory agreement, which almost certainly will NEVER happen). Personally for my e-mail I DO use the mechanism were due to regulations I can move the core element around with me from provider to provider - I have my own Domain Name and subcontract the e-mail support to a 3rd party.
Using somebody else’s cloud for scalability and redundancy is reducing one risk vector by increasing a different risk vector.
It makes some sense to use a cloud service of a company which is around the same size as your own, with whom you have a proper contract in a jurisdiction where it’s legally enforceable in a timely manner and even then you’re now taking in the risks associated with them going bankrupt.
I avoided that kind of situation exactly because having worked in IT already for almost a decade when this kind of thing came out, I had already some experience with what can happen if one puts oneself at the mercy of a 3rd party entity for whom even your business isn’t worth much (either because you don’t even pay or because you’re a tiny, tiny customer).
That is way more so when we’re talking about having an important point of contact with the outside world like one’s e-mail address under control of such a 3rd party entity (e-mail, like phone numbers in many countries, should be something you can take with you from provider to provider, but we’re not there yet and may never be given that unlike with phone numbers, it would require a transnational regulatory agreement, which almost certainly will NEVER happen). Personally for my e-mail I DO use the mechanism were due to regulations I can move the core element around with me from provider to provider - I have my own Domain Name and subcontract the e-mail support to a 3rd party.