- Image via Wikipedia
I just published a piece over on CloudAve, reporting the results of a Cloud Computing survey commissioned from Kelton Research by Avanade. The survey of over 500 senior executives from companies in seventeen countries appears to suggest that cost savings and efficiency gains are being sacrificed because of significant concerns about security issues with Cloud Computing.
The same concerns were raised repeatedly in San Diego last week, where I was speaking at TTI/Vanguard‘s event on Cloud Computing.
In one of my first slides I asked whether ‘security’ was a reason for not entrusting data to the Cloud or an excuse not to change, and whilst these things are never black and white my conversations in San Diego and with Avanade CTO Tyson Hartman make me increasingly convinced that ‘excuse’ probably trumps ‘reason’ in this particular case.
Whilst not wanting to get too deep into discussions held behind closed doors at a membership event, it is worth noting that the TTI/Vanguard event began by asking attendees to rate their level of concern at each of the ten ‘obstacles’ outlined in Berkeley’s recent report on Cloud Computing (hear my podcast with two of the team, here.) Asked to rate each, simply, as of ‘little,’ ‘moderate,’ or ‘significant’ concern, I repeatedly found myself wanting to respond that an issue was (mostly) ‘critically important but easily addressed,’ or (once, I think) ‘not really that important but difficult to solve.’
Polarised like that from the beginning, security was obviously going to raise its head again and again and again; and it did. Of course security is important in the Cloud, just as it is inside your own data centre. That importance doesn’t mean that it’s an insurmountable problem. It doesn’t even, in many cases, mean it’s that hard to do something about.
One of the other points in my presentation suggested that we misguidedly – and expensively – apply blanket protections to our enterprise data. For most organisations, the vast majority of the data they hold is (to paraphrase Geoffrey Moore) merely context. Very little is core, yet the silo-based way in which we collect, store and control our data reinforces existing practice and makes it hard to even contemplate the significant cost savings and efficiency gains to be had by opening up access to some of your own contextual data in return for access to that held by others.
Just as startups without infrastructural baggage were among the first to embrace utility computing in the Cloud, maybe we need to look to similarly unencumbered organisations for real exploitation of their data in the Cloud?
Security is important, and don’t think for a moment that I’m suggesting otherwise. It’s worth remembering, though, that there are plenty of well understood approaches to securing data that work in the Cloud just as they do elsewhere. It’s also worth understanding what you’re protecting, why you’re protecting it, and the barriers to (legitimate) use and re-use that unnecessary over-protection will raise.
Related articles by Zemanta
- The Entire Web is Unsafe to Browse, Says Google (socialmediatoday.com)
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=033ebe78-fa4e-4a33-84b0-1ba451906874)
« « Talking about Data and the Cloud at TTI/Vanguard, San Diego
Paul Miller works at the interface between the worlds of Cloud Computing and the Semantic Web, providing the insights that enable you to exploit the next wave as we approach the World Wide Database.
View Comments Comments until now.
Paul: Here’s three more patterns to frame your consternation about those silo-based, defensive rationalizations you observed in San Diego. I’ve listened to 20 of your excellent podcasts since the first of the year and write you with those in mind.
Often there is no solution at the level of presenting problems because they are symptoms of underlying dynamics. Said another way, the thinking that creates the problem cannot solve the problem it created. Over-concern with data security looks to me like a symptom of significant competitive rivalries, dangerous market conditions and an imposing escalation of constraints. Protection rackets look safe, rather than costly, harmful or alienating when our minds are certain about dangerous circumstances. Making excuses would vanish as soon as competitors get eliminated, the global recession turns around and enterprises are awash in cash, credit and profitability. Sadly, there’s no solution at the level of the presenting problem.
Technological innovations first appear as things. We “make a thing” of them that then fuels the Garner hype cycle pattern. The thing generates lots of high profile media coverage because it’s news. The thing is getting conceived as a “sustaining innovation” to keep the established institutions on life support. Meanwhile low profile “alpha geeks” ( O’Reilly) are figuring out what the thing is good for, applicable to and functioning as in many different contexts. This is the lull in the hype while the apps, tools and processes get invented backstage. The “beta geeks” then get beyond the functionality to inventors. They realize how it functions for the targeted users, use cases and user experiences. This “function of the functionality” can be monetized as useful services, solutions to customer problems and value “in the eyes of the beholder”. These innovations may be disruptive to incumbent institutions while serving clouds of registered users, content generators, cultural creatives, and voluntary contributors. Clouds of servers appear to remain as a thing on my radar, while clouds of data are beginning to migrate into disruptive, monetized value propositions that serve clouds of users.
Life in horizontal space is very different from vertical spaces. In horizontal space we think with questions and learn more everyday. Our minds our open to other perspectives, mindsets, viewpoints and outlooks. We find common ground that deepens the value of our distinctive offerings. We benefit from others’ openness, transparency and accessibility. We expose ourselves to ‘drinking from a fire hose” of content to then filter, vet and selectively consider. We share what we’re realizing through blogs, comment boxes, tweets, emails, podcasts, etc.
— In vertical spaces, we think with “one right answer” to each question, established positions, rigid categories and clever rationalizations. Our minds are closed to contradictions, antagonists, and threats to our composure. We deceive ourselves in order to remain in our comfort zones. We find people who do NOT push our hot buttons, expose our incompetency or challenge our authority. We’re in a pressure cooker of productivity, conformity and compliance. We experience great difficulty seeing both sides of “our shared issue”, making nuanced tradeoffs or keeping conflicting incentives in balance. We go overboard by idealizing one side of the opportunity space while neglecting the other at great cost to ourselves and our constituencies. We cannot conceive of what we’re doing to ourselves or the situation. Our plates are full of those pressures confined to the vertical space.
I hope you find these perspectives useful.
Tom
some interesting and helpful perspectives; thanks…
Paul
[...] EMC partner on data-loss prevention (infoworld.com) The Enterprise Cloud (socialmediatoday.com) Security: reason or excuse ? (cloudofdata.com) F-Secure moves its security suit into the cloud (cloudave.com) The Enterprise, [...]
[...] Security: reason or excuse? by Paul Miller [...]