The cloud is ready for mass consumption; in fact, it’s arrived. This is no longer an early-adopter’s game.
It’s another day, and another article about the security risks of cloud storage lands on my desk. It makes me feel as though someone was searching for a click-bait topic.
Except the “fear the cloud” articles have become less and less relevant.
Every technology innovation goes through an adoption cycle. I’m not saying that the arc of cloud storage has reached its highest point, yet; we have plenty more to learn. However, I feel strongly that, as an industry and as cloud technologists, we are done with the phase of making foolish mistakes. These days, we — both service providers and the customers whom we serve — have realistic expectations and realistic outcomes. Cloud storage has indeed reached its tipping point for mass adoption.
People blamed AC current as the reason for deaths from electricity in the 1800s. As a result, people stuck with kerosene for a long time before they realized they could safely lease electricity from a power station without fear of blowing up the backyard with a personal generator (and also have to keep a local specialist on-site to maintain it).
In the sense of an industry responding to change, IT is no different.
What are the biggest fears in regard to cloud computing? Today, it’s security, durability of service, and vendor viability. Behind all three of them is IT’s desire – its need – to trust the cloud and its providers, on everything from performance to data privacy.
I feel strongly that we’ve made significant inroads in addressing each of these areas. Herein I address some of the innovations that have made cloud concerns far less of an issue than they are presented to be.
To begin with, there are a lot of recent security technology advances to point to.
Among the industry’s recent achievements that better protect the cloud are:
As a result, the process of making things secure has gotten easier. A few of the enhancements:
Compliance with government and industry regulations have long been part of the IT department’s mandate. But in recent years, the trend has been for these areas to be under the security umbrella — something I see as a good thing.
In particular, guidance around operations has evolved for shared infrastructure. We see this in the shared infrastructure used for both auditing and managing software. One example: the adoption of standards such as ISAE 3402, an international assurance standard for public accountants regarding the controls at service organization that are part of financial reporting.
As I explain elsewhere:
Data privacy should be part of every company’s day-to-day operations; policies, procedures and technologies should be in place to address potential risks. Companies need to comply with data-residency laws to protect corporate and employee data privacy. Also, companies need to not only govern and protect data, but also ensure that cloud service providers meet stringent data-privacy guidelines for storing data in the cloud.
Fortunately, data privacy standards are becoming better understood, and the ecosystem that enabled better security practices is today expanding to data privacy as well. (See my earlier post, For User Data Privacy: Think Globally, Act Locally.)
When we talk about the viability of the cloud, what we’re really discussing is customers’ readiness to put their trust in the partners they rely on — particularly the vendors who provide their infrastructure and are responsibility for protecting their data. Here, too, I see several trends that tell me, “We’re past the ‘new and unproven’ stage.”
The cloud has built a viable and vibrant ecosystem. Vendors are doing more than coming up with gee-whiz technical innovations and announcing them at South by Southwest. They’re working to be (or become) profitable faster, with solid business and go-to-market models. Their software architecture has “in it for the long term” built in, such as security features that once were afterthoughts. And vendors are designing their sales and channel compensation to benefit their business partners and resellers as well as to improve the lives of their direct customers.
The tension between OPEX and CAPEX is helping vendors plan costs, and making buyers more risk averse. That sounds like a negative — how can it be good for buyers to be more risk averse? — but it’s a sign of health. People are making business decisions based on the numbers instead of hype, and vendors are thinking about the cost of goods sold rather than “first to market at all costs.”
As a result, I see cloud computing becoming the platform for future innovation. All new startups find it easier to bootstrap and launch a cloud solution rather than a data center solution. So from here on, I expect most funding for innovative startups will go to the businesses whose solutions are designed first (and probably ultimately) for the cloud.
With so much energy going into this kind of cloud-centric computer science research, I argue that the cloud security technologies have leapfrogged what we see in dedicated data centers.
Get a free trial of Druva’s single dashboard for backup, availability, and governance, or find out more information by checking out these useful resources: