What nuclear plants and cloud computing have in common
July 08, 2014 00:00
By Niklaus Stucki
Sure, you have already heard about cloud computing and its advantages. Cloud computing is safe, secure, reliable, cost efficient, resource friendly, powerful, and eventually even environment-friendly and clean.
Now if you are about my age, this list of positive attributes may sound familiar to you, as it is quite similar to the one used by the nuclear power-plant advocates back in the 70s and 80s.
Of course, it’s insane to compare cloud computing with a nuclear power plant. Even though there is a lot of activity in the cloud, there is no radiation. But that is not the point.
The point, eventually, is that in cloud computing, your data – in the worst case, all your data – is sitting on a third-party device. Sure, you can access it from wherever you are – over a connection provided by more third parties such as your Internet service provider, the Internet service provider of your cloud and your Internet browser.
However, the only thing you really still have control over and which is under your own emergency-scenario template, is an empty machine called a PC, terminal, notebook, or maybe tablet or smart phone if you’re trendy.
But why worry? Clouds never go offline, and the power supply never fails as they have installed all the back-up systems needed to guarantee continuous power supply. Like Fukushima, for example. And the same is also valid for the Internet connection provided by your Internet service provider.
That said, don’t worry, be happy, the cloud will always be there and available for you. It will never be overloaded, or the traffic jammed to the point where it gets too hot in the cloud, forcing the operator to take it offline for some maintenance or repair.
No seriously, those are nuclear scenarios, nothing to do with cloud computing. The same goes for operator mistakes and any other operational glitches. No, no, dear Mr CEO, believe me that simply does not happen, not in our clouds and services. And if it ever does, the chance is so extremely low that you can ignore it – at least until it happens.
Besides the purely technical risk that can separate you from your data without giving you any choice other than to sit and wait until the cloud is back up and running, there are a few more concerns to be considered.
Ill-intentioned people are part of our society and, as society grows, the number of those who use their smartness for actions we consider not adding value to society grows as well.
For this kind of individual, infiltrating or compromising a cloud with huge data bases of different stakeholders is much more attractive and appealing, and much more effort-efficient than hacking into each single system of an individual company.
I would imagine that paralysing a cloud provider storing data of many businesses would be much more “fun” than just bringing one specific business to a halt. The attack of 9/11 would most likely not have had half of the impact and consequences if they had crashed the airplanes into a two-storey villa.
The larger the cloud is, the more interesting it becomes for the ill-intentioned in the cyber-world, and maybe for your government. And if 9/11 is any indication of how well preventive safety systems work in a real-case scenario, then I would not feel too confident about the proclaimed total safety of a cloud.
Nowadays, Google, Facebook, Twitter and other similar service providers induce us to feel comfortable and even safe in having our private life exhibited on the Internet to the level of one’s underwear.
As this trend is likely to ease the willingness or readiness for especially younger managers to feel comfortable with cloud computing and while recognising the substantial advantages of cloud computing, I would still recall the saying from the investment sector that says “don’t invest more than you are willing to lose”. For cloud computing, it would mean “don’t put more in the cloud than you can afford to lose”.
Not all your data needs to be accessible from anywhere in the universe. Keep the heart and brain of your operations on your servers, so that when that exceptional case that never happens in marketing brochures actually happens, it won’t break your neck. If you don’t, you need to understand the associated risks and prepare your mitigation plans. Anything else is fine on a cloud, and most likely safe forever.
_ Niklaus Stucki is a business consultant at Freewill Solutions.