TechLines: cloud security and reliability

TechLines: cloud security and reliability

Summary: At the TechLines: Cloud Control event held last month, panellists discussed the ins and outs of reliability and security of the cloud, asking whether companies can trust someone else with their data.


At the TechLines: Cloud Control event held last month, panellists discussed the ins and outs of reliability and security of the cloud, asking whether companies can trust someone else with their data.

ABC New Inventors host James O'Loghlin came to the crux of the issue by saying that companies and people always feel the safest about services they can control themselves.

"If I had a service on my house where they said, 'You don't have to lock your door any more, we'll come around and lock it for you', I would feel more comfortable knowing I was responsible for locking the door because the consequences of it being unlocked are big," he said.

Microsoft director of Developer and Platform Evangelism Gianpaolo Carraro said that this issue was the same as when people migrated from hiding their money in their mattresses to trusting banks to keep it. "At some point there was mistrust," he said.

IBM R&D Australia director and chief technologist Glenn Wightwick agreed, but pointed out that more came into play than a simple issue of trust, including where the data was stored.

"There are certainly situations where there is going to be sort of legislation and privacy laws in various countries which may, depending on the type of data, actually restrict you from having it offshore," he said.

Futurist Mark Pesce had earlier pointed out that certain cloud companies were opening in Australia to specifically help companies hemmed in by legislation.

He said that such issues made the distinction between private and public cloud important, with companies who were concerned about security and privacy being able to opt for private cloud.

IBM's Wightwick pointed out that the private cloud should be constructed so that it can be migrated to public cloud in the future when security and privacy issues are addressed.

Meanwhile, Ovum analyst Kevin Noonan believed that wary companies should go to their current outsourcers for cloud services.

"If security is your absolute concern, go to your service providers that you have contracts with today and ask them, do you have a cloud offering."

Carraro believed that most cloud providers were going to offer better security than in-house IT could in any case.

Wightwick agreed.

"We've probably all been in organisations where you could drive a bus through security," he said.

Pesce, however, cautioned that cloud did introduce an additional point of risk, saying that the network reach was only as reliable as any of the links between the company and the cloud provider.

"You always have to think that once you've pushed things out to the cloud you have introduced another element that can fail," he said.

Yet Ovum's Noonan believed that, while such risks needed to be taken into account, they shouldn't be paralysing.

"If you took no risks at all you'd get nowhere," he said.

The "unsung heros" of the IT organisation, he said, those working in security and the enterprise architects, "the people who worry about where all the bits fit together" would see an era of importance.

"[These] people who understand what [level of] risk is reasonable — their time has really come."

Topics: Cloud, IBM, Microsoft, TechLines

Suzanne Tindal

About Suzanne Tindal

Suzanne Tindal cut her teeth at as the site's telecommunications reporter, a role that saw her break some of the biggest stories associated with the National Broadband Network process. She then turned her attention to all matters in government and corporate ICT circles. Now she's taking on the whole gamut as news editor for the site.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • If the data is properly encrypted, then it has no value to anyone and may be kept anywhere. The key is the valuable asset and may be kept under your control and stored locally. Obviously this depends on solid encryption and a good key, and good key management. If encrypted data was spread around countries and storage facilities, then it makes it hard for cipher-based crypt analysis. Even better if it is mixed with other people's data.
  • Service levels from Google & Microsoft are woeful. Imagine if a small business goes to the cloud and things go wrong getting any level support is non existent.
    Bert Mill
  • Gianpaolo Carraro compares cloud with banking. Well, in banks we store money, which is tangible assest with crystal clear value. The issue is that data/information does not have such absolute value, so damage/loss/duplicacy cannot be measured accurately.

    Also, we need some progress on legal/judicial front as well if cloud-concept is to succeed at all.