Rating: +0

Positive Negative


I'm doing an article on cloud computing, and how it may run up against government regulations that require personal data not to cross international borders (or, in some cases, to reside in specific countries such as the US.) Is this an issue you're run into, or that is holding you back from using cloud computing more widely?

James,

The problem shouldn't be new. It dates back to Swiss Banks and private banking. Managed service providers and hosting companies delivering SaaS applications and either dedicated or utility storage services should be dealing with these customer concerns on a regular basis.

Managed Services companies that are delivering utility storage should always address PII (Personally Identifiable Information) and other information concerns with their customer before hosting their data so that they can ensure privacy, regulatory concerns such as immutable storage, remote copy distance, etc. all all accounted for as part of an SLA.

It’s the “SLA” that the customer is most often buying – we call it “peace of mind”.

I think that the biggest problem that today’s “Cloud” computing resources bring forward is how quickly and easily many of these can be turned on, provisioned and purchased by consumers.

You no longer have to deal with a SSP (Storage Service Provider) you can now go to a web-page and "sign-up", download an API, and enable your application to share resources using Amazon S3 as an example. This is really a "customer" beware, and read the fine print time so that you know how your data, meta-data and information is being stored, where, how, etc.

It's great to be so abstracted that you don't have to worry about those things; from the development level you just deal with the interface to put and request, but depending on the industry cross-border security and a host of other issues much more can come into play. For the big companies this won't be a problem, for the smaller ISV's writing and selling applications that use commercially delivered cloud storage services such as Amazon, the consumer has to be hyper aware of PII, specific regulations and how those pertain to physical data location, encryption, etc. - ask questions. Also, the problem if ever really understood is easily solved. That’s the good part.

Good Luck,
Peter
October 2008


Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>