Amazon, Google, Microsoft and others are investing aggressively in the cloud, even as critics point to security, reliability, and compatibility issues. We cut through the fog.
2. Privacy Concerns
Myth: Cloud computing is the end of privacy as we know it.
Privacy fears over cloud computing can be seen as an outgrowth of privacy concerns in general, with cloud computing just being the bogeyman / whipping boy of the moment. That said, there's solid reasons to be skeptical -- or, if you're a creator of cloud-based services, to be cautious.
What makes cloud computing such a fierce target for privacy advocates is not only the newness of the technology, since every freshly minted technology is a possible privacy suspect. It's also the fact that cloud computing, on the face of it, can cause a huge degree of aggregation across multiple IT spheres. When you have many disparate things suddenly all under one roof, it translates into "single point of failure" and "all your eggs in one basket." It's not your data anymore, either; it's someone else's, and whatever happens will happen on his watch. There's a chance that provisions about your data security aren't even in the contract you signed.
It's difficult to write off such concerns as mere paranoia -- not when most data leaks and theft happen from within organizations as inside jobs, rather than from outside attacks. Worse, people who store their data on other people's systems might not have the law on their side when expectations of privacy become a legal issue.
Cloud providers need to be proactive about this, early in the lifecycle of their services. They should spare no expense to make it clear to their customers -- and, by extension, their customers' customers -- that data and process security can be protected from outside attacks and internal theft, and where they stand vis-à-vis the law whenever possible (if only by making their terms of service as explicit as possible).
Providing security for user data actually isn't the hard part; there are plenty of examples of how this could be implemented. Mozy, the online backup service provider, addresses questions of privacy by allowing the customer to provide his own high-grade encryption key for his data. The backed-up data cannot be read by anyone else, Mozy included. If you leave the service, you take the key with you; the data becomes unreadable by default.
What's going to prove more difficult is crafting a forward-looking policy for privacy -- figuring out how much you can guarantee, or expect, in the cloud. The more explicit you can be, the more usage cases you can cover, and the more proactive you can be about everything you didn't think of the first time, the better.
Myth: Cloud computing is not reliable.
File this one under "guilty until proven innocent." The cloud's been acquiring a leaden lining as of late -- a bad reputation for being questionably reliable. When T-Mobile's Sidekick service crashed recently and lost a ton of user data, criticism flew in all directions -- much of it aimed at clouds-in-the-abstract. The story has a happy ending -- everyone's data appears to have been recovered -- but does anyone want to sit through an experience like that again?
SaaS As Innovation Driver?Software as a service is the clear No. 1 way enterprises consume cloud. InformationWeek's SaaS Innovation Survey reveals three tips to get the most from SaaS: Make it a popularity contest. Have an escape plan. And remember that identity is the new perimeter.