When cloud computing arrived at center stage back in the late 1990’s, it was the future. It was the invention of the microchip all over again. IT departments and CFO’s everywhere were breathing a sigh of relief. They saw the cloud as a means to ending budget overages, pesky support tickets and reducing hardware costs. As soon as the media got wind of this nifty cloud thingy, well, the cloud metaphors were more prolific than Captain America cosplayers at a Comic-on. In fact, one could even say the media was largely responsible for the cloud’s success. After all, we know the media is built on driving the rise of a trend and then greedily exposing its crash and burn. That begs the question, is cloud computing really as fabulous as we think it is? Is the cloud a victim of commercialism or a suspect in the breakdown of data security?
The whole concept of cloud computing is rooted in the surrender of data to an outside multiple server-based resource. Sure, everything is accessible via the network and of course it is all quadruple encrypted etc. etc., but the very essence of the cloud means redefining security protocols captain america cosplay to include an outside entity. Liken it to handing over the security of your home to a neighbourhood kid. Yes, the kid is smart and responsible, at least in outward appearances; but he is still young and relatively untested. That’s ok; we will give him a list of do’s and don’ts. What could possibly go wrong?
Let’s name that neighbourhood kid. Let’s call him Amazon. He was the first to offer his services, and did a fabulous job of doing so. Amazon was charming, easy to access, well known in the community and very accommodating. So we handed over said list, keys to the front door and went on our merry way. Then on April 21st 2011 Amazon got sick. Continuity of service was suddenly compromised, leaving the home vulnerable in a neighbourhood of thieves. Access wasn’t even possible; Amazon was inaccessible and had the keys. There we were, left standing in the rain with nothing. No files, no access, no means of contacting anyone, nothing. Damn that Amazon, how did this happen?
In reality it wasn’t the kid’s fault. Amazon is just a child; we were the decision maker in this scenario. We signed the contract. We are supposed to have the education, training and where-with-all to consider any eventuality. Choosing a cloud to reduce costs is a smart option and it does solve a lot of problems, but it doesn’t solve everything. After all, any system that puts all the eggs in one basket is just asking for breakage. Conduct a risk assessment. Do some strategic planning. Utilise that diversely talented set of staff and do some brainstorming. Consider designing an assortment of cloud service options from varied providers. Prioritize cloud cost alongside data importance. For example, try using the new guy down the street for back up inventory files and the larger corporate wigs for client files.
It turns out Amazon had a few broken blocks (EBS), sending him into paralysis. He wasn’t ready for all the work he took on. Amazon was a victim of the Peter Principle, that is, rising to a position higher than his level of education or ability. On the other hand, who initiated the hype? Whose marketing department took the cloud and ran with it… Amazon’s! In this case, the cloud was both the victim and the suspect. If we consider the cloud on a macro scale, it is a system still in its teen years. According to the Enterprise Management Associates (EMA), “70% of cloud deployment has required redoing or rethinking”. That sounds about right for new technology doesn’t it?
Cloud computing is not the answer to everything. It isn’t the golden ticket, the end to internal data servers, the saviour of IT budgets and abolishment of client support tickets, at least not yet. One day when we are old and grey the cloud will be as reliable as electricity is now. We won’t even think twice about the cloud failing us. Until then, remember security in cloud computing is not just a perception issue, it is a reality issue.