Bigger than development, however, is the head of steam building up behind virtualized clients. So far, the success story has been virtualized servers, with the unwashed masses of confused clients lagging far behind. In 2012, that's about to change. Didn't we say that last year? This time, it's real. Big advances are being made in keeping virtualized clients secure, in some cases, lead by Citrix Systems. If virtual desktops are more secure than physical ones, then a major cost justification for the move materializes. A virtual user interface that can move from device to device resolves some of the conflicts preventing the transition to bring-your-own-computer to work. Look for a major ATM supplier, Diebold, to describe how it's using virtual end-user transactions to secure its ATM networks. Personal data can't be stolen (the way it was at supermarkets) if it's not resident on the endpoint transaction machine. If it works on ATMs, it may work on your end-user clients.
4. Cloud Security ... In Depth
In a conversation, Capgemini CTO Joe Coyle made an interesting prediction: "An accepted security model will come to the cloud in 2012." Amazon started 2011 with a new PCI compliance rating that said secure credit card transactions could be executed in EC2. During the year, cloud provider Terremark's NAP of the Americas data center in Miami, Fla., passed the Department of Defense's Information Assurance Certification and Accreditation Process, while Harris implemented its Cyber Integration Center for healthcare data processing, with market-leading defenses in depth. Security can be achieved in the cloud as well as the enterprise data center. "It's a matter of both the clients and the vendors understanding who has responsibility for which pieces," said Coyle. And in 2012, a blueprint for how that's achieved will be laid out.
5. Green Eye Shades Or Shades Of Green?
Builders of new data centers, including Facebook, Google, Amazon, and Microsoft, boast about the new levels of energy efficiency that they've achieved. With melting ice caps, we are not far off from when individual electricity consumption will be monitored with the same intense scrutiny as home consumption, and energy-efficient clouds will appeal to both IT and consumers. Not all applications need 300-watt, high-capacity, and high-speed servers behind them. In some cases, 15 or 20 watts will do. The intense use of mobile devices could in many instances be served by leading edge, energy efficient data centers, perhaps populated with servers like the ones HP announced using Calxeda's ARM chip. Maybe the Cortex chip servers, using 89% less power than conventional ones, wouldn't be the best platform for streaming video of the ballgame you want to see. But they'd be fine for the occasional burst of data telling you what the score is. And they'd keep you out of the red zone of too much energy consumption.
6. Going Over To The Dark Side
In 2012, we will see the first incident where a hacker gets inside a public cloud and produces mischief and mayhem. He will seem to understand its infrastructure, its protective measures and for a time will defy expulsion. CIO Jerry Johnson's account of how a hacker (unidentified but possibly a Chinese intruder) got into Pacific Northwest National Lab is too compelling a story to allow me to believe the public cloud has better defenses than it did. At this stage of cloud computing, too many doors are constantly opening and closing to the public cloud for defenses to cover all eventualities. Defense in depth is needed and is coming, but is not quite sufficiently in place to prevent an incident.
Charles Babcock is an editor-at-large for InformationWeek.
In this Cloud Connect webcast, learn how an automated, secure service in the cloud can remove the burden of managing the complex and error-prone data protection process. It happens Jan. 17.