Google had a rough weekend and a human error caused the search giant to list the entire Web as malware for an hour or so. The screw-up is likely to raise questions about the risks of having a monoculture dependent on any one technology supplier.On Saturday, Google tagged the Web as malware and was rendered useless. After various reports, Google blamed the incident on human error.
Was the ruckus over Google's outage overblown? Possibly. But to many folks Google is the Window to the Internet. If folks can't Google people are simply lost. That fact alone probably qualifies Google as a Web monoculture although it may be a touch premature to make a definitive call. However, Google touches everything and frankly that's a bit worrisome.
In security circles, monoculture is a key concept. Roughly speaking, whenever a technology--Windows for instance--is dominant it becomes a big target to attack. You attack the target and wreak a lot of havoc. Windows is a monoculture. If Windows is wrecked the damage is far and wide just because of market share.
Ryan Naraine in his Google coverage on Saturday foreshadowed the monoculture question. He said the Google incident "provides a harsh lesson on our total dependence on a single vendor/search provider." Is Google a monoculture? If Google isn't a Web monoculture today it soon will be. Google is becoming a search monopoly and it can extend that dominance into other areas. Just look at the reaction to its malware screwup. There was one hour when we couldn't use Google--and everyone noticed quickly. If Ask.com--or Live Search for that matter--had a similar malware tagging glitch the hubbub wouldn't have happened.
What's worrisome is that monocultures exist everywhere. The goal for every IT vendor is to become your monoculture. Windows is a monoculture. In enterprise software there's SAP and Oracle--that's a duopoly but depending on the company one of those two runs suppliers runs the business. Cisco is a networking monoculture. Pick an industry or technology and there's some form of lock-in.
And the pressure for enterprises to become a monoculture is immense. How many times have you heard some CIO yapping about standardizing on one technology because it's allegedly more cost effective? When it comes to vendors they want one throat to choke. The downside: What you save in costs and complexity you lose in immunity.
Without any diversification companies are at risk. In this respect, all companies should diversify a little. Say Windows is attacked and effectively wiped out. The all-Windows shop is wiped out too. But if that company is 80 percent Windows, 15 percent open source and 5 percent Mac suddenly the prospects look better.
If you take this argument to the Web the implications are clear. We should all diversify from our Google habit at least a little. Ditto if you're a small business totally reliant on Salesforce.com. In fact, any technology supplier--Web, SaaS, on-premise or otherwise--that represents more than 90 percent of your infrastructure portfolio needs some competition.
The monoculture issue is a lot like a pure-bred dog that has numerous health issues. Take golden retrievers or black labs. They are popular dogs. They are bred too much. And they have bad hips, arthritis and a host of other ailments. If you want a healthy dog you get a mutt. Your IT infrastructure should be a little bit of mutt too. Diversify your apps and providers whenever possible even if it's only to keep the big dogs honest.
Perhaps the reaction to Google's bad weekend was overblown, but it's always a good time to ponder how monoculture affects your IT infrastructure.