The American diplomat Benjamin Franklin once said: "Wars are not paid for in wartime; the bill comes later." But as geopolitical uncertainties ripple across a globalised and interconnected world, consequences arrive faster and stay around much longer. This is especially relevant to companies that rely on cloud infrastructure.
"Some sectors urgently need to hear this message first, but no sector is exempt," says Mauritz du Toit, Managing Director of private cloud hosting and solutions specialist IIS Technology. "The difference is degrees of risk, urgency and tolerance for failure, not whether cloud matters at all."
Storms brewing over public cloud
For most of the cloud's history, public clouds seemed to offer the better deal: global availability, gargantuan scale and the backing of elite technology vendors.
Yet, cloud's reality is more complex, and geopolitical instability exposes companies to serious cloud risks.
Du Toit points to three areas generating significant concerns: geopolitical tensions introducing uncertainty through state surveillance powers, sanctions and cyber warfare; cyber crime's focus on identity-based attacks, misconfigurations and supply chain compromises; and fragmented and jurisdiction‑specific compliance and data sovereignty requirements.
"Public cloud is no longer just a technical decision. It is a geopolitical dependency that African organisations must actively manage. The cloud risk landscape has expanded beyond traditional technical concerns into a complex mix of geopolitical, cyber and regulatory risks. While early cloud risks focused on availability, data breaches and vendor lock‑in, modern risks are shaped by government influence, cyber crime sophistication and data sovereignty laws."
When public cloud falls short
Data, workloads and applications hosted in a foreign public cloud data centre are subject to geopolitical tensions. But even if assets are in a local public data centre, a range of issues can still affect them, including foreign government pressure, cost volatility, integration and authentication services failures, and insufficient local resources to support global fail-over.
"Recent conflicts have made geopolitical risks for public cloud providers more visible, tangible and operationally relevant, especially for Africa, which remains heavily dependent on external cloud regions and international digital routes," says Du Toit.
These differences also matter during stable periods. An example is an ISS customer who migrated to public cloud to host its mission-critical, high-uptime mining software. The goodwill didn't last. After encountering a range of issues (including frequent downtime, slow incident resolution because of overseas support models, performance degradation, billing complexity and limited application and compliance flexibility), they shifted back to a private cloud after less than a year.
Private's part in the hybrid mix
Du Toit isn't advocating companies abandon public cloud services, but rather that they pay closer attention to the different risks. An ideal model would be public cloud for elasticity and innovation, private cloud and on‑premises cloud for control and compliance, and co‑location hosting for scale and cost efficiency.
Local hosting and private cloud are gaining momentum. Cloud repatriation is real but selective. Co-location is the strategic middle ground. “Cloud‑first” has developed into “cloud‑selective”. Organisations need to understand these risks in context, which is where specialists such as ISS Technology use their expertise.
Local partners reduce risk by providing regulatory and compliance expertise, local operational support and strategic value through cost optimisation, skills availability and region‑specific resilience planning.
They manage cost volatility through strong financial governance, smart commercial arrangements and technical controls such as right‑sizing, auto‑scaling and workload placement. They strengthen security and resilience with shared‑responsibility models, robust cyber controls, physical and infrastructure resilience and strong compliance governance.
“IIS acts as a cloud risk partner, helping clients decide not just how to use cloud but also where cloud introduces risk. We support hybrid strategies that balance agility with control, ensuring critical workloads are resilient, compliant and cost‑predictable over the long term,” says Du Toit.
The ripples from wars and geopolitical uncertainty are not the only reasons to revisit cloud risks. But they expose fault lines in an increasingly complex cloud market. The bills and risks keep coming. But in South Africa's mature cloud infrastructure and service market, experts like IIS Technology are helping companies tackle their cloud risks and hosting choices.
Share
