My data in the cloud?

What’s the Cloud?

“The Cloud” refers to computers, storage and software connected to the Internet and accessible via the World Wide Web.  The first question you may have about the cloud is whether your data is safe there.

To answer that question, let’s have a look at how access to data has changed over the past couple of decades.  When the Internet and the World Wide Web (the Web) first became widely available in the 1990s, we were accustomed to the Desktop model:

I’m sitting at a desk with the computer, the software, and the data storage on disk all within reach.  If I have Internet access, it’s probably a wired connection over Ethernet to a cable or DSL modem; I can interact with servers on the Web using my browser, and some of these servers may keep some data that I put into them.

By the mid-2000s, most of us were using the Laptop model:

My laptop computer is with me wherever I am, and the software and storage are inside the laptop.  Storage may be on a disk or a solid-state disk (SSD).  I’m connected to servers on the Web using a wireless (WiFi) connection or a wired (Ethernet) connection.

These days, many people are using the Smartphone model:

The smartphone is in my pocket when I’m not using it.  When I use it, software is running both in the phone (an App) and in the cloud (on a server somewhere).  My data is in the cloud (on a server somewhere).  I’m connected to the Web using a wireless connection (WiFi or the cellphone network).

Software in the cloud

Why would we put software in the cloud?  There are several reasons for this trend.  The main advantages are:

I can rent the software rather than buying it.  This could save me money in the short run.

I don’t have to keep the software up to date – the vendor I rent from does that for me.

I don’t have to configure the software in my computer.

When I want someone else in my company to have access to the same data and use the same software, it’s easy to do – I just add them to the list of users of the software service (and pay the rent for them).

The disadvantages of software in the cloud are:

If I lose my Web connection, I can’t use the software or access my data.

I can’t customize the software very much – I have to use the same features that are available to everyone.

Data in the cloud

Why should I put my data in the cloud?  There are some advantages:

There’s no limit on how much data I can store in the cloud, and the cost of renting space for it is relatively low (if I shop around). I don’t have to buy a new disk to store more data.

The storage vendor does automatic backup of my data (and replication – that is, storing a copy at another site, if I want them to).

The storage vendor typically uses privacy and security measures that I couldn’t afford on my own.

The disadvantages of data in the cloud are:

If I lose my Web connection, I can’t get to my data.

At the beginning of using cloud storage, I have to upload all of my data.

There is always the possibility that someone will break into my data (a data breach).  But then, isn’t that possible even when the data is in my computer?

The storage vendor could go out of business or fail to protect my data. That’s why I should be sure that the vendor is reliable, reputable and stable.

I should probably keep a copy of my data somewhere else as well.  But I had offsite backup copies before, didn’t I?

If my data is in the cloud, do I still own it?

If you’re concerned about ownership of your data, make sure you have a contract with the storage vendor that specifies not only who owns the data, but also how how easily you can copy your data and move it somewhere else.

Check the regulations in your state and your country with regard to data.  When you have customer’s personal information as part of your data, you have legal obligations.  You may be obligated to keep the data in the country, for example.  You also need to have a policy for dealing with data security.  If you do suffer a data breach, you may be obligated to report it.

For example, “California law requires a business or state agency to notify any California resident whose unencrypted personal information, as defined, was acquired, or reasonably believed to have been acquired, by an unauthorized person. (California Civil Code s. 1798.29(a) and California Civ. Code s. 1798.82(a))

Any person or business that is required to issue a security breach notification to more than 500 California residents as a result of a single breach of the security system shall electronically submit a single sample copy of that security breach notification, excluding any personally identifiable information, to the Attorney General. (California Civil Code s. 1798.29(e) and California Civ. Code s. 1798.82(f))”  (from the Attorney General of California website at http://oag.ca.gov/ecrime/databreach/reporting)

There are other resources that may be useful to you if you’re concerned about malware (software that invades your systems or your data with malicious intent) and cybercrime.  Visit some of these websites:

http://www.rsa.com/rsalabs/

http://www.cylab.cmu.edu/

http://www.us-cert.gov/

I hope this answers some of your questions about data and the cloud.  If you have other questions, please add your comments to the blog.

Like this post? Share it!
    About John Levy

    John Levy works with senior managers in mid-sized organizations who are responsible for development and delivery of major software or hardware/software products. He helps them gain confidence that their projects will succeed.

    Development projects can fail in many ways. You need a guide who speaks the language of business and is knowledgeable about technology. John aligns Development with the organization's strategy so it will contribute efficiently to the success of the enterprise.

    John has been consulting for over 20 years. His book on managing high-tech teams, Get Out of the Way, was published in 2010.

    For more information, email him at johnlevyconsulting.com, or call 415 663-1818.
    And check out John's profiles on LinkedIn and Twitter!