by Steffen Sorrell on May 8th, 2014
The public cloud today is a bit of a double-edged sword. On the one hand, it comes with amazing benefits: low entry cost, flexibility and it can scale to levels unimaginable to the traditional data centre. On the other, there’s the not insignificant issue of data privacy.
Enterprises have been increasingly aware of the fact that, in terms of data security at least, CSPs (Cloud Service Providers) are often able to provide solutions that are as least as robust as measures taken in their own data centre; it is of course in the CSP’s own interest to be able to declare their cloud as a fortress both in physical and digital terms.
Nevertheless, Edward Snowden’s stolen tranche of documents have openly revealed NSA and GHCQ digital surveillance programmes that, previously, would have been dismissed as tinfoil hat fodder by the majority of society. Following these revelations, the notion of data privacy in the cloud for many has been turned on its head; with the European Parliament even going so far as to recommend a ban on using US-based CSPs, the damage has been done.
A reactionary solution would be to turn to a private cloud deployment: after all, you have the keys to the castle there. However, many of the benefits of the public cloud are lost here, and a saturated private cloud doesn’t scale well. The benefits of the public cloud cannot be ignored; as our new report discusses, the key from here on is to really define what the risks are by moving workloads to the cloud, and whether these risks can be taken. Know your CSP.
On the other side of the coin, US CSPs have their work cut out to rebuild lost trust, and a strong reaction is needed. Encryption at rest an in transit may be more common now, but who holds the keys? Are real-time assurances available to customers?
There is no doubt that the public cloud will roll on, particularly in this world of mobility. Nevertheless, action should be taken to prevent a slowdown in enterprise enthusiasm given the enormous revenue opportunity.