Michael D. Moberly May 26, 2010
Is ‘cloud computing’ merely a 2010 version of outsourcing? To be sure, the availability of ‘cloud computing’ opportunities reflects the rising and global need for access to not only computing services, but, computing power, and its stemming from both the private and public sectors.
Advocates of cloud computing point to its elasticity, flexibility, scalability, and instantaneous self service (on demand) pay-as-you-go format which are obviously attractive features that can create substantive efficiencies. Advocates are also quick to say cloud computing is not a new technology, rather its (merely) a new business model – way of offering – delivering computing services.
There’s little question that cloud computing is a viable and efficient service option, particularly I believe, for the millions of start-ups, SME’s and SMM’s globally, many of which possess the potential for positive growth, revenue, and sustainability merely b being able to access additional computing services and power literally from their desktops. In that regard, like many other technological advances and options, there’s no turning back, nor should there be!
In light of the efficiencies and user options it brings, the ‘global cloud computing race is on’, but, as many like me, seek to fully grasp it operationally and its presumed 2011, 2012, and beyond versions/generations, I believe before companies and governments fully commit themselves to it, there remain some legitimate (risk oriented) questions that warrant, at minimum, an airing.
The intent of this post however, is not solely to point out potential risks associated with cloud computing, some of which, I suggest, have yet to be fully addressed or satisfactorily mitigated.
Instead, I approach cloud computing, as I do most other new business (client) initiatives, as one who endeavors to be an enabler and facilitator to those initiatives, not an inhibitor. So, with respect to cloud computing, I respectfully ‘bring to the table’ what I believe are relevant, timely, and important questions related to user risks and their ability to consistently safeguard company information and data ‘going into the cloud’.
Having engaged numerous members of business management teams that are unabashed advocates and users of cloud computing as conveyed through their enthusiastic portrayals of it constituting a ‘business lifesaver and growth enabler’. With all the objectivity I can muster, it appears evident, from those conversations, that many have given little or no consideration to engaging ‘the cloud’ with some of their company’s most sensitive, valuable, and proprietary information, in other words, information-based intangible assets.
Without going into a full litany of potential risks and threats potentially associated with cloud computing, I believe a key one, particularly in light of recent international events, ala Google, is the aspect of cloud computing users’ essentially ceding control to their provider, relative to the actual location and/or jurisdiction where their cloud computing occurs. In my view, this represents a priority item on management team, board and CIO, CTO, CSO, and CISO agendas that presents significant, potentially instaneous, and debilitating reputational risks!
I welcome the opportunity to learn your perspectives and views on this important and expanding arena, firstname.lastname@example.org.
(This post was inspired by an excellent presentation conducted by Dr. Giles Hogben.)