Thursday, March 18, 2010
The Dark Side of Cloud Computing
The old axiom in real estate is location, location, location. I just spent a full day at the CloudConnect Conference in Santa Clara, CA and the manta repeated by every one of the presenters on the future of cloud computing was security, security, security!
One presenter after another quoted data from Gartner Group, McKinsey & Company, or privately-funded research to show that 9 out of every 10 potential customers listed security issues as the number one barrier to implementing a cloud computing strategy at their company.
And the concern about cloud computing security is well founded.
One of the presenters asked conference participants if they knew what enterprise had the largest cloud computing presence in the world. Among the guesses were IBM, Microsoft, HP, Facebook, Amazon, and of course Google. The answer, however, was an outfit, if you can call it that, with which many in the audience were not even aware – Conficker .
A New York Times article from last year describes Conficker as program that “uses flaws in Windows software to co-opt machines and link them into a virtual computer that can be commanded remotely by its authors. With more than five million of these zombies now under its control – government, business and home computers in more than 200 countries – this shadowy computer has power that dwarfs that of the world’s largest data centers.”
Indeed, Conficker’s “cloud” is larger that the cloud computing efforts of Amazon, Google and IBM combined! And its sole purpose for existing is to disrupt normal business operations inside of companies, organizations and governments. With that monster looming in millions of “cloud computing resources” around the world it’s no wonder 9 out 10 customers considering implementing cloud computing strategies are nervous about security breeches.
But all is not doom and gloom. Despite the security issues that must be taken seriously, the benefits of moving resources to the cloud far outweigh the risk, and many organizations, including the US Government, are doing just that in a big way.
Much of the same research that showed security as the biggest impediment to cloud computing adoption also showed cloud computing revenue growing by more than 20 percent in the next three years. Of course with that much money in the balance, Conficker, and other ne’er-do-well’s won’t be far behind. That’s why security will remain front and center in any discussion about cloud computing.
In my follow up post next week, I’ll address Gartner Group’s “Seven Deadly Sins” of cloud computing security and what questions companies should ask of their cloud computing vendor before taking the plunge.