Security is a problem for Cloud resellers

While there is huge pressure to come up with cloud based products, European suppliers have a few security problems to over come before trying to sell the idea to big enterprises.

Companies looking at the Cloud all list security about their data remaining the top of the worry list.

This is a bigger problem for US based companies who, thanks to the US Patriot Act, have to hand over data to the Department of Homeland Security if data crosses US borders.

Companies like Microsoft attempt to keep data within European borders, but there is also some concern that the Patriot Act could be used to force them to hand over any data simply because they are US companies.

This means that UK defence contractors who are daft enough to place secret plans on Microsoft or Google’s cloud could be giving them straight to the US.

In fact, in January there was talk that the EU would ban companies from placing data on US clouds for security reasons. This makes those resellers trying to sell products basked on US clouds jobs that much more difficult.

This state of affairs has been enough worry for companies to refuse to use US based companies to supply their clouds and look for European based cloud suppliers such as Aepona.

This week, research from Network Instruments showed that security continues to be the big concern for almost three quarters of users who are worried about where their data resides during the transfer across to a hosted environment.

This means that those making packages based on the cloud have to come up with some clever components and environments which put their customers at ease. Network monitoring on the cloud is proving to be the key factor in doing this.

Currently companies appear to be trying to sell packages to clients with out monitoring tools, quality metrics, which create visibility and prevent IT from effectively managing performance. If an IT department can’t show the board how much a cloud is saving them, and how they can stop it being a security nightmare then the board is not going to give them money to build it.

But at the end of the day the Cloud itself may cause problems which are out of anyone’s hands. This week a report by Bryan Ford at Yale University that says the Cloud is quite a complicated system and that inherently, this will lead to unexpected failures.

One example was when third party application providers are running simultaneous tasks on the same system: they might have programmes that run on the same refresh period. When these coincide, they begin sending the load between the servers in a feedback loop.

“This simplistic example might be unlikely to occur in exactly this form on real systems-or might be quickly detected during development and testing-but it suggests a general risk,” Ford added.

He stopped short of saying that the cloud was too complex to be secure and even said that cloud servers would operate perfectly fine when there was a single system involved, but it was when multiple users began operating multiple applications that problems could become much more common.

If these sorts of systems do collapse out of sheer complexity then it could cause problems for the companies that installed them. Technology wise they will have done all the right things, but the cloud based systems will appear to have broken for now apparent reason. This will be very difficult to explain to a company which has been convinced that the Cloud is a cure for cancer.

It will also mean that those who are trying to resell products with a cloud based factor will have to look carefully at their client contracts. Otherwise they could find themselves being sued for something which might not be their fault.