The Cloud – Panacea or Perilous?

The cloud has been touted as a significant revolution in computing – providing scalable, secure, and cost effective alternatives to owing and managing your own computing infrastructure.  It has also been criticized for being insecure, unreliable, and a potential threat to the future of your business if something goes wrong.

So which is it?  It can be both, actually.

Done right – with the right application, the right vendor, the right agreement, and with proper attention to issues like security, encryption, privacy, and continuity – it can work very well.

Done wrong – without those details being considered – it has the potential to cause things ranging from spotty performance to embarrassing data leakage to a business ending catastrophic failure.

The key is to spend the time up front to get it right.

(Cross-posted to Slaw)

Smartphone revolution – ignore at your peril

That we are in the midst of a huge change in the way we communicate in our work and personal lives is no revelation.  But I think many of us don’t realize how rapidly this change is happening, and the many ways it will affect us.

It is a combination of things like mobile access, handheld computing power, inexpensive apps, cloud computing, location awareness, and social media.

Consider this: mobile devices are outselling PC’s, and digital media is equal to television in importance amongst ad executives. 

The explosion of smartphones and tablets enables us to get information about almost anything immediately wherever we are.  And to provide information to others just as quickly.  Tools like Google Goggles and Siri can do that by simply taking a picture of something, or speaking into our phones. (And really, the “phone” part of our phones is dwindling in importance to the rest of their features.)

All businesses and organizations should be thinking about how this is now affecting  them, and how it will affect them in the future – both in how it will challenge their current business models, and how they can use it to their advantage. 

And don’t forget to think about who your competitors will be.  For example, who is going to own the mobile payment space?  It might be the banks and credit card companies – but it could be telcos or Google.

It also raises interesting legal issues – like who owns the movie rights to a crowdsourced story, and how do privacy rights tie in with location aware services?

The one certain thing is that we ignore this revolution at our peril.

Cloud sevices – Is the bloom off the rose?

For the London Free Press – May 9, 2011

Read this on Canoe

Recent outages at Amazon and Sony’s PlayStation Network have left businesses and consumers without service for lengthy periods of time.

The tech press is full of articles suggesting the bloom is off the rose for cloud services and cloud providers are in denial about risks. These articles call on online providers to take financial responsibility and offer more than token services credits.

These outages have done more than just prevented gamers from playing. Services provided by Foursquare, Hootsuite, Discovr, the New York Times and others were affected by the “Amazonpocalypse”. Other businesses using Amazon were barely affected, as they designed their use with disaster prevention in mind.

One reason cloud services are inexpensive is that they come with no guarantees, and no liability on the part of the provider. That’s not meant to suggest online providers aren’t motivated to keep their services running. It’s bad for business if they don’t. But some are better than others, and problems can occur despite provider efforts.

If users expect financial responsibility and compensation for their losses in a failure, they can expect to pay more.

Online service provider user agreements contain limitation clauses that deny liability if the services don’t work. At most, there might be a refund for the cost of their services proportionate to the amount of downtime. If users want more, they can expect to pay for the provider’s insurance to back up the liability. And in practice. most users opt not to pay more for liability protection.

Anyone using online or cloud services needs to first consider how crucial the services are to them. What will the effect be if the service is disrupted for a short or long period of time, or if their online data is lost?

If such disruptions would have serious effects, then the user must take steps to control those risks.

For the risk of losing data, it might be as simple as keeping local backups, or keeping a mirrored copy at a different service provider at a different location.

To keep the service operating continuously, users should take a close look at how the service is provided, and plan their use in a way designed to survive failure.

In other words, assume things will fail, plan around that, and test to ensure the plan works.

Amazon, for example, has several “availability zones”. Amazon customers who were able to switch between them suffered only minor issues.

Another approach is to use multiple service providers based in different locations.

Our digital universe keeps expanding

For the London Free Press – Jan 17, 2011

Read this on Canoe

The sheer volume of digital information that we create is fast outstripping our ability to manage it all, report warns

The sheer volume of digital information continues to rapidly increase. According to a report by IDC entitled The Digital Universe Decade – Are You Ready?, commissioned by storage vendor EMC, the projected growth of the digital universe could outpace our ability to manage it, creating new challenges and opportunities.

Every time we send an e-mail, take a digital photo, blog, upload a video or download a song, we are contributing digital content. The report uses the term “digital universe” to mean the amount of digital information created and replicated each year.

This content is growing and is expected to increase exponentially. In 2009, the digital universe grew by a staggering 62% to about 800,000 petabytes (a million gigabytes).

In 2010, the digital universe was expected to grow to 1.2 million petabytes and reach 35 trillion gigabytes by 2020. That would fill a stack of DVDs that would reach half way to Mars.

The report says that over the course of the next 20 years, the digital universe will grow by 44 times, while the personnel and investment in resources to manage it will only grow by 1.4 times. This discrepancy will have real implications for both the organizations tasked with dealing with digital content and regular users and contributors to the digital universe.

Issues that arise include the amount of physical storage needed to contain all this data. This is in part attributable to the fact that only 25% of digital content being created is unique – the other 75% consists of things such as forwarded e-mails and other copies.

And backing up all that data so it won’t be lost if something goes wrong faces challenges from the sheer volume, and managing the most effective and cost-effective ways of doing that.

Individuals will use higher-capacity hard drives in their computers, external hard drives, and the cloud to store and back up their personal material.

The report suggests an increasing amount of data will be housed in the cloud. This goes beyond keeping our files or backups stored at Internet-based locations. Examples include watching on-demand Internet-based TV, such as Netflix online, instead of using DVDs, and using cloud-based software rather than installing and running it on our PCs.

Finding what we need in all this data will require continued advances in ways to manage it. That includes ways to know when to delete data, and search tools to find what we need.

The report also says that the amount of data that needs protecting will increase at even a faster rate. This includes confidential and personal information, such as financial and health data. It claims that less than 10% of the information about an individual is created by the individual – such as taking photos, using social media, sending e-mails, and getting cash from an ABM. The rest is created by others, such as credit records, surveillance photos and web-use histories.

Managing the security and privacy of all this will continue to be a challenge.

Don’t let privacy get lost in the clouds

For the London Free Press – July 12, 2010

Read this on Canoe

So-called ‘cloud computing’ can be valuable — but it can also come with risks

Cloud computing – essentially providing computer services over the Internet – is a growing trend.

Ontario’s privacy commissioner recently released a report dealing with privacy issues that arise from the cloud.

There are many definitions and debates over just what cloud computing is, but it entails storing your information and/or running software on computers belonging to others that you access over the Internet.

For example, instead of creating this column using word-processing software installed on a computer in my office and saving it here, it could be created and stored in the cloud from any computer using services such as Google Docs, or Microsoft Office Web apps.

It is a compelling model, as it can provide advantages in cost, simplicity, portability and scalability.

It can, though, pose issues around things like privacy, confidentiality, security, business continuity and disaster recovery. The importance of those issues vary depending on how the particular cloud product works, what it’s used it for, and how mission critical it is.

The privacy commissioner’s discussion paper – Modelling Cloud Computing Architecture Without Compromising Privacy: A Privacy by Design Approach – discusses relevant privacy issues.

The report discusses a variety of different models included in the term “cloud.”

The report sheds light on which types of risks are associated with different types of “clouds,” some of which are riskier than others from a privacy and security standpoint.

The decision to use cloud computing is one each individual or business must make bearing in mind the type and sensitivity of their information, how valuable that information might be and whether local copies can be saved.

Since the loss or compromise of sensitive data can be incredibly damaging to an organization, careful consideration is required.

It’s important for organizations to take time to review what type of cloud model they intend to use, and whether it’s adequate from various perspectives, including operational, cost, access and privacy.

The type of data stored by an organization may change over time. Organizations evolve and sensitivities change. Re-evaluation of an organization’s cloud model at regular intervals, or when major projects occur, will help ensure data is kept in an appropriate manner.

The bottom line is that it’s important for anyone using cloud-based services to understand how that particular service operates and what promises it makes concerning privacy, security and continuity of data. The importance of those factors will vary depending on the nature of the information involved, and how critical the service is to the user.

If it is not adequate, either negotiate to make it adequate, or go somewhere else.

This report, and a previous white paper entitled Privacy in the Clouds (both available on the web at are helpful for potential users to understand and deal with privacy issues that arise from the cloud.

They are also useful to help anyone providing cloud-based services deal with privacy issues for their services.

Ideally, providers will design their services to be privacy-friendly from the outset – an approach the commissioner calls “privacy by design.”

Privacy Commissioner – public consultations on privacy and cloud computing

The Canadian Privacy Commissioner just invited interested parties to file written submissions on privacy issues surrounding cloud computing.  Also for expressions of interest from anyone wanting to take part in a formal panel discussion in June.

Cloud computing – however one defines it – can be a compelling model, as it can provide advantages in cost, simplicity, and scalability.

It can though, pose issues around things like privacy, confidentiality, security of data, business continuity, and disaster recovery.  The importance of those issues varies depending on how the particular cloud product works, what you use it for, and how mission critical it is.

Fanshawe eMarketing Conference – legal issues

Fanshawe College is putting on an eMarketing conference March1st entitled “Turning Clicks into Customers“.   The keynote speaker is Mitch Joel, author of  Six Pixels of Separation”.

I’m speaking at a breakout session on “Legal Issues for a Digital World” .

I’ll be commenting on issues including copyright, cloud computing, the Streisand effect, and social media and privacy.   

There are several factors that make digital law different from analogue law.  As I’m putting my presentation together, I’m realizing that the concept of  practical obscurity plays a big role in explaining some of the differences.

Google liberation front a welcome attitude on cloud computing

That’s the title of my Slaw post for today.  It reads as follows.

The cloud computing, or software as a service model has compelling attributes – such as low cost, ease of use, and scalability. But the downside is that there are issues around the security, integrity, and longevity of both the data and the software behind it.

Google has taken a step in the right direction with its promise that any cloud application it provides will have as a prime directive the ability of the user to pack up their data and take it anywhere, including a competitor.

At least that helps solve the issue of the risk of losing data, as it makes it easier to keep a local backup.

Doctorow on Cloud Computing

Cory Doctorow has an article in the Guardian entitled Not every cloud has a silver lining that is worth a read.

Cloud computing is a current shiny object.  But its not for everyone, or every application.

The article starts with:

The tech press is full of people who want to tell you how completely awesome life is going to be when everything moves to “the cloud” – that is, when all your important storage, processing and other needs are handled by vast, professionally managed data-centres.

Then goes on to tell how and why the cloud is oversold.

Cloud Computing Myths

BusinessWeek has an article entitled Busting Cloud Computing Myths that is a worthwhile read for anyone curious about cloud computing.   For example, there is just 1 cloud, and cloud computing always saves you money.

The ultimate conclusion is: “What’s the takeaway? That the cloud isn’t a magic wonderland of carefree computing, but a complex resource that requires understanding and hard work to manage correctly. And that’s no myth. “

For my perspectives on cloud computing, search “cloud” on my blog.