In a typical Gartner move, the analyst firm has listed several rights and one responsibility that should lead us to a better cloud-enabled world. Here's the abridged version...
In a typical Gartner move, the analyst firm listed several rights and one responsibility that should lead us to a better cloud-enabled world. "All cloud services customers should have some basic rights to protect their interests; Gartner's Global IT Council for Cloud Services has defined six rights and one responsibility of service customers that will help providers and consumers establish and maintain successful business relationships."
The abridged version is this...
1. The right to retain ownership, use and control one's own data.
2. The right to service-level agreements that address liabilities, remediation and business outcomes.
3. The right to notification and choice about changes that affect the service consumers' business processes.
4. The right to understand the technical limitations or requirements of the service up front.
5. The right to understand the legal requirements of jurisdictions in which the provider operates.
6. The right to know what security processes the provider follows.
7. The responsibility to understand and adhere to software license requirements.
While nobody can disagree with the concept here, the fact is that leveraging any type of technology comes with certain risks. In many instances, we have fewer protections with on-premise technology than cloud technology. However, considering that "the cloud" is so new and scary, we're going to see things like this from the analyst groups covering cloud, as well as new cloud standards organizations.
I'm sure the intentions here are honorable, and they are similar to other similar types of efforts made in the past. The reality is that the onus is on the cloud customer to figure out the stuff listed above. They, and only they, understand their own requirements. Thus, blanket statements such as this do very little good.
I'm working in the new cloud space right now and what's clear to me is that things like security, all covered in Gartner's rights, mean very different things from cloud consumer to cloud consumer. It's up to the customer to understand how the provided security model and mechanisms work with their existing and future requirements. You can make the same case for SLAs, compliance ("legal requirements of jurisdictions"), technology limitations, etc.
So, while these sorts of efforts will make us feel better, the reality is that using cloud computing is like using any other type of technology. The technology is simply a set of tools to solve problems, but how those problems are solved comes back to those charged with making IT work for the business. That's never going to be the cloud provider, no matter how many rights and responsibility lists you write.In a typical Gartner move, the analyst firm has listed several rights and one responsibility that should lead us to a better cloud-enabled world. Here's the abridged version...
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.