Friday, May 18, 2012

Privacy, Security, and Compliance Concerns in Cloud Computing

As you have been noticing there is a great deal of momentum around cloud computing, perhaps propelled by the massive marketing investment around it. Actually, many of us at this point may feel a little saturated by reading and hearing every day how "cloudy" each new product offering claims to be.

The Cloud is still in its infancy (Real Scene in a Day Care)


But at the same time I believe that we all get the point and we can see the real and undeniable advantages behind the cloud-way of doing things, from simple things like having all our music or photos everywhere all the time and playing them from each of our devices, to update my documents or data from my laptop or from my uncle's old PC without installing a single piece of software or moving a single file around, or to the most advanced cases like having an entire multi server development, testing, and runtime platform to host my enterprise applications without doing the administration of a single piece of software stack, networking, or servers.

On one extreme of the spectrum of opinions around cloud we have the "give me the benefits of cloud, I do not care about anything else" type of individuals, in the middle of the spectrum we have the cloud pseudo-skeptics, which is the portion of the consumers that feel that cloud is not all that great, that it is just another fancy name for "Internet stuff", and in the other extreme we have the quasi-paranoid guy, who thinks that "the cloud" means putting all my private data in hands of cloud service vendors, that the cloud outages can cause apocalyptic damage in our societies, that cloud provider may go out of business and my data with them, and many other negative things.

While all these concerns are fair in some cases, I cannot stop comparing cloud skepticism and paranoia with the concerns that we all had in the early 2000s about using our credit cards to buy stuff online. Do you remember? it was only a decade ago when we often heard phrases such as "What?! These guys from CheapCherryCandy.com are nuts if they think for a moment that I will enter my credit card information in this web form!

By the way, a quick reminder that cloud is more a model that a technology change, we will see many enterprises adopting private cloud models that may bring to IT departments and its internal consumers the same type of benefits that we see in the "public" cloud space. The increasing interest on on-premise Platform-as-a-Service (PaaS) as private cloud in medium and large organizations is an example of that.

We are also going to see a lot of hybrid clouds emerging, in which logical clouds will be built transparently on top of public and private infrastructures.

My theory is that in a few tears form now, as security increases and regulations evolve, many of the "clouds about cloud" will clear out, and we will be doing much more stuff in the cloud-way than what we can think today.

Thanks for reading!

Stay up to date on this and related topics by following me on twitter: @Juan_Noceda

Interview about Cloud, PaaS, NoSQL, OpenShift, and Node.JS

Thanks Gordon Haff for the interview about cloud trends, the PaaS market, OpenShift growth, JBoss relevance, the importance of Big Data or NoSQL, and the Node.JS momentum.

Here is the audio podcast and transcript