I think cloud computing has a great deal of potential. However, I’m not ready to trust all — or even most — of my data to the “cloud.”
However, members of IEEE (http://www.ieee.org) — a technical professional association — are working to deliver on the promise of cloud computing by helping enterprises of all sizes address the barriers that can potentially reduce the adoption rates of this game-changing technology.
IEEE says prospective benefits of cloud-based systems are hard to ignore: significant cost reductions in the operations and maintenance of the IT infrastructure; extreme scalability and accessibility; fewer concerns about overloading servers or lack of storage space; and rapid deployment. Of course, challenges and perceived risks prevail, with lingering concerns about cloud security and privacy, performance unpredictability, and if the ultimate return on investment makes cloud adoption a fit for a given enterprise.
Some believe that 2012 could be a tipping point year for cloud adoption, particularly if large enterprises can serve as trailblazers in cloud adoption. According to IEEE CIO and Senior Member Dr. Alexander Pasik, once larger enterprises witness the success of their competitors and contemporaries, more companies will transition to the cloud.
“Cloud adoption can be perceived as a threat, and talk of change is often met with resistance,” he says. “That is why it takes an informed IT team to communicate the significant impact that cloud computing can have on a business. If you’re a sizeable enterprise and you’re not doing business in the cloud, you’re making a mistake. Businesses will soon realize that it’s not a question of ‘if’ they should move cloud, it’s a question of ‘when.’ ”
Pasik predicts that in eight to 10 years, a majority of the world’s largest enterprises will be operating in the cloud. Yet he admits that concern and increased pressure on CIOs to meet stricter compliance rules and regulations in a globalized business environment presents an evolving risk that must be mitigated.
According to Dr. Siani Pearson, an IEEE Senior Member and Senior Researcher at the Cloud and Security Lab at Hewlett-Packard Laboratories, as standardization becomes more solidified, compliance will become more complex.
“Providing cloud computing services means explaining the need to comply with local and global regulations and obtaining the necessary approvals when data is accessed from another jurisdiction,” he says. “It is difficult to meet compliance requirements. Global legislation is complex and includes export restrictions, sector-specific restrictions and legislation at state and national levels. Legal advice is needed, and transborder data flow restrictions need to be taken into account. Collaboration is key in finding solutions to these complex issues. By working with internal counsel and customer-facing executives, as well as external academics and industrial partners, companies can find a broader range of interdisciplinary solutions to compliance problems.”
Security remains a major adoption concern as many service providers put the burden of cloud security on the customer, leading some to explore costly ideas like third party insurance.
“It’s a huge risk, as well as impractical, to insure billions of dollars of company data, especially if you’re a market leader in the space,” says Steve O’Donnell, IEEE member and chairman at Preventia Ltd., a security technology company in the UK. “Potential losses from losing major trading applications or logistical applications are enormous. Service providers should offer greater assurance to reduce the idea that insurance is even needed.”
Of course, there are those who say it’s perfectly safe. Cloud Computing can save companies money without putting business information at risk, according to “Above the Clouds: Managing Risk in the World of Cloud Computing, a new book by cybersecurity expert Kevin T. McDonald, senior critical infrastructure protection (CIP) and cybersecurity analyst for ICF International (http://www.itgovernance.co.uk), a provider of consulting services and technology solutions to government and commercial clients.
Through cloud computing, a company’s information technology (IT) functions are moved to an external, shared service provider and accessed over the Internet. Data is no longer stored in-house and the company no longer owns software applications. McDonald challenges the misconception that cloud computing must necessarily offer weaker data protection than an in-house server. In fact, he argues that cloud computing can help to defend an organization from IT security threats such as denial-of-service attacks, viruses, and worms.
McDonald says the concept of “outsourcing to the cloud” is proving increasingly attractive to companies seeking to save money. “The cost is falling dramatically, which means it is no longer rare for a company to consider cloud computing,” he says.
A company is charged for the use of software applications and for data storage just like being charged for electricity. By only paying for the resources used, operating costs can be reduced. McDonald says in-house data centers typically leave up to 90% of available capacity idle.
Cloud computing can lead to energy savings, too, he says. Running a data center normally requires heavy investment in generators and uninterruptable power supplies. Cloud computing removes that burden from individual companies and consolidates workloads on high-performance processors.
What’s more, outsourcing rarely needed IT tasks and functions allows IT staff to focus on core work, according to McDonald. Equally, rather than having an IT team spend valuable time monitoring the market for new products, and then facing the challenges of integrating those products into an organization, cloud computing means that up-to-date software suites are painlessly introduced across a company “from above’” by the service provider, he adds.
All good points, but I, for one, will never want to depend entirely on having my data “in the cloud,” whether it’s my songs or documents for my work. I want physical copies — or at least digital copies on a hard drive (or, preferably two, in different locations).
After all, security expert Bruce Schneier said this to say to “The Guardian” (http://www.guardian.co.uk/): “You don’t want your critical data to be on some cloud computer that abruptly disappears because its owner goes bankrupt. You don’t want the company you’re using to be sold to your direct competitor. You don’t want the company to cut corners, without warning, because times are tight. Or raise its prices and then refuse to let you have your data back. These things can happen with software vendors, but the results aren’t as drastic.”
— Dennis Sellers