At the TechLines: Cloud Control event held last month, panellists discussed the ins and outs of reliability and security of the cloud, asking whether companies can trust someone else with their data.
ABC New Inventors host James O'Loghlin came to the crux of the issue by saying that companies and people always feel the safest about services they can control themselves.
"If I had a service on my house where they said, 'You don't have to lock your door any more, we'll come around and lock it for you', I would feel more comfortable knowing I was responsible for locking the door because the consequences of it being unlocked are big," he said.
Microsoft director of Developer and Platform Evangelism Gianpaolo Carraro said that this issue was the same as when people migrated from hiding their money in their mattresses to trusting banks to keep it. "At some point there was mistrust," he said.
IBM R&D Australia director and chief technologist Glenn Wightwick agreed, but pointed out that more came into play than a simple issue of trust, including where the data was stored.
"There are certainly situations where there is going to be sort of legislation and privacy laws in various countries which may, depending on the type of data, actually restrict you from having it offshore," he said.
Futurist Mark Pesce had earlier pointed out that certain cloud companies were opening in Australia to specifically help companies hemmed in by legislation.
He said that such issues made the distinction between private and public cloud important, with companies who were concerned about security and privacy being able to opt for private cloud.
IBM's Wightwick pointed out that the private cloud should be constructed so that it can be migrated to public cloud in the future when security and privacy issues are addressed.
Meanwhile, Ovum analyst Kevin Noonan believed that wary companies should go to their current outsourcers for cloud services.
"If security is your absolute concern, go to your service providers that you have contracts with today and ask them, do you have a cloud offering."
Carraro believed that most cloud providers were going to offer better security than in-house IT could in any case.
"We've probably all been in organisations where you could drive a bus through security," he said.
Pesce, however, cautioned that cloud did introduce an additional point of risk, saying that the network reach was only as reliable as any of the links between the company and the cloud provider.
"You always have to think that once you've pushed things out to the cloud you have introduced another element that can fail," he said.
Yet Ovum's Noonan believed that, while such risks needed to be taken into account, they shouldn't be paralysing.
"If you took no risks at all you'd get nowhere," he said.
The "unsung heros" of the IT organisation, he said, those working in security and the enterprise architects, "the people who worry about where all the bits fit together" would see an era of importance.
"[These] people who understand what [level of] risk is reasonable — their time has really come."