“We’re running in the cloud.” “Cloud is the answer.” “Wow. It’s cloud computing.” It’s been a long time coming. But it may vanish pretty quickly.
I can hear the grumbling.
Where am I coming from on this? After all, what could be better than foisting off all of the technical infrastructure on someone else. Let them worry about the apps. Let ‘em worry about the storage. And the clincher: Let ‘em worry about the security.
Now call me crazy – Hey! I heard that! – but turning over data to “the cloud” is a lot like moving all your chickens onto another farmer’s land…one that’s even more attractive to foxes than your own.
“They’ll never get hit,” you say, “They know security…better than we do.” Wanna bet? Fact is, you’re putting your valuable data in the hands of someone outside your organization who has access only to the same security information and guidelines that you do. That YOU do.
Apple escaped malware and virus attack for years because the penetration was small; that changed as penetration grew and the Mac universe became attractive to hackers. The cloud is the same way.
And your operation is going in the opposite direction. By that, I mean that if they’re getting bigger at a faster rate than you are, “they” are a bigger target. So, unless you’re really big, you’re a smaller target than those cloud offerers. And, of course, if you are “really big”, well, shouldn’t you be looking at an in-house cloud. Of course, that’s tantamount to putting a diffuser in front of a snoot on a Fresnel luminaire then spotting it down.
You may argue that if they have access to the same security options, you expect them to use them and thereby keep you secure without you having to spend any time on it. Welllll. Remember one other thing. Your data has to get to them and back. A very vulnerable step in the process. It eliminates the Internet as an option. VPN’s? Not much better. That leaves truly private lines. I won’t call them networks because they shouldn’t be. They shouldn’t do anything but connect you and them.
Are you getting that – and paying for that – now? If not, wow! You’re laying it all out there for anyone who wants to watch your payroll figures, development ideas, emails, and patent applications parade past them in true TCP/IP style. Worse, in FTP, delivering your data in neat, fully functional files.
Yet we continue. Clients insist on the cloud, seeing it as a major cost saving – fixed costs and variable. Cut jobs, cut office space, cut electrical. Get a monthly bill that’s service rather than cap-ex. Couldn’t ask for more. Then, one day, you can’t get into your “system.” It’s “over there,” somewhere. But it’s gone. Or, a delivery of 100,000 rolls of paper towels you ostensibly ordered shows up, actually set up by a hacker, along with the invoice.
One company is bragging of their 99% uptime. Anyone do the math on that? It’s more than 85 hours of DOWN time a year. And if that comes in 10 minute increments, well, the old saying, “glued, screwed and tattooed” comes to mind as workers have to reconnect with the app or data.
There are a lot of ideas that are terrific on the surface. Then you look a little deeper…c’mon, it’s called due diligence and it’s what you’re expected to do…and find the pitfalls. If you know the risks – and your CEO knows them, too, what’s the Daniel Boone quote “…be sure you’re right, then go ahead….” But when you have 20 seats all vying for the same connection to get data they need to give to the CEO – your CEO, make sure you’re within reach of the phone because if the path or server fails, that phone’s gonna ring…and it won’t be a radio station cash call.