There’s no escaping the cloud
You can run, but you can’t hide
So you think the cloud is not for you? If that's the case, you are not alone. Feedback from The Register's readership has been consistently mixed on the subject of cloud computing. In spite of all the hype, many working at the sharp end in mainstream IT departments remain sceptical.
While some dispute the economics and dismiss the claims of the evangelists as being wildly exaggerated, others point to some of the integration challenges of getting multiple cloud services working together with your in-house systems.
There are then the questions about how to coordinate security and access policies across multiple operating domains and the dangers of getting locked into proprietary services. Also, there may quite frankly be doubts over the readiness of some cloud service providers with a limited track record and/or more of a consumer background to step up to the mark when it comes to supporting core business processes.
By far the most commonly heard concern, however, is that of trust. Many IT pros are reticent about handing the corporate crown jewels, i.e. core information assets, across to a third party for safe keeping, especially when that third party is a US multinational perceived to be open to governmental snooping under the pretence of antiterrorism legislation.
And regardless of how robust the provider’s security infrastructure appears to be in physical terms, stories of admin passwords escaping into the wild and exposing private information have a tendency to feed the fears of the sceptics.
One response to this is to simply sit tight and carry on with the 'box hugging' approach, maintaining everything in house where you can keep an eye on it. But does that mean information pertinent to your organisation's business will be 'safe’ from the cloud?
I had an interesting exchange a few months ago at a vendor conference I attended that cast doubt on this. As is becoming very clichéd nowadays, the senior exec stood up and gave a keynote talking about how cloud computing was the future and how his company was well positioned to help organisations 'make the transition’.
You would get the impression from listening to him that the whole world was committed to embracing this brand-new disruptive paradigm shift that was taking place. To illustrate the point he talked about how the use of Salesforce.com had transformed his own organisation.
The following speaker that stood up was one of the vendor's customers - a big financial institution. After talking about how the vendor's traditional product offerings had helped his organisation, the floor was opened to Q&A. One of the questions asked at this point was to what degree the company had embraced cloud computing.
The answer was really not at all because, you guessed it, the idea of the bank’s data and/or core business systems being looked after by a generic third-party would be a 'difficult sell' to business stakeholders. While bespoke hosting arrangements with a trusted traditional outsourcer might be one thing, this utility stuff is a different kettle of fish altogether.
i don't see how that could ever have been legal under UK or EC law... but I imagine it is the sort of thing that actually happens all the time because of the low levels of understanding and compliance with data protection
The cloud maybe illegal in Oz
The Australian Commonwealth Privacy Act 2000 requires - in plain terms - that companies subject to it a) know what data they keep on an individual, b) restrict access to that information to employees or agents who require it, c) secure that information, d) keep an audit trail of all access to that information. Failure to meet these requirements attracts very public and very-painful-to-the-business penalties. As far as I'm aware none of the cloud owners will give an SLA that's more than 'if-it-breaks-you-own-all-the-pieces' and 'trust-us'; in short nothing that would comply with the Privacy Act. That would make using a third-party cloud illegal for large companies subject to the Act. These large companies, in turn, expect the same level of compliance from any SMBs (too small to come under the full provisions of the Privacy Act) they deal with so most SMB's would be fools to go anywhere near a cloud.
@ Scott 70
No I don't expect all IT departments to go to the cloud and I accept that my target market will find it easier to move over to it. perhaps if companies with an 'Infrustructure of magnitude to maintain' may also find it cost effective to move to the cloud.
However there are real advantages for moving to the cloud (fully or partly) for organisations of all sizes and many are implementling roll outs of 10's of thousands of users.
All i'm saying is to dismiss it out of hand is a tad short-sighted.