skip to Main Content

One of the most impressive examples of the use of “cloud computing” technology, that I’ve seen [in my years of work in the field,] was in Japan in 2010.  

Since the mass transit in Tokyo, Kyoto and other cities is often quite crowded, my colleagues stopped carrying laptop computers, and even iPads, to and from work.  Instead, they carried credit-card size cards that they could insert into special kiosks.  The kiosks provided a monitor, keyboard, mouse and privacy screening.  Once a person entered his/her password, an exact replica of that person’s unique computer screen appeared on the monitor with the same background, icons and desktop arrangement as that person’s computer.  My colleagues could access the Internet, their files, check email, and print documents – just as if they were in front of their computers.  It has been incredibly convenient, but also seems to hold some dangers.  The top 5 “pros” and top 5 “cons” include the following items.

Cloud Computing Top 5 Productivity Advantages

Productivity:  Clearly having cloud computing was – and continues to be – a great convenience to my colleagues – significantly increasing their productivity.  It provides accessibility, collaboration, device independence, bandwidth and data backup for them.

  1. First, as long as my colleagues have an Internet connection, they can access their computer files when they are commuting, working at a branch office, or at a customer’s site.
  2. Second, it has enabled collaboration — the sharing of documents among coworkers — just as is frequently used today with cloud options such as Dropbox, Google Drive, ICloud, and Amazon WS.
  3. Third, the cloud has provided extra bandwidth to allow my colleagues to share files when those files were too large to attach to an email.
  4. Fourth, access to the Cloud is possible using either the kiosks or their own devices.  This device independence has helped them when their devices were not charged, or were not compatible with a specific system that they needed to access.
  5. Fifth, the cloud provides duplicate or backup files – so my colleagues know that they have independent, protected copies of their critical data in the event a device or database were lost or stolen. This ensures that they always have a clean copy if their data were ever held for ransom by a hacker.

 

Remote Processing/ Cloud Infrastructure:  The biggest difference between cloud computing and traditional laptop or desktop computing is that with cloud computing, your personal device doesn’t do the actual data processing.  Instead, that happens in a large computing center outside your organization, and you simply see the results of it on your own screen.  This is possible because the Cloud’s “infrastructure” is a network of millions of communications links connecting to large computing & data storage centers.

 

Cost Savings: Cloud computing infrastructure also means that each cloud service provider (CSP) invests in the hardware, software, security, and ongoing technical expertise required to build, operate, maintain and upgrade state-of-the-art computing centers.  The result is that all users, regardless of their size, have access to the most up-to-date, enterprise-class computing facilities available, and can “follow the technology curve upward,” for a price much less than doing it themselves.  It thus allows users to replace, and/or supplement, their private computing technology investment and annual operating costs of computing, energy consumption, and back-up cloud storage for either: 1) a fixed, known monthly cloud computing “service fee,” or 2) a “menu” option that covers only the amount of computing and storage they actually use, just as with any other utility.

 

Scalability: In addition to cost savings advantage – the cloud also offers users the ability to respond more quickly to their increasing or decreasing computing needs.  Traditionally, when users need more computing resources for their business, they must invest a considerable amount of money, with long lead-times, knowing that the resulting equipment has a life cycle of only about 3-5 years.  Thus, it is a difficult and important decision – and once made, cannot readily be downsized.  In contrast, since cloud service providers (CSPs) are continually investing in their computing resources, they can offer extra computing capacity to their users, with almost no lead-time and minimal expense.  This is enormously helpful to users following an emergency (fire, flood, etc.) or just during a busy month.  Conversely, in a slow month, the CSPs can easily reassign that capacity to another user.  This option for users to “scale their cloud usage up or down” — to match their seasonal, and/or fluctuating needs has proven to be a popular advantage of the cloud.

 

Security:  The first reaction to the concept of off-site, third-party computer processing or data storage is often deep concern about the security of such a system. However, security in the cloud is generally much better than in traditional systems – primarily because of three (3) reasons:

  1. First, the business focus of the cloud service providers [CSPs] requires them to build their computing centers using the most stringent security resources available.  These are historically known as “SOC-2/SSAE-16 certified” centers.  It also means that to do this, the CSPs continually invest more money on security resources than most other entities.
  2. Second, the CSPs work with all types of users – and thus stay current with a wide range of security problems, including new viruses and hacking techniques. For example, most CSPs provide robust protection against “ransomware” — the rapidly evolving threat in which hackers insert malware into data systems that encrypts the data with military grade encryption, and then demand a ransom payment to release your files/ to get your critical data back.  
  3. Third, cloud service providers provide: 1) education to their users about how to prevent security problems and 2) strategies that allow users to recover if they are affected/impacted.

Cloud Computing Top 5 Disadvantages

While cloud computing provides these and other benefits for users — there are also some disadvantages or concerns with cloud computing that my colleagues have discovered.  These include:

Vulnerability to Downtime and Hacking:  The Internet is both a positive and negative aspect of the Cloud, because while convenient, no Internet-accessible service is 100% secure – no matter how much is spent by the CSPs to safeguard their systems. All are vulnerable to downtime and hacking.  One memorable example occurred in 2014 when “DropBox” was down for two days.  We’ve also seen in recent years that the databases of even large corporations, such as Target, Home Depot, and Experian, can be hacked.  Thus, while every CSP invests in and works hard for high reliability, such vulnerabilities exist.  This requires cloud users to determine whether:

  1. They will still be able to conduct business when such a downtime occurs?  Can their business absorb such outages or slowdowns?
  2. The level of frustration and expense such vulnerabilities likely will cause for them, and their customers
  3. If hacked, how will the user address the loss of data?
  4. [Case Study: When Code Space closed after its AWS EC2 console was hacked and its data deleted and unrecoverable).How quickly can hacking be detected?  Often it is not detected immediately and the damage can continue unnoticed for months.
  5. If you have business-critical processes running in the cloud, what is your recovery plan if you are hacked or down?  Are the appropriate backup mechanisms in place?

 

Access-side Management is the User’s Responsibility.  Second, while cloud service providers (CSPs) install significant security on their systems, that is true only for the resources they own and maintain.  It does not include the user’s side of the system.  Getting to the cloud is the user’s responsibility — as is managing the software and security related to that.  This is critical since most of the most recent data breaches and cloud outages have been primarily the result of user error.  For example: the Equifax breach in 2017 was caused by the failure of Equifax to install a patch in the web server’s software, and Amazon’s 2017 outage of its “Simple Storage Service” (S3), was caused by a typo in the system command instructions.  That impacted all Amazon’s services and the cloud providers who built their services on top of Amazon.

 Service Contracts Vary:  Third, not all cloud service providers: 1) offer the same services, 2) have the same management policies, or 3) extend the same service contracts — also known as “end-user license agreements” (EULAs).  Thus, depending on the specific cloud service contract signed, cloud users may have limited control over such things as:

  1. the levels of scalability available to you,
  2. the function, operation/execution and management of their Cloud service.
  3. the specific bandwidth/capacity allowances that you may be offered,
  4. the costs, amounts, rates you will be charged for different levels of use/storage on an annual basis, and  
  5. the fees charged if you need extra storage and/or exceed your contracted allowance.

 

Proprietary Systems Exist:   Fourth, in some cases, cloud service providers use proprietary hardware, software, applications, and/or data formats when they build their systems, even if they use standard open source components as its base.  This can create “Vendor Lock-In” or “Forced Dependency” that may:

  1. require you to reconfigure your data to meet the requirements of the providers’ systems, and
  2. can make it difficult to upload certain documents using some software packages, or to transfer or convert information between providers.

 

Ownership of Your Data Can be Lost:  Fifth, since the Cloud Service Providers (CSPs) own the servers onto which users upload files into the cloud, some cloud service contracts, but not all, state that once your data is on their servers, they own that data.  This has been true of Facebook photos. It is radically different from traditional in-house computing resources.  

  1. One concern is: “If you are in an industry that has regulatory and ethical guidelines that you must meet, such as medicine, law, banking, counseling, can you properly safeguard your data if you no longer own it?”
  2. A second concern is: “What happens to your data if your provider goes out of business, or you switch providers and want to transfer your data?”  Can you get your data back in either case?  The classic case is the collapse of SAGA and the “lessons learned” in that case concerned the ownership of subscriber data in these two situations.
  3. A third concern is when you “drag and drop” a document into a cloud storage folder, you permanently change the document’s location from its original folder to the cloud storage folder.  This can cause you to lose ownership of the document.  In contrast, if you “copy and paste” the document to place it into the cloud storage folder, you retain the document’s original location.

Cloud Computing Conclusion

All of these advantages and disadvantages should be considered before you load data into the Cloud or sign an agreement with a Cloud Service Provider.

Cloud technology has been successfully used for years and is here to stay.  It is basically the next step in technology.  Thus, if your firm is not already using the Cloud, it’s only a matter of time.  

Read more in upcoming blog: Tips for Drafting a Cloud Contract that Works for You!  

Contact Sharon to speak to your group about:

  • What You Need to Know about Data Security and Privacy Before You Sign a Cloud Computing Contract
  • Govern and Protect Your Data in the Cloud
  • Leverage Strategies and Best Practices to maximize the benefits of Cloud Computing for your needs.
Back To Top