I think there's a bit of oversimplification going on. Sure, free, or almost free, stuff is available everywhere. But at what cost?
How much work do we have to do to get this "free" thing? What privacy do we give up? What if we're working on something that's part of a product, or otherwise proprietary?
The idea that everyone is doing it, so we should stop being sticks in the mud and just jump on the bandwagon, is harmful and ignorant.
"My data has never been stolen from the cloud" is about as ridiculous as the fortune quote, "As far as we know, our computer has never had an undetected error." How would you know until it's way too late?
Or, even better, you find out the data you've used in the cloud has been leaked on the Internet. Was it AWS? Was it crappy software on your laptop? Or was it a breach on your network? You've just made finding out that much harder, particularly because the cloud doesn't have logs that you can audit, nor real, understanding humans with whom you can correspond.
People who don't understand security can't really be faulted for eschewing the idea of using the cloud for everything, but people who know better really shouldn't be pushing these unhealthy ideas.
If this paradigm catches on there's no reason you won't be able to do the same thing with your own infrastructure.
I know this is a straw man because I can't know what sort of infra you're imagining, but I suspect a lot of people would be more comfortable with their builds stored on S3 under the scrutiny of their security team rather than on their engineers' laptops.
How much work do we have to do to get this "free" thing? What privacy do we give up? What if we're working on something that's part of a product, or otherwise proprietary?
The idea that everyone is doing it, so we should stop being sticks in the mud and just jump on the bandwagon, is harmful and ignorant.
"My data has never been stolen from the cloud" is about as ridiculous as the fortune quote, "As far as we know, our computer has never had an undetected error." How would you know until it's way too late?
Or, even better, you find out the data you've used in the cloud has been leaked on the Internet. Was it AWS? Was it crappy software on your laptop? Or was it a breach on your network? You've just made finding out that much harder, particularly because the cloud doesn't have logs that you can audit, nor real, understanding humans with whom you can correspond.
People who don't understand security can't really be faulted for eschewing the idea of using the cloud for everything, but people who know better really shouldn't be pushing these unhealthy ideas.