Mixed Signals
Any sufficiently advanced information is indistinguishable from noise
Wednesday 26 November 2008, 10:33 PM
More cloud tales - what happens on rainy days?
Cloud computing has its elephants. One of the biggest is the threat of your cloud provider disappearing overnight, taking your data with it. Right now, that's an elephant with plenty of PR with the basic mechanisms of corporate finances failing, there's little confidence that even the most assiduous can pick a company with a guaranteed future. And there are plenty of horror stories to fuel pessimism as Phil Wainewright, blogger for our sister site ZDNet US, explains:
"At the end of October, Digital Railroad, a photo archiving and commerce site used by over 1,500 professional photographers, shut down without warning. Users had just 48 hours to recover images stored on the site. Even if all of them had been in a position to log on and tried to download their data, its doubtful there would have been enough bandwidth to service the demand."
The creditors moved in, repossessed the servers, wiped the hard disks and sold the hardware.
And even if your data ultimately resides on one of the big name clouds Amazon, Google, Microsoft and you're buying a service from a cloud reseller, then you're at the mercy of that reseller, that reseller's lines of credit, all of that good stuff. That's before you consider the possibilities of a technical problem that just won't go away.
As Wainewright asks rhetorically does that mean that cloud computing is too risky to contemplate? Hardly. He recommends you back up your data, locally or with some other cloud provider, and keep a disaster recovery plan to hand that treats your collapsing cloud supplier as you would a dead hard disk. He also suggests an "SaaS Code of Conduct" that promises at least some continuity of service.
Yes indeed: yet there has to be more. For all its potential, cloud computing will only work if it has the confidence of its clients, and that means having more than just a code of conduct. There are interesting models elsewhere in industry with UK travel agents, for example, the industry association ATOL guarantees a certain level of service to customers even if their holiday provider goes down during their holiday. The insurance business is built on a skein of risk-sharing that has been maintained even under the current extreme duress. These concepts will be essential to the cloud community, both in terms of what happens if a company goes away completely, or if it finds it has lost client data.
Yet these ideas only work if there are mechanisms that allow rescue. That means basic levels of interoperability, standards and process of the sort that IT knows very well how to do, but so often chooses to ignore or subvert in the name of commercial imperative. That is the ultimate elephant: for all that cloud companies choose to assume the foggy mantle of The Cloud, that mythical, universal matrix of services that Just Works no matter where you choose to connect, what we actually have is a loose commonwealth of competing nations with strict borders, enforced residency requirements and strong barriers to multiple citizenships Even the common language is broken down into mutually incomprehensible dialects.
With such a setup, the chances of painless evacuation from a disaster area are minimal and the odds of significant settlement during these times of frequent upheaval enormously reduced. There are plenty of settlers willing and able to make the exodus to the promised lands, but unlike the days of the Darien Scheme, we're all well-informed about the downside of taking promise over proof.
When you consider the other advantages of an open, shared, interoperable environments, it seems even more remarkable that this most pressing concern of would-be cloud hoppers remains unaddressed by those who want us to believe. The cloud must bind itself together first before we can come aboard.
- 3 comments |
- Post a comment |
- TrackBack |
- Clip Link
- | Viewed 176 times
PreviousComments on this post
Cloud computing & services are named exactly right. A lot of hot gas. Big billowy bags of vapors floating around with no definable shape maintained mostly by effusive emissions of salesmen. Sounds like a song by Yes.
It does lead to a thought of mine that with the credit crunch hovering like a vulture over a lot of the current financial institutions, you have to wonder how much of this infrastructure is going to remain when the banking markets hit bottom. Corporations thinking of using this "technology" (I'm not convinced that its all so "new") might want to hold up for a while.
My company has implemented what I'll call a "cloud in a bottle" approach in that VMWare and server mirroring is used to pull all of the servers off-site into a couple of duplicate facilities. Two different companies are running the duplicated facilities. Users aren't even aware that their logon and applications are hosted somewhere else. It just looks like a service on their desktop. Most of the software can be accessed through web browsers. So far things seem to be working well.
That's cool. I think people should read the license agreements with great care, because; although the hosting firm may not hold the triple decrypters or whatever may be needed to read your data, you can bet clauses will be sliped in there allowing the decrypters to be held in trust by another company for the purpose of being able to redistribute the setup/installers for them in case the customer loses theirs. Of course the temptation to partake in covert data mining practices for some will be just too great. And that's before concerns about data loss, denial of service etc.
Having said all that, I am a user of microsofts sky drive, google, yahoo, and gmx s free online storage facilities. I'm sure it's psychological but I find it easier with small amounts of data to bounce a file or setup, up into the skydrives and bounce it back down again to my net book when I get to a job (or even when I'm still at home) than it is to plug in my USB key. Of course the key is right there with me, just in case.
One detail I left out was that the "cloud in a bottle" has one special component a lot of the ephemeral services seem to ignore. The company I works for owns the servers it operates on. Creditors don't get to snatch them in a bankruptcy. We still own the bottle. So in reality its more like remote hosting than "cloud" services. I don't have anything to support it but my feeling is that a lot of corporate IT systems would rather hold onto remote servers over a complete conversion to "cloud" servers or services.
As to the issue of illegal data-mining, that probably goes on now. The level of data mining though probably comes in different "flavors". Data-mining in the sense I think most people think of is the lightest touch of just reading general information, demographics, site activity etc. "Data-strip-mining" would be going through and cloning the entire database and/or other information and shipping it off to some ftp connection and then selling it to a third party.
I wonder though outside of the few competitors we have in our particular business, there really isn't much reason to data-mine our systems. Not all companies are in that position I realize but sometimes you have to wonder at the quality of data derived that way.
The assumption being made is that the data stored is worth digging into in the first place. That assumes further that the targeted company knows what it is doing and that the people working there are actually reporting and doing the work necessary to properly record the transactions performed by the company. That does not get done evenly by all employees. A lot of work never gets "inputted" to the computer. Technology about devices and products may not be stored on a "cloud" server.
Being a data-miner, unless you're already conversant in the technology involved, stealing somebody's IP would be an exercise in "slash and grab" since you may not know what you're looking at. If you're not able to understand what you are stealing or you can't take advantage of the IP in your own operations, you're only going to be able to sell it to somebody who does. Call it the "provenance" of the masterpiece like in the art world or the "chain of evidence" in the legal system. Assuming I was that unethical, I would be extremely suspicious of quality of the ill-gotten goods. If I was the data miner, if I didn't know the technology, I'd spend a lot of "un-billable time" learning what it was I stole, maybe as much as the customer might spend learning or developing the IP in their own operations. It's probably more profitable hacking into their bank connection or credit accounts than stealing their IP.
