Trust and transparency are cloud critical
…and Europe’s got the message
Information leaks have sent shock waves through Governments in recent years, and seriously undermined trust in data security.
Cloud environments are under particular scrutiny – especially amongst people who fear ‘giving away control’ of the company or personal data to cloud providers. “If one does not trust the cloud, one will never step into the cloud,” is the blunt warning to the industry from former European Commissioner Neelie Kroes.
In this post-Snowden era, governments are seeking a new balance between privacy protection – wherever data is located – and powers of data access to secure homeland defense. Europe is rising to the challenge, with initiatives to both reassure citizens and create conditions for a secure and successful future cloud industry.
This is the first of a series of three blogs about how the cloud in Europe is reshaping for the future. It starts by assessing today’s picture. The second in the series will focus on managing the continuing issue of trust. The third will examine how we need to drive new levels of transparency in order to convince the most skeptical cloud customer.
Myths and misconceptions
To understand today’s issues, risks, and popular perceptions, we need to be clear about the main types of cloud provision: private cloud and shared cloud.
Private cloud is what the name suggests: your own private eco-system. No other individual or organization can use it, and access to your data is securely fenced. But you pay for that privilege, and private cloud is less flexible in payment terms and in available services.
Shared cloud offers an open environment shared with other users, where you can usually access a range of services with a flexible ‘pay-per-use’ and ‘hop-on / hop-off’ business model.
Contrary to some people’s views, shared cloud is also highly secure. Why wouldn’t it be? Shared cloud providers such as Apple and Google will, of course, spend more on avoiding security breaches for millions of customers than anyone else can afford to invest in a private cloud.
The trust challenge – and why it must be met
That is the kind of myth that reflects a severe lack of confidence in data and cloud security today. Secrets revelations – and more recent reports of the ease with which Western leaders, Hollywood film stars, and major corporations have had their data accessed – has inevitably caused many individuals and organizations to question: ‘who has control of my data?’ and ‘who can access my private information?’
The cost and flexibility benefits of cloud are already compelling. They will be simply irresistible in future as we find ourselves managing rapidly increasing volumes of data. It is likely that trust will be an even more important driver than the cost in selecting a cloud partner. Building trust through provider transparency is imperative for tomorrow’s cloud industry, and for us all as users.
But changing perceptions will not be easy. Many nations all over the world have actually stepped up electronic information gathering for self-defense purposes, sometimes with scant regard for individual privacy. Yet it is those national and regional governments that must also lead us into a new era of cloud data trust and transparency.
Europe at work
Amongst international initiatives, the European Commission has been forging closer links between government and industry. Part of its cloud strategy was to establish a European Cloud Partnership (ECP), where industry heads (including Atos CEO Thierry Breton) join senior national and EC officials to design a new roadmap for cloud in Europe. Another ECP initiative is the setting up of selected industry working groups (SIGs) to establish a code of conduct and compliance for the cloud industry (including privacy). This work has been the basis of what we call the European Cloud Standard.
Canopy is one of the leading European cloud providers and has played a major role in supporting these initiatives to help change both perceptions and reality in the industry’s operations. It will also play its part in developing trusted cloud arrangements throughout the world.
In the next two blogs, we will focus more on the cloud trust issue, and look at how important transparency is in rebuilding that trust.