Part 1 of this series began a high-level, reader-friendly, discussion of concerns surrounding the ‘Cloud,’ what it is, and helping address concerns around its use. Here, in Part 2, the discussion continues further….
…For some consumers, and businesses too, there remain a number of additional concerns regarding the cloud. For instance, they may view the ‘cloud’ as fine for pictures, yet inappropriate or ‘unsafe’ for hosting financial, healthcare, or other sensitive data.
(Building on availability and SLA concerns discussed in part 1.) Consumers in particular tend to make broad assumptions about the services they’re using. For instance, not too long ago users of popular Flickr photo sharing service experienced problems. Reports indicated a number of accounts had been unrecoverably lost (along with their pictures). Users assumed Flickr would recover, restore their data, and they’d be back on their way. Not the case.
The use of services like Flickr for photos, and professional Cloud services hosting healthcare, finance, and other more-critical content, should not be lumped together. There are distinct differences in the underlying offerings.
For instance, from the Yahoo! (owns Flickr) Terms of Service, we find: “You agree that Yahoo! has no responsibility or liability for the deletion or failure to store any messages and other communications or other Content maintained or transmitted by the Yahoo! Services.”
In short, yes, if Flickr’s users didn’t maintain their own backups of their content, independent of Flickr, then shame on them. I feel for them, but they defaulted on their own responsibility. Flickr, Yahoo!, never told them their content was safe. If anything, it said exactly the opposite.
Yes, I expect even services like Flickr maintain their own backups. But of what? Most likely they are keeping backups of—their system—and not user content. They want to be able to restore the infrastructure ASAP and then you get to reload your content (emphasis on Your).
This differs from offerings of professional cloud service providers, such as those handling healthcare, financial, and other security-conscious content.
Their customers, such as your healthcare payers (for example) make broad use of cloud offerings. While you, or your business might not do so, make no doubt about it—there is a LOT (e.g. multi-millions) of people’s content housed in the cloud.
What is the driver here? In many cases it is a matter of externalizing non-core activities. Their focus is paying your healthcare provider, not in long term document handling and archiving. That is what formal data repositories do best.
How you define ‘safer’ is important. There is much more involved than two individuals, doing point to point transfers using SSL enabled browsers, being worried about in-transit intercepts.
When dealing with health, financial, or other security conscious content, SSL, AES, and other encryption solutions are the norm. Cloud service providers typically operate high end data centers, with high availability hardware, on and off site backups, mirrored redundant remote sites, and the like. These service providers may also be doing other work for you, such as AP workflow or healthcare adjudication. In these cases it may be common for dozens of copies of your data to reside across their processes.
Where is your data safer? How many of us, as individual businesses, are going to invest in that level of data protection? The answer: very, very, very few. And if that’s the case, where is your data safest? Or on an external USB drive on the admin’s desk (yes, real-world example)?
The cloud is already very mature…and will continue to evolve. Today’s call to action, keep an open mind, comment on the brightest uses of the cloud you have seen.
Perhaps the cloud’s biggest benefits extend from what it can do in the context of mobility. That, suggests a future post.
(photo credit: Colin Broug)