Most common cloud objections and how to handle them? (AWS perspective)

Most common cloud objections and how to handle them (AWS perspective)

When you work with companies, you will often encounter objections that they will want to address in a way that can build trust and awareness. Understanding their underlining challenges and concerns is critical in providing them with the appropriate solution.

The common objection categories selected here are

  1. Cost
  2. Security
  3. Compliance
  4. Privacy
  5. The apparent loss of control and visibility
  6. Existing infrastructure
  7. Concern of having a skill gap
  8. Vendor lock-in
  9. Sustainability

So now, let’s dive a little deeper into each of these.

Understanding your customer’s underlying challenges and concerns is critical to providing them with the appropriate solution.

1. “The cloud is too expensive.”

Moving to the cloud can actually be less expensive. So when a company has this concern, one way of approaching it is to remember that, depending on the workload, there can be significant cost savings when moving from on premises to AWS cloud. And there’s a recent study that shows a reduction of 27.4% in overall span per user for an application when surveying a thousand customers before and after migrating to AWS.

AWS cost optimization

We have tools and methodologies to help build a business case projecting the cost savings that a move to AWS can offer. The move to the cloud offers added benefits that can also help increase margins while delivering business value beyond mere financial considerations. Examples include staff productivity, operational resilience, and business agility.

Ways you can optimize to save customers money

  • Choose the right pricing model – AWS offers pay-as-you-go pricing for over 200 cloud services. Companies can save when they commit to an AWS service or service category for 1 – 3 year period. This is called a Saving Plan, which offers cost saving when companies commit to a specific usage (USD per hour). Companies receive volume-based discounts as usage increases.
  • Match capacity with demand – AWS is expanding its services to support virtually any cloud workload. It has more than 200 fully featured services. In addition to having a great breadth of services, AWS also has deep functionality within those services, providing customers with the right services for the right workloads.
  • Implement processes to indentify resource waste – in the past, organizations had to choose between innovating faster and maintaining control over cost. AWS offers several management and governance services, so customers don’t need to choose between innovation and control; they can have both. This includes services such as Amazon CloudWatch, which provicdes customers with actionable insights to optimize resource use.

Customers are moving toward a hybrid cloud approach to complement their current data center footprint. This helps them continue to grow and only pay for what they use, without paying for max capacity. Additionally, hardware buyback programs and financial incentives exist to help offset the cost of moving to AWS.

2. “Will our data be private?”

Security, privacy or compliance related objections can really come under different ways. They can be about privacy, they could be more specific to a given regulation or an industry and so on.

This concern around security can actually be an opportunity to bring forward one of the main drivers of why customers are moving to the cloud, the fact that it helps get an improved security posture, even for the most secure, sensitive organizations.

When it comes to data security, AWS is architected to be the most flexible and secure cloud computing environment available today. 

AWS core infrastructure is built to satisfy the security requirements for the military, global banks, and other high-security organizations. Read the following points for more information. 

  • Cloud security tools: AWS has over 500 security, compliance, and governance services and features. 
  • Standards and compliance certifications: AWS supports 98 security standards and compliance certifications. 
  • Data encryption: All 117 AWS services that store customer data offer the ability to encrypt that data. 
At AWS, security is top priority.The security posture is higher than in legacy environments.Customers inherit all the benefits of our experience.Security is validated against the strictest of third-party assurance frameworks.

Some of the most security-sensitive organizations, whether public government agencies or private entities, are choosing AWS to improve their security posture. Examples include healthcare, banking, legal, and pharmaceutical. 

Customers decide where their data is stored and who has access to it. Because AWS builds and runs its own Regions, customers can use all AWS services to process personal data that is uploaded to the AWS services under their AWS accounts, in compliance with regulations such as the GDPR.


AWS customers can choose to encrypt their content as part of a standard security process for highly sensitive content. AWS provides tools that customers can use to encrypt their data at rest or data in transit, or customers can choose from several supported third-party security solutions. Content that has been encrypted is rendered useless without the applicable decryption keys. 

Government agencies

An indicator of how committed AWS are in terms of security is how we have dozens of government agencies, branches of the military, international banks, and other highly regulated industries using AWS services. 

Two examples on government compliance (CLOUD Act and GDPR):

Clarifying Lawful Overseas Use of Data (CLOUD) Act

  • Provides a limited mechanism for US law enforcement to request data
  • Creates additional safeguards for cloud content
  • Does not affect AWS services or how we operate our business

For more information, see

General Data Protection Regulation (GDPR)

  • A European privacy law
  • Harmonizes data protection laws throughout the European Union (EU)
  • Applies to all organizations established in the EU and to any organization that processes personal data of EU individuals

For more information, see

Shared responsibility model

Selecting the most secure cloud provider doesn’t automatically make you secure and compliant. Security and compliance is a shared responsibility. 

  • AWS is responsible for security of the cloud, which means that it is responsible for the security measures that it implements and operates. AWS is responsible for protecting the global infrastructure that runs all the services offered in the AWS Cloud. This is our number one priority. AWS is also responsible for the security configurations of its managed services products. 
  • Customers are responsible for security in the cloud, which means that they retain control of the security that they implement to protect their own content, platform, applications, systems, and networks―just as they would for applications in an onsite data center.

3. “How do you ensure that sensitive data is not inadvertently exposed?”

Loss of control is not only a security concern. It also relates to the apparent loss of visibility because the infrastructure is not where the customer can see it and touch it. 

Talking about visibility, governance, and control, cloud customers have more visibility and control than ever before. Because now they have centralized monitoring and governing tools such as AWS Cost Explorer, AWS Security Hub, CloudWatch, AWS Config, and AWS Organizations that will help them have visibility and control at scale. Every server on AWS can have up to 50 labels attached to it. These can be then fed to a centralized dashboard for visualization and control. Every developer can directly see how their design decisions are affecting invoicing, for example. 

If you have a company which is concerned with sensitive data being exposed when they use S3 buckets. Those objection could be handled following:

Global commitment. AWS provides a range of features and services that can help avoid misconfiguration.  With AWS CloudTrail, customers can log, continuously monitor, and retain account activity across their AWS infrastructure. This simplifies security analysis, resource change tracking, and troubleshooting. 

How the commitment is followed through. The Amazon Macie security service uses ML to help customers prevent data loss by automatically discovering, classifying, and protecting sensitive data stored with AWS. This fully managed service continuously monitors data access activity for anomalies. It generates detailed alerts when it detects a risk of unauthorized access or inadvertent data leaks, such as sensitive data that a customer has accidentally made externally available.

AWS and its partners work closely with customers to understand their data protection needs and offer a comprehensive set of services and tooling. AWS provide technical, operational, and contractual measures needed to protect customer data. 

With AWS, customers manage the privacy controls of their data, control how the data is used, who has access to it, and how it is encrypted. AWS underpin these capabilities with a flexible and secure cloud computing environment.

4. “We are heavily invested in our on-premises infrastructure.”

Most AWS customers run hybrid infrastructures, meaning that some of it is in more traditional on-premises data centers and other parts are in the cloud. Moving to AWS does not mean an all-or-nothing move and getting rid of your customer’s present investment. It is about optimizing and streamlining their infrastructure, meaning they move to the cloud only what makes sense.

This hybrid approach is possible because AWS has such a wide offering of hybrid cloud solutions, which includes Amazon Virtual Private Cloud (Amazon VPC), AWS Direct Connect, and AWS Storage Gateway.


An example of hybrid solution is VMware Cloud on AWS. We have many customers who have made large investments in VMware software to manage their on-premises infrastructure, and these customers wanted to use those same tools to manage their infrastructure on AWS. We worked with VMware to build a unique offering, VMware Cloud on AWS, which is a jointly engineered service delivered, operated, and supported by VMware. With VMware Cloud on AWS, customers can use their existing VMware software and tools to take advantage of the AWS global footprint and breadth of services in a seamless way.

“Our serves run at optimal capacity”

A study by 451 Research indicates that the average server use rate is 18 percent. That means that a significant amount of capacity is unused. AWS has a structural advantage stemming from its organizational design. AWS aligns data center facility and IT teams, engineering expertise, and custom hardware with a cloud business model that drives server use much higher than on-premises data centers.

We are a Microsoft Shop

Fifty-seven percent of Windows servers run on AWS. Additionally, there is an incentive programs, such as Windows Rapid Migration Program (WRMP) and licensing assessments to help make the transition easier.

5. “Our existing staff do not have the cloud skills to support this project.”

It signals the opportunity to position the value of AWS Partners and how engaging a partner can accelerate the customer’s time to value for AWS solution. So obviously your response to this objection will vary based on the company’s business model and expertise. For services partners, it’s a great opportunity to share specific success by solution or segment. 

If your customers are concerned about their employees’ skill gap, how would we approach this conversation? First, we need to acknowledge that they’re right. This is, indeed, a shared concern. It’s one of the biggest bottleneck to cloud adoption. Before moving to the cloud, we recommend doing what we call a readiness assessment, and part of this assessment is to identify the gaps, one of them being the skills gap and how to address it.

Mitigate skills gaps

  • Reduce the gap by selecting a migration strategy within the comfort zone and capabilities of the organization. Migrating isn’t a synonym of modernizing. Customers can pick more familiar cloud options.
  • Bridge the gap internally by upskilling staff.
  • Bridge the gap externally. AWS Partners can assist in bridging the gap while customer upskills their staff. Customers can also delegate operational heavy lifting to partners or to AWS Managed Services (AMS), so that their staff can focus on business-related, value-added tasks.

6. “Moving to the cloud means that I am dependent on one platform vendor and its offerings.”

The term lock-in can be misleading. We’re really talking about switching costs. Switching costs exists with any IT solution. Even if you were to invest on open-source on a free solution, the time you’ve invested on that solution would have a cost if you decide to switch out of it. So freedom to switch to another provider is commonly known as reversibility. 

Freedom to switch to another provider is commonly known as reversibility.

  • The cost of switching is a compromise between the initial cost and the future cost of transfer.
  • From a technical point of view, AWS offers many services based on open-source solutions that make it possible not to be “locked” to a technology and that provide customers with the best possible reversibility. 
  • The AWS Cloud has lower lock-in because it’s a pay-as-you-go model. Customers have choice and control of the pace of their move to the cloud. 

Learn more: Switching Costs and Lock-In | AWS Cloud Enterprise Strategy Blog

7. “Can AWS help us improve our sustainable use of our IT landscape?”

In 2021, Amazon co-founded The Climate Pledge. It’s a commitment to achieve a net zero carbon emissions across our businesses by 2040, and to invite others to sign on to this new level of ambition. As part of path to the pledge, Amazon has made significant commitments that are reaching goal.  

  • AWS provides knowledge and tools for organizations of all sizes and across all sectors to build and implement solutions that meet their sustainability goals.
  • In 2018, an IDC study indicated that almost all organizations are using AWS, at least in part, as a greenfield environment for IT and business expansion, that is, for net-new applications and services.
  • Organizations are implementing sustainability practices across their operations.  

How AWS helps with a range of sustainability initiatives:

Carbon measurement and reporting. Transform business processes across the supply chain into a carbon equivalent to accurately benchmark, manage, and report on sustainability progress.

Sustainable building management. Understand the carbon emissions from your building operations to identify areas for energy efficiencies and carbon reduction.

Sustainable packaging. Decrease packaging waste, transportation cost, and carbon emissions using data analytics and ML. 

In 2019, AWS commissioned a report on carbon emissions of the cloud in comparison to typical enterprise data centers. It found that AWS is significantly more energy efficient and has a significantly smaller carbon footprint, than most US data centers.

The AWS infrastructure is 3.6 times more energy efficient than the median of the surveyed US enterprise data centers. And AWS performs the same tasks with an 88 percent lower carbon footprint

Because control of all AWS Regions and supply chain, AWS can rapidly roll out efficiency improvements around the world.