Security in the Cloud
The latest Webinar I recorded for Cisco’s 200 odd clients in Pan Asia was a hectic but very interesting experience. Hectic because of the Financial Year end in my job but interesting as the research material gathered from my Research Assistant provided me with learning’s and insights that allowed for a rich and interesting coverage of the “Cloud” phenomena.
If you want to watch the Webinar, please download it here
The key messages are that Cloud is: Affordable, Scalable, Easy to use, ideal especially for SOHO’s SMBs and large corporate alike. Using Cloud Software on Demand as I call it has added benefits that it has a massive positive impact on your Bottom Line, your shareholder’s interests and finally a tremendous impact on the Environment.
The latter alone is in itself a significant reason alone for individuals and businesses to consider switching to Shared Software hosted on Shared Hardware in the “Cloud”. Leaving your Computer screen on 24 hours every day for a month is equivalent to burning 1 Ton of Carbon (to generate the electrical power). Think now about the armies of Servers running 24/7 in Climate Controlled environment using power to run the machines and keep them cool!
Since our IT resources do not run at Full Capacity every day of every year, we are at best possibly only using a minimal percentage of the machines that run our businesses. If so, why not use a Shared Resource in the Cloud?
I imagine as you can see in the pictures below that for every company that hosts their own hardware and software that it does take a lot of resources – resources like a 12 Cylinder Car (petrol guzzler) being driven intermittently during the working day and then left on idle such that the air conditioning keeps running 24/7 to keep the inside cool. Then imagine the number of businesses out there running hundreds of servers each (like the car example) and leaving them on even when not in full use!
server farm example
During my Webinar, I was able to explore this issue in detail as questions started to flood in from the moment we started the Webcast. Questions were mostly about 2 things: Security and Bandwidth. Both in my opinion are important issues to resolve before Cloud can become a highly desirable first choice for SMB’s and Large Corporations alike.
Security is important because as Businesses we are custodians of our own financial information, accesses to financial accounts and equally important that of our clients. A vital requirement is to exercise a Duty of Care as Custodians of Consumer Data, hence we are all required to use best efforts and 100% firewalled integrity in keeping that information safe.
How safe is it currently in Corporate Servers locked down in a “secret location” under potentially 24/7 surveillance? Despite best efforts to make our Server farms secure and the data “fire-Walled”, they are by no means 100% secure now, are they?
I recall watching some documentaries and learnt how vulnerable some of our most “impenetrable databases” are when I learn of Jonathan James who targeted The Department of Defense, NASA and Adrian Lamo who targeted Yahoo!, Bank of America and Citigroup. According to the Department of Justice, those folks successfully broke into those highly secure databases.
Question then is: What is the difference as to where you store your Data in your own Server farm as opposed to a shared resource?
Both are open to the same Vulnerabilities affecting all Internet enabled systems. This means that if you have a connection to the rest of the WW then you are by default have a potential to have to security compromised or hacked. If anything would assume that Security as made available via the economies of scale as made available by pooling funds and resources into a shared system must be higher than one managed by one’s one private resources, right?
Hence the issue of “true” security becomes a moot point!
The real issue I see is that of Bandwidth or lack thereof in developing countries with an emerging internet infrastructure and a tenuous connection to inter-continental fiber-optic pipelines bringing Terrabytes of Data to the world’s main continental information exchange hubs.
If you cannot access your information in real time and if the latency period becomes a mission critical response time then yes you would have a problem.
As the world is increasingly and inexorably becoming connected in the virtual world, I suggest businesses look at an interim solution where only some of the business productivity, storage and CRM solutions are stored in the cloud. If the application is NOT mission critical and hence delays in seconds or minutes does not affect your day to day functioning then great! Please use your own judgment and consult a reputable consultant.
It does NOT have to be an all or nothing solution!
For my part, it seems that having a partial solution that can improve your business’s bottom line, expansion opportunities and that will help us manage climate issues better and cater for a growing world with its own growing appetite for goods and services is a big step for Mankind in the right direction.
Over and out for now!
Cheers
Dany
