While the fat versus thin debate is no longer relevant in the cloud, ownership of and accessibility to sensitive data is now the key consideration

Posted on June 8, 2011

3


In their June 6th, 2011 ZDNET article titled Is the iCloud the end of the Linux & Windows desktop?, Steven J. Vaughan-Nichols & Paula Rooney openly wondered about the relevancy of the fat versus thin client debate within the virtual realms of the cloud . . . or more specifically, iCloud.

For those unfamiliar with Apple’s iCloud, it is a service that will store content in the cloud and then push it wirelessly to all of the user’s devices.

Now some may argue that the iCloud and platforms like it are really nothing more than virtual servers meaning that we are for the most part living in a thin client physical realm, at least at the operational level on the front lines, with the only distinguishable characteristics being whether or not one’s cloud is public or private.  Yes I know this is an overly simplistic description, but the principles are nonetheless accurate.

What I find most interesting is that the attempt to create unique platforms to harness the power of the cloud is tantamount to attempting to segregate the very air that we breath based on claims that oxygen is somehow different in terms of accessibility in Tuscon than it is in Minneapolis.  Alright, so maybe air quality comes into play here . . . have you ever been to New Jersey, but the whole point is that ultimately air is air is air.  There is no discernible difference in that we need it and that it is freely available to everyone.

However, the real issue with cloud computing has little to do with the technical aspects of any one particular platform and is more a question of ownership and privacy.

Specifically, and has reported in today’s Commitment Matters blog by IACCM CEO Tim Cummins, there is a current lawsuit that has been filed against AmEx alleging that the company failed to disclose to certain clients their loss of US 4th Amendment privileges as a result of outsourcing financial data management to overseas locations staffed by foreign nationals.

The concern this creates, is that customer records under such a scenario become subject to seizure by the US Government, which ‘routinely seizes and searches communications that are received by or sent from foreign nationals’.

This is of course a big problem and, it is not the first time that such concerns have come into play.  One instance which immediately comes to mind is the Canadian Federal Government’s decision to disqualify Ariba from being a provider on the old Way Forward procurement initiative based on the fact the servers on which the Government’s data would have been stored was located in California, and therefore subject to U.S. Government seizure under the Patriot Act.

Again, this extends beyond the public/private, single versus multi-tenancy question, which asks when you take to the clouds who owns and controls access to your company data?

In terms of supply chains, and according to the Wasserman West International Law website, the ability to share data in compliance with applicable data privacy laws is often essential to building an effective international supply chain. Exposures of any kind therefore places one’s organization at risk on multiple levels including the loss of a competitive edge.

So what’s the answer?  To start, incorporate within any data sharing strategy involving cloud computing a clear understanding as to where all or part of your data is being stored, the corresponding laws of the land and any resulting limitation to your right to privacy.

Beyond this,  we will be welcoming a number of experts will be sharing their thoughts on how to build a reliable supply chain in the clouds through a series of guest posts over the next week, so be sure to check back often.

30

Posted in: Commentary