The problem with online applications is that they put user data under someone else's control.
The problem with online applications is that they put user data under someone else's control.Consumers put up with this because they value free services like Gmail or Google Docs and either they can't place a value on access to the analytics data they generate or they can and the value lost is less than the gain. They also trust Google or whatever company provides their online applications not to do anything nefarious. It's good bet, usually.
Businesses worry more about the arrangement. Security and data protection are often legal requirements. Trusting critical business data to an online service provider isn't easy because the potential damage is significant.
But it doesn't have to be that way. We talk about the cloud -- the artist formerly known as the network -- as if it's a single place, but there's no reason why the cloud can't be dispersed and put under the control of individual users and companies.
The bank model, where customers' assets are deposited for centralized management, doesn't make sense for data. It works for Google, because Google uses centralized data to subsidize services through ads. But it becomes more problematic for paying customers.
As a paying customer, why can't I purchase access to online applications without giving up control of my data? Tenants renting property from landlords have privacy rights that prevent landlords from dropping by whenever they want to see what's going on. They have the right to maintained locked areas. Why shouldn't software users have the same rights? Why can't online applications be more like server-installed applications offered by Web hosting operations?
Companies paying $50 per year for Google Apps or some similar service should be able to store their data encrypted on a partition that operates like a remote server. They should have access to the Web logs for traffic hitting their rented app. What they'd be buying from Google is essentially IT administration for a remote server. Google would guarantee security and uptime; the customer would control everything else.
Google's architecture might not allow this and it might not make sense given Google's business model. But an approach more like Web hosting might work for Amazon Web Services. It's not a major leap to go from paying for CPU cycles, storage, and data transfer by the drink to paying for application use. And there's certainly precedent for hosting arrangements that put the customer in control. Online storage services like Mozy, for example, allow users to store their files under their own encryption key.
Ultimately, there's no reason why running an app like Word locally or through an instance on a virtual server should be any different in terms of the amount of control available to the user.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.