I agree with you, up to a point. You need someone with some experience to set those things up. I mean, obviously even with these alternate solutions you still need to be security conscious. However, I went the AWS route and set up my whole environment running Ubuntu Server with Apache/RDS/S3... but despite all of my best efforts, I'm a programmer. I'm so afraid that I left some stupid setting in some obscure file unchanged that will give someone a backdoor to my server or database. With some of these platforms as a service they force you to use best practices, where you could set it up yourself with a not-so-strong password or something.