Security and the Cloud: A Microsoft Study, A Gartner Report and how PRISM can Help Cloud Adoption

A reason commonly cited against cloud adoption has been security and there are enough statistics to suggest that about 50% of customers who were unwilling to move to the cloud had stated data security as a reason.

However, per a Microsoft study, the reality is quite different for those who have already adopted the cloud. The other advantages (such as greater service availability, lower cost and quicker time to market) were rather obvious but even data security has improved upon movement to the cloud (at least true for small and medium enterprises). To put it simply, the cloud has offered better security features that would otherwise have been very expensive to implement on premise and that security systems always stayed up to date is ensured as well.  This was an observation in the Microsoft cloud trust study (http://www.microsoft.com/en-us/news/download/presskits/security/docs/TwCJune13UK.pdf) that stated that 91 percent of SMBs who have moved to the cloud have mentioned that the security of their organization had been positively impacted as a result of cloud adoption.

However, Gartner had something a little different to say altogether in its news release in the last week, where it stated: “through 2015, 80 percent of IT procurement professionals will remain dissatisfied with SaaS contract language and protections that relate to security“. 

See http://www.gartner.com/newsroom/id/2567015 for the full press release. This report mentions that terms on data recovery and data integrity should be as clear as possible and stated upfront in the contracts that are signed, which are really not the case currently. 

On another note, in the backdrop of the PRISM revelations, security on the cloud has become a much more discussed point (the volume of these conversations have got a lot louder). However, unlike what conventional thinking would like us to believe, this actually is leading to a huge opportunity for markets where cloud adoption hasn't taken off yet really, such as Europe for example.  Local on-site clouds in various non-US localities could start taking off and even nationalistic clouds in non-US geographies could become a real possibility. European providers (who don’t come under US jurisdiction) could start to take on the likes of Amazon. Simon Wardley, an UK based researcher for the CSC had actually this to say: “Do I like Prism .. yes and god bless America and the NSA for handing this golden opportunity to us.” His blog goes on to state how this was going to benefit cloud adoption in Europe:  http://blog.gardeviance.org/2013/06/on-prism.html.

Cloud adoption is inevitable eventually but the verdict on security on the cloud is still to be seen. However, we don't have to wait for very long to see how this will turn out and according to me the PRISM episode is not only going to help speed up the addressing of security concerns but also will impact the adoption of the cloud positively. 

Internet Surveillance: How much Power is 'too much' Power?

I read Digital Fortress only recently and it’s almost remarkable that the timing of this coincided with the NSA scandal that is making front-page news globally. The ethical conundrum that was presented in the book is still as relevant in the World as we see it today (it is still the core of various science fiction stories out there) and there will always be supporters of this argument on either side: you know that you need to cross some line to fix some wrongs but when do you know you have crossed a line that you shouldn't have? When do you know you have ‘too much’ power?

I don’t think that this is about the striking of balance between privacy rights and national security as its being made out to be. Hell, consumer privacy died a long while ago (once we created our social media profiles and became active users online) and in this case it’s only the US government that is potentially breaching user privacy. That should be the least of our worries. In fact, I would be more worried about the amount of consumer data that a private corporation like a Google or a Facebook has. In fact Ashley Mayer’s tweet at the end of the Google keynote at its recently held IO conference that has since become famous had this to say:

Of course, in the Middle East, people have been jailed for saying things that the Government didn't want them to say and we know that there is a certain level of internet censorship in countries such as China and India, but for the rest of the western World, the internet is still a free forum as we know it. So according to me, for the most part of, we should be more worried about the power the private organizations have today and that it’s not about the breach of privacy anymore but the ability of these organizations to influence our lives and control our behavior in a way that works best for these organizations.

Coming back to my initial line of thinking: the moot point is not about the current US government’s ability to snooping in on our online activities but the potential power that this ability could give to someone who could misuse it for private gain. For example, if an autocratic power somehow got control of the PRISM program today, they could do the actual harm that we are all afraid of today.  However, at the very same time, if the US government is to be believed, the PRISM web traffic surveillance program has contributed in helping prevent more than 45 potential terrorist attacks (with at least 10 of them in the US). So therefore this program has been a force for good. However, this power in the wrong hands could wreak havoc and therefore the question still remains: you had to cross a line to fix some wrongs but when do you know that you have crossed a line you shouldn't have? When do you know you have ‘too much’ power? The verdict is still out there. All I know is that the Internet must be protected from being controlled, irrespective of whether it’s a government or a large corporation and that is what exactly Internet pioneer Sir Tim Berners-Lee also has to say. 

FOMO and our Addiction to Technology

Fear Of Missing Out (FOMO) as an acronym for a social disorder has been around since 1985. However, this received a lot more attention in the last few years given the advent of the Internet and social networking that has allowed us to be connected and be recognized in ways much easier than before.

To want to feel noticed and subsequently feel important is a natural human tendency. In a way its gives us feedback on our behavior and tells us what we should do to become more recognized. However, not all of us use it to re-enforce even our own definitions of good behavior. More often than not, FOMO is the root cause of our addiction to technology and we don't even know it (look at this Mashable.com article to see if you fall into one of these categories of social sickness addictions). Hell, even the media is addicted to social media.
 

I have a close friend who has over 850 'friends' on Facebook and a similar number of LinkedIn contacts. When asked, my friend remembers to have made any sort of personal interaction with only about 50 of her friends over the span of the last one year. However, she at least checks her Facebook updates about 5 times every day not just to see how many may have posted a like or a comment on a social event she was part of but more to see what every one else has been up to.

Its not just social media that we are addicted to, its also all the devices that have become so ubiquitous in our daily lives today.  Last year, the average US household spent close to $444 on Apple products (which was almost double the amount in the previous year) and if Apple rolls out its own HDTV, then analysts predict that this number could double by 2015. 444 in both relative and absolute terms is a large number and it amounts to almost 1% of the median US household per capita income. And there are many more devices out there than that of Apple, which means that the average US household is spending much than this amount on technology and devices every year. A lot of people I know don't buy an Apple device because they really need it but because everyone else seems to have it.

I don't think its all bad and that the World will be ending anytime soon (read: I am not one of those suffering from depression that the 2012 event didn't happen). In fact, I am strong believer in that the World is getting better everyday. There is little doubt that social media, technology and the Internet have revolutionized business and allowed that exponential growth to happen so much quickly.  See this inspirational talk from Peter Diamandis, Chairman & CEO, X Prize Foundation who tells us all about the good things we can expect.

While the World becomes a better place everyday, I still think that some of us need to step back a little with our social media, Internet and technology obsession. Like Eric Schmidt said about the Internet: "The Internet is the first thing that humanity has built that humanity doesn't understand, the largest experiment in anarchy that we have ever had.” Therefore, we need to give ourselves a pause and let it play it out for a bit. In the meanwhile, we can all connect to the real world and make some more real connections like calling that 51st friend on our Facebook friend list.