The Register® — Biting the hand that feeds IT

Feeds
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

To summarise, a rant

Risk and responsibility are the big issues here. A corporation hosting its important data retains control over security and the risks it is willing to take. If it screws up, it pays the price for it. In a cloud scenario, this isn’t the case. With most cloud providers, a security breach or provider screw-up will yield a heartfelt apology and a refund of the current month’s fee – and no more.

When we’re talking about important applications and data, the risk imbalance between the customer and cloud provider is massive. If there is a security failure or loss of data, you, the customer, could conceivably be put out of business. The cloud provider? They risk some reputation points and lost revenue – but they probably have plenty of other customers, or at least can get some more.

And you? You’ll be on the street living in a cardboard box and eating out of dumpsters until you finally die of exposure. Or, after being found guilty of criminal mismanagement of data, you’ll be thrown in prison and get shanked during a mess hall riot. Okay, maybe it won’t result in death … but having your business go down the tubes due to a cloud problem would be plenty uncomfortable.

Cloud providers have to put real skin in the game and provide explicit and specific guarantees on security and availability to convince enterprises that this is a valid choice for critical processing. SLAs will have to be negotiated and agreed upon, with penalties and remedies stipulated up-front.

To make this worthwhile, the cloud provider must have at least a minimum usage commitment from the customer that covers the provider’s costs. The cloudy ‘pay only for what you use, as you use it’ model is a non-starter in this context.

To conclude, a truly secure cloud offering isn’t really a cloud at all, in my opinion. It’s really a traditional hosting or outsource agreement. And those have been around for a long, long time. They aren’t trendy, hip, or cool, and in a lot of cases they end up costing more than providing the same functions in-house.

IBM, of course, is a leading provider of outsourcing and is also a cloud provider, so they have more than a little interest in getting enterprise customers to embrace clouds. [end rant]

The last line in the IBM blog asks, “Is Moss right? Or is this a bunch of self-serving IBM marketing spin?”

I weigh in on the side of “Self-serving IBM marketing spin.” But what do you think? Use the comments section below to share your own thoughts or rants. ®

Agentless Backup is Not a Myth

Page:

COMMENTS

House Rules Send Corrections
All Reader Comments (30)
Highly Rated
danolds
Reply Icon

Nope, not my point

My point in bringing in the hosting provider/outsourcing angle isn't that I think they are necessarily more secure than clouds or 'better'. What I meant is that with a traditional hosting/outsourcing agreement you have a negotiated contract and the ability to nail down highly specific terms and conditions. We don't seem to be seeing that level of agreement with clouds.

I fully agree that the customer/buyer HAS to do their security, avaiailability, flexibility and cost due diligence with ANY third party provider - even if it's just a website in the clouds....

2
0
Scott Broukell

blue, cloudy, sky thinking

So let some nu Cloud Host float some target data up there and let's see if anybody can shoot it down. We've rushed into new areas all too often in the past without proper field testing. Clouds aren't renowned for being bullet proof. My way of thinking is to keeps my feet and puters firmly planted on the ground for a long while yet. But then I am an old duddy fuddy, but I am open to new ideas, when they are tried and tested old ideas that is.

2
0
ScepticMan

There is a big difference between "can be" and "is" ...

.....and vendors love to exploit the difference.

So a sentence like "‘There’s a misconception that cloud is less secure than traditional IT environments,’ says Moss. ‘The cloud can actually be more secure.’”

... is a load of brown coloured spin.

I picked the picture of a vendor with his hand in your pocket.

1
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
136
breaking news
Julian Assange: Google's just an arm of US government
Pale, embassy-dwelling blond claims conspiracy betweeen ad giant, politicians
115
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
Google flings another £1m at online child sex abuse vid CRACKDOWN
See, see, we're trying, ad giant tells Daily Mail UK.gov
41
Report: Cloud could slash biz software energy use by 87%
Study sees millions of redundant servers slurping power
23
breaking news
CIA spooks picked Amazon's 'superior' cloud over IBM
Procurement report reveals tech gap in cloud cold war
38
Bone up on fresh EU privacy law - or end up in the clink, IT biz warned
Resellers no longer just flogging boxes - now they must offer legal advice
12
breaking news
MPs demand UK rates revamp after Google's 'extraordinary tax mismatch'
Report: 'Highly contrived' structure has damaged HMRC's reputation
101
Amazon SLASHES hosted database prices
Microsoft, Google, stare meekly at own margins
8
Tech giants' offshore cash-stashing is only ever a delaying tactic
Someone always pays, sooner or later
68