Posted by: Ron Miller
The worst fears of the anti-cloud cabal came true recently when the curtain was lifted and we saw a glimpse of the extent of the US surveillance state, but is that enough to make you stop using the public cloud?
I’ve been listening to people debate about the pros and cons of the cloud since 2008, which was about the time the term came into popular usage. In fact, I remember well attending a discussion at a conference in 2008 where representatives from Google, Amazon and Salesforce.com explained the merits of cloud computing.
They were then peppered with an audience full of doubters. There was of course the Patriot Act to deal with, and for anyone from outside the US who had to respect more stringent privacy laws, the idea the government could demand data in the cloud at will was a show stopper for many –and remains so to this day.
The fact we now know the extent of government listening means that the Patriot Act was a minor annoyance compared to widespread warrantless Internet monitoring.
I’ve sat in similar discussions since. At CeBIT in 2011, The Germans, which as a country have particularly strong privacy laws, could not embrace the cloud even though many saw the advantages of a cloud approach.
But the cloud offers such a compelling economic case, in many cases that’s going to overcome any fear a company might have the government could be snooping on your data.
ZDNet had a couple of compelling posts recently about this. On the pro cloud side, Jason Perlow wrote in NSA Prism: The cloud laughs at the Tin Foil Hat brigade, “I hate to break it to you guys, but the government just isn’t that into you.” He added, “And this recent revelation about PRISM and other wide-ranging NSA electronic surveillance programs, while disturbing, fundamentally changes nothing about an overall shift to cloud-based computing.”
But ZDNet’s Steven J. Vaughan-Nichols isn’t so sure as he wrote in NSA Prism puts “public cloud” in new light. As Vaughan-Nichols wrote, “Let’s just take it as a given, if you put information on the public cloud, there’s a reasonable possibility that it can be looked at by a government [three-letter acronym organization].” He adds with certainty, “But, if you put your infrastructure on a private cloud you dodge this problem. Even a hybrid cloud—where you keep only low-value materials on a public cloud—could still do well by you.”
But it’s not that simple for many organizations. I saw CIOs from the San Francisco Giants, The Boston Red Sox and The Boston Celtics speaking last week at the E2 Conference in Boston. For these three CIOs, the cloud allowed them to run lean departments with 11 or fewer employees while promoting some extremely ambitious IT projects. As Bill Schlough, CIO of the Giants put it, “The more data that’s in the cloud, the happier I am.”
There are social, political and economic ramfications of government monitoring and I’m not about to minimize any of those, but I’ll put it this way: I’m inclined to agree with Perlow’s view on this.
The government doesn’t really care what most private businesses are doing, and if they did, it wouldn’t really matter if you were using public cloud services or your own data center. The NSA and other government agencies are amazingly resourceful when it comes to data collection. If Anonymous can get past your security, do you really think the NSA or some other government agency can’t?
There are a myriad of ways to gain access to networks without being inside an organization from phishing to keystroke loggers to social manipulation. Once inside the network infrastructure whether you are a malicious hacker or the government, you can pretty much do whatever you want.
With that in mind, if a government agency wants you, they’ll find you no matter where you choose to store your data, with a warrant or without it, whether you know it or don’t. Given that reality, recent revelations should not alter your approach, nor should it scare you off from public cloud usage.
Photo Credit: (c) Can Stock Photo