From the Editor: Will Clouds Reign?
By Tom Inglesby
A few years ago, clouds were considered metrological phenomena. Artists loved them, kids stared at them, cartoonists found all kinds of objects in them and basically, they were, well, they were clouds.
Then someone had the great idea to use the term “cloud” to signify an Internet-connected, multi-server storage and application repository. In the past 20 or so years, companies have used the cloud to host applications to free up local computing resources, the so-called SaaS—software as a service—approach. Recently, Microsoft started trying to move their enormous client base to their cloud—and remember, they were a founding member of the club, with Intel and IBM, that drove relentlessly to put a computer on every desk in the world. Their Office 360 is just such an application. Eventually, the cloud will be filled with bytes, not raindrops.
Since the cloud is made up of many distributed resources acting as one, a virtual Big Iron server/storage space, it has the characteristics of distributed computing. It is highly fault tolerant through redundancy and distribution of data, highly durable through the creation of versioned copies, and typically consistent with regard to data replicas. However, it also is a virtual world of its own, with vulnerabilities even your networked-to-the-hilt personal computer isn’t.
One of the first things you hear about is security or lack, thereof. If data are distributed across multiple physical locations, the risk of unauthorized access increases. This risk can be mitigated through the use of encryption, which can be applied to data as part of the storage service or by on-premises equipment that encrypts data prior to uploading it to the cloud.
Then there are the hackers, inside and outside. The number of people with access to the data who could be compromised—bribed, threatened, or just plain greedy—increases dramatically. A single company might have a small team of administrators, network engineers and technicians, but a cloud storage company will have many customers and thousands of servers, and therefore a much larger team of technical staff with physical and electronic access to almost all of the data at the entire facility.
That’s the inside threat. Hackers from the outside are the ones who get the publicity. The cloud increases the number of networks over which the data travels. Instead of a local area network or storage area network, data stored on a cloud requires a wide area network to connect. By sharing storage and networks with many other users, it is possible for others to access everyone’s data. Not always intentionally, either. Sometimes it happens because of mistaken actions, faulty equipment, or a bug.
The risk of having data read during transmission can be mitigated through encryption. Encryption in transit protects data going to and from the cloud service, while encryption also protects data that are stored at the service provider. It’s not foolproof, but it helps. After all, you don’t want someone else’s cloud to rain on your parade (video).