A relatively young friend of mine recently asked me to make the case that “the cloud” was secure. We talked for ten minutes and, a few days later, I was still thinking about our conversation.
Here are some thoughts on what I consider to be the “right way” to think about cloud computing:
There is no one “cloud.”
This is perhaps one of the largest misconceptions among many business folks and even some relatively technical ones. As a DropBox user, I am relying upon a public cloud. That’s a far cry from the expensive private clouds that many companies are building to power their businesses and protect valuable corporate data. Hybrids or semi-private clouds also often viable options when no single organization can afford to pay for the whole infrastructure. (See multi-tenancy.) That is, they only pay for the time they spend “on the cloud.”
Don’t think of security as a binary.
When you understand the above, then security starts to make more sense. I don’t like to think about security in an abstract sense. There is no such thing as absolute or complete security, and that includes keeping your data entirely offline (read: in paper files in an office or physical storage facility.) Make no mistake: fires, floods, and theft have destroyed a great deal of critical corporate data in their day. Perhaps keeping apps and data on-premise is more secure than a generic “cloud.” Perhaps not. Too many other factors are at play to make blanket generalizations about that those.
Cloud computing is an increasingly busy and crowded market.
Even established vendors like Amazon are introducing new services–and augmenting current offerings. See Amazon’s recent Zocalo announcement. What’s more, large companies are buying smaller ones at a rapid rate. Case in point: IBM gobbling up Cloudant. Rackspace may go poof by the time that you read this post.
Not every application can be ported to “the cloud.”
As I know all too well, plenty of organizations have not retired legacy applications that are, well, long in the tooth. For this reason, marching entirely toward cloud computing may not be an option.
Savings comes via subtraction, not addition.
Adding new cloud-based services without removing existing and expensive components doesn’t drop total IT costs. Addition by addition means more. Period.
There is no such thing as absolute or complete security.
As I discuss in The Next Wave of Technologies, there’s a great deal more to say about cloud computing. If you’re new to the area, though, it’s wise to start with these fundamental tenets.
What say you?