The second instalment in this couplet of articles looks at some of the issues that the standardisation of cloud computing, including the European Commission's potential initiative, will aim to tackle and clarify in order to drive the adoption of cloud computing forward, particularly within its ripest markets, such as amongst SMEs.
Control Over Data & Security
Arguably the primary area for concern for prospective cloud computing clients is that of data handling. In other words knowing and controlling where your data - personal details if you are a personal consumer, or client data etc for businesses - is stored (geographically and technologically) and how secure it is in that location. For on-site private clouds, for example, this is less of a concern, but where a client is signing up to a public cloud service, based upon shared server resources and public network connections, they may not fully understand, nevermind influence, where their data lives.
The cloud computing model means that a client’s data can ultimately be stored across national boundaries, across continents even and that raises many issues around the varying jurisdictions under which that data exists. It can lead to conflicts between the differing jurisdictions under which cloud providers operate and under which the data they control is stored. As an illustration of this, data held by US cloud providers must be supplied to the US government on request under the US’s Patriot Act, even when that data is physically hosted in another country. Consequently, as a UK resident signing up to a Microsoft Live account for example, a consumer may not in fact realise that their personal details, and who has access to them, are governed by US laws, despite understanding that Microsoft is a US based company. In many other scenarios, private and commercial users of cloud services may not be confident of the nationality of the provider in the first place, never mind the jurisdictions and legislation that govern their data.
Not only may this lack of transparency lead to concerns over who has access to and jurisdiction over data but it may also raise questions about what security measures are applied to safeguard that data against those who shouldn’t have access to it in any case, and against any kind of intentional corruption of that data. Security vulnerabilities can of course sit at many points in the cloud model but client perception and awareness of those at source - at server/data centre level - can be far less clear than of those at the access points with which the client interacts.
Interoperability
Presently, the primary driver for standardisation across the industry, whether amongst clients who feel they have a grasp of their data handling processes or not, is that of interoperability - that is being able to switch their IT functions from one provider’s platform to another compatible platform. The current cloud market raises many questions in this area for organisations: if it moves some of its functions to one cloud provider will it then be locked into that provider for its associated functions; can it integrate functions hosted with other providers; will this carry prohibitive costs; can it switch workloads between different cloud services seamlessly; will it be able to migrate away from its chosen provider if a more preferable solution comes along? From a commercial point of view these are some of the most pressing questions when choosing a cloud provider and so there is gathering momentum across the industry, not just in Europe, to establish open standards which free consumers to treat their cloud computing services more like the utility computing that the cloud has long promised to deliver. In other words, allowing clients to tap into different provider’s services as and when they need them, without lock-ins and without barriers.
There are many other aspects of a cloud proposition, in relation to performance, uptime, storage space etc, that clients can have difficulty understanding and comparing like for like. All of these issues demand clear and standardised SLAs to come into play in order to define the language and metrics in which information can be presented to clients. Form a client’s point of view, however, the key is to seek out reputable cloud providers, enquire about interoperability physical hosting locations, use recommendations from clients with established relationships where possible and steer well clear of ambiguities.
To find out more about accessing secure and transparent cloud based sevices across the EU you can check out this pan-European operator of virtual data centres.
No comments:
Post a Comment