Feeds

Easier to secure the cloud than your data center - IBMer

Really?

5 things you didn’t know about cloud backup

To summarise, a rant

Risk and responsibility are the big issues here. A corporation hosting its important data retains control over security and the risks it is willing to take. If it screws up, it pays the price for it. In a cloud scenario, this isn’t the case. With most cloud providers, a security breach or provider screw-up will yield a heartfelt apology and a refund of the current month’s fee – and no more.

When we’re talking about important applications and data, the risk imbalance between the customer and cloud provider is massive. If there is a security failure or loss of data, you, the customer, could conceivably be put out of business. The cloud provider? They risk some reputation points and lost revenue – but they probably have plenty of other customers, or at least can get some more.

And you? You’ll be on the street living in a cardboard box and eating out of dumpsters until you finally die of exposure. Or, after being found guilty of criminal mismanagement of data, you’ll be thrown in prison and get shanked during a mess hall riot. Okay, maybe it won’t result in death … but having your business go down the tubes due to a cloud problem would be plenty uncomfortable.

Cloud providers have to put real skin in the game and provide explicit and specific guarantees on security and availability to convince enterprises that this is a valid choice for critical processing. SLAs will have to be negotiated and agreed upon, with penalties and remedies stipulated up-front.

To make this worthwhile, the cloud provider must have at least a minimum usage commitment from the customer that covers the provider’s costs. The cloudy ‘pay only for what you use, as you use it’ model is a non-starter in this context.

To conclude, a truly secure cloud offering isn’t really a cloud at all, in my opinion. It’s really a traditional hosting or outsource agreement. And those have been around for a long, long time. They aren’t trendy, hip, or cool, and in a lot of cases they end up costing more than providing the same functions in-house.

IBM, of course, is a leading provider of outsourcing and is also a cloud provider, so they have more than a little interest in getting enterprise customers to embrace clouds. [end rant]

The last line in the IBM blog asks, “Is Moss right? Or is this a bunch of self-serving IBM marketing spin?”

I weigh in on the side of “Self-serving IBM marketing spin.” But what do you think? Use the comments section below to share your own thoughts or rants. ®

Build a business case: developing custom apps

More from The Register

next story
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
Shoot-em-up: Sony Online Entertainment hit by 'large scale DDoS attack'
Games disrupted as firm struggles to control network
Silicon Valley jolted by magnitude 6.1 quake – its biggest in 25 years
Did the earth move for you at VMworld – oh, OK. It just did. A lot
VMware's high-wire balancing act: EVO might drag us ALL down
Get it right, EMC, or there'll be STORAGE CIVIL WAR. Mark my words
Forrester says it's time to give up on physical storage arrays
The physical/virtual storage tipping point may just have arrived
VMware vaporises vCHS hybrid cloud service
AnD yEt mOre cRazy cAps to dEal wIth
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.