“Cloud” is one of those buzzwords that have been floating around the IT industry for some time now. In short, cloud computing simply means accessing and storing information, data and applications via the Internet instead of through your computer’s hard drive.
It’s an expanding trend that will grow to be ubiquitous as more and more organizations move their IT operations into the cloud. In fact, global market research and analysis provider, IDC, predicts that between 2012 and 2016, public IT cloud services will see a compound annual growth rate of 26.4%, five times that of the IT industry overall, as companies accelerate their shift to the cloud services model for IT consumption.
By 2016, IDC forecasts that worldwide spending on public IT cloud services will approach the $100 billion mark and public IT cloud services will account for 16% of IT revenue in five key technology categories: applications, system infrastructure software, platform as a service (PaaS), servers, and basic storage.
“The IT industry is in the midst of an important transformative period as companies invest in the technologies that will drive growth and innovation over the next two to three decades,” said Frank Gens, senior vice president and chief analyst at IDC. “By the end of the decade, IDC expects at least 80% of the industry’s growth, and enterprises’ highest-value leverage of IT, will be driven by cloud services and the other 3rd Platform technologies.”
The driving factor behind the shift to the cloud is namely cost savings. For example, Toronto-based systems integrator and MSP, Mid-Range, says outsourcing to them can cost customers 20-50% less than running their own IT applications in-house. But as more companies, organizations, and individuals move their critical data into the cloud, questions emerge about how companies manage and protect data and their customers’ privacy.
In the cloud-era it is not always clear in which of your cloud provider’s data centers your information physically resides. In fact, your data could be stored and spread across multiple physical locations. Do you know where in the world your data is?
It’s an important question to ask, especially in light of growing anxieties over the implications of the U.S. Patriot Act, which was passed following the 9/11 attacks and expands the discovery mechanisms American law enforcement agencies can use to access third-party data.
In Canada, the federal Personal Information Protection and Electronic Documents Act (PIPEDA) sets rules for private companies transferring customer data to a third party inside or outside the country, and in general, Canadian companies can only transfer personal information about their customers to third parties with their customers’ knowledge and consent.
Here’s a list of things to consider when choosing a cloud provider and determining “where in the world” your data resides:
- Ask your cloud provider where their servers are located and what obligations they have to protect the transfer of your data. If they’re not upfront about these questions then that should be a huge red-flag.
- Ask yourself what information and data is important. Is it worth hosting in a public cloud if you can’t afford the possibility a foreign government might try to access it? Balance the cost-savings of the cloud with the risk of outsourcing your data.
- Try to customize the contract with your cloud provider to ensure that there is a clause covering how the provider will respond to government requests for information and ensure that they make you aware of such requests.
- Data stored by cloud providers is usually encrypted on their end, but consider encrypting the data yourself before sending it to your cloud provider for added protection.