LinkedIn Twitter
Director, OpenShift Strategy at Red Hat. Founder of Rishidot Research, a research community focused on services world. His focus is on Platform Services, Infrastructure and the role of Open Source in the services era. Krish has been writing @ CloudAve from its inception and had also been part of GigaOm Pro Analyst Group. The opinions expressed here are his own and are neither representative of his employer, Red Hat, nor CloudAve, nor its sponsors.

9 responses to “Cloud Computing: The myths, realities and everything else – Part 2”

  1. mr. paul

    You give security short-shrift and don’t really provide solid reasoning why its a myth. For good reason – it isn’t a myth. Cloud Computing does offer security risks. The fact that the alternatives offer risks too does not diminish this fact. The way to address this is not to dismiss the risks, but to note that Cloud Computing risks are different than “on-site software” risks. These risks have different impacts on consumers, small businesses, and large enterprises. In order to move past Gartner’s “Peak of Inflated Expectations” and “Trough of DisIllusionment” to the “Slope of Elightenment” (http://www.techcrunch.com/2008/08/18/where-are-we-in-the-hype-cycle/) we need to carefully assess those risks and find ways to address the risks that are appropriate for the different types of customers. I look forward to that conversation taking place here over the upcoming years.

  2. keshavaram

    My impression about cloud computing is that it will be slow to the end user.
    Reasons –
    1. All the computing happens at server end while the user interface is at the client end. So vast amount of data need to move to and fro. So the speed is not only constrained by Processor speed and memory but also by internet speed too.
    2. I come from India where the Broadband penetration and speed is abysmal.
    3. I have used zoho and google docs for office productivity but I don’t get the same experience that I get from Desktop Softwares.

    Another impression is that – My data is not fully under my control.
    Reasons –
    1. As a Business my competitor can easily view my data. all he needs is my user name and password. My employee who is given the authority of user id and password can easily share it with his friend in competitor’s firm.
    2. The firm providing cloud computing services may delete my data. I heard so many such cases in Web hosting centres.

  3. krishnan

    mr.paul, thanks for your response. I didn’t argue that security threats in cloud computing is a myth. I only refuted the argument that cloud computing is insecure compared to traditional methods. I think I have made my argument clear on this by showing that the threats in cloud computing is no different from the traditional methods used now. Similar to the security policies we develop for protection in the traditional network, we have to spend out resources developing proper security policies while using the clouds. I am not arguing that cloud is the safe bet. I am just saying that the security in the cloud is as good/bad as the current models. I think my next post highlights the same thing.

  4. krishnan

    Keshavaram, I have a post lined up which is going to talk about how cloud computing will help in developing countries. I will try my best to address this issue in that post.

  5. krishnan

    keshavaram, regarding the next part of your argument, I beg to differ. Here are my reasons.

    1) Your data is not in my control argument is similar to the arguments made by users in Indian industries when they moved from bulky paper archives to desktop. This is a paradigm shift. You lose control of your data within your firewall to get an ubiquitous availability of data wherever you go. This is just a mental block than a real issue. You need to develop a trust based relationship with the cloud vendor to get the advantages of cloud computing. It is like having a mental block to use credit card online. I know of many people who would want to pay with only cash and don’t want to use credit card online. Well, the net result is that they have to do extra work to get things done (like going to a shop that offers what they need and paying with cash).

    2) If an employee is hell bent upon stealing your data, he/she can use a physical medium like USB drive or CD to steal it if you are using Desktop computers. He/she can photocopy the documents and steal (even worse, just write it down and take it) if you are still struck in the very old fashioned pen and paper format. It is my point of this post. I wanted to dispel the same myths which you are believing. There is no way it is unique to cloud computing alone. It is the threat we face even if we are struck in the stone age of paper based document storage.

  6. Shankar

    Hi Krishnan,
    Cloud computing has more security risks than traditional web hosting. In cloud computing, multiple users share the resources. If one user’s application has a security vulnerability, then the data of all the users sharing the same resources can potentially be compromised. So the users should take this in to account while designing their application for cloud computing/hosting, which would not be the case if they are hosting the applications by themselves. And also the cloud vendors should sandbox users’ applications and resources from each other. So both cloud vendors and cloud users have to take additional steps to secure their resources.

    Shankar

  7. Krishnan Subramanian

    I disagree with this. As far as I know, I haven’t come across a case like what you are mentioning here. Can you back up your claim with specific example (link to the news item covering such an issue will be better)? I have used many cloud platform with multi-tenancy and I never came across a situation like what you are mentioning here. If you can show me an incident like that, I will be able to offer a more specific insight into what has happened.

  8. Shankar

    I dont know if such a news item came out, but I deal with such risk assessments everyday. Unfortunately I cannot talk about it here because it is my “employer confidential”. I can say confidently that cloud computing is undergoing a lot of scrutiny from the security professionals (not only in my company, but everywhere too) precisely because of the concern I have raised.

    Please note that I’m not saying that “cloud computing is insecure”. That statement is indeed a myth, but cloud computing does require a higher level of scrutiny/risk assessment and mitigation techniques than normal single-app hosting because of sharing of resources.

  9. http://www.developerzen.com/2008/09/25/cloud-avenue/

    [..]Cloud Computing: The myths, realities and everything else[..]