Friday, 15 August 2008

Cloudy(y) computing

One of my favourite quotes is: “You’ve reached middle age when all you exercise is caution”.

I read a report recently about 2 organisations moving off their own servers to Google apps and Gmail, thereby saving huge amounts of money. Quite enticing one would think.

This was confirmed in the July issue of Information Age. In the same article it mentions there is a Gartner report endorsing cloud computing. Then the very next paragraph states that the same organisation published a report warning of the dangers of cloud computing.

I have always been quite cautious (first glimpse of my exercise regime) of external suppliers holding all our data, or intellectual property. Why? It’s unlikely they will mine it, there’s too much of it, not just ours, unless of course they have an employee who makes a business of selling our data to our competitors. Which could be the case with one of our employees anyway, so that’s no different.

No, for me it’s the cloudy-ness of the cloud, the lack of visibility. It affects corporate issues such as compliance. And risk.

There are many questions to be answered about the issues surrounding the “safe” (whatever that may mean) use of the cloud, and I believe some questions are still to be asked.

In the meantime, I’ve hit middle age on this one and I’m exercising caution for all I’m worth!


DrBob said...


At the University where I work the choice is becoming stark.
We either keep up with the students appetite for web 2.0 (there's no way we can match google for capability and turnaround) or fall by the wayside.

Classic risk return..

I believe the back breaking straw will be email. Universities are not ISP's. The IT help desks spends 80% sorting out email problems. Why bother? is the question.

In a large university there are so many "leaks" to the web that we can do nothing about surely our best risk based approach is to acknowledge it happens and put systems in place to deal with eventuality rather than legislate against the use of the web...

The latter sound draconian - but I have heard it mooted...

Mark Berthelemy said...

Hi John,

I'm one of those people who really likes cloud computing - except for when the data is important (ie. my own blog), and then I want it on my server (well, my hosting provider's), under my control.

Logically, you could argue that hosting my blog on Blogger would be more secure, and more likely to recover from a server crash.

But it just doesn't feel that way.

Ditto, for work. I will happily use Google Docs for all sorts of things. But I wouldn't put any finished documents on there. They go on the internal server.

Horses for courses?

John Iscream said...

Absolutely horses for courses Mark.

We have the freedom to choose, and sometimes it just makes sense to use one over the other.

Mission critical usually means I want control. And you want rigid performance guidelines.

However, the hosting option smacks almost of a Beta testing which can make the advances, develop the facilities, brainstaorm the soultions - to produce a production style environment, which is required for a corporate setup.

John Iscream said...


I don't work at a university so can't be considered too knowledgeable on your post, and when I was at University, we had punch cards, so no Wild Wild West then.

But I can see the sense in using cloud computing for the students.

The majority will be there what 3-4 years? If they post in their private capacity in the cloud, no support costs.

Of course, it can't be that easy, as the students/lecturers/supervisors need to know that the integrity of their work has not been compromised.

And depending on the size of the student body, you have a large migrant computing population, with a significant number joining and leaving each year.

And I suppose you have discrete systems for the staff?

Mark Berthelemy said...

@DrBob: Yes, I don't understand why universities bother providing email addresses for students. Why would the university want that sort of control? Just as you would require students to have a home address, shouldn't you just require them to have an email address?

@John: re. hosting... I would only opt for internal hosting if:

1) I knew the staff were capable of maintaining a service equivalent to that of an external host
2) The costs were roughly equivalent to external hosting
3) The data was so confidential it could only be held inside the corporate network.