Suddenly The Terms And Conditions Of Your 'Cloud' Service Provider Matter A Lot More
from the pay-attention dept
With everything going on with the NSA and other intelligence agencies relying on being able to reach out to third parties for data, we've pointed out a few times now that this may do serious harm to the tech industry. But what about from the consumer (or business buyer) perspective? It seems likely that companies (especially) should really start rethinking how they make use of certain cloud services. There are, clearly, tremendous potential benefits from cloud providers, which is why it's become so popular lately. But, there are certain downsides as well, and the whole concept of government access (or government demands, a la Lavabit) has really woken people up to some additional potential hazards they may not have paid close attention to in the past.
It also means that a lot of users of cloud services are suddenly reviewing their options a lot more carefully. We've talked about how this may be a boon for private cloud offerings, but there are still plenty of benefits to remote cloud offerings as well. But, suddenly the exact terms that are associated with those offerings, and the potential liability you might face for using those services becomes much more important. In the past, people may have grumbled about the terms of service or potential liabilities they were taking on, but the threats seemed more theoretical. That's now changed.
Over at OpenSource.com, Georg Greve has a good post that looks into questions that need to be asked before using a cloud service these days in light of the revelations about government snooping. For example, in the past, while many people might not have cared what country their service was hosted in, now it becomes critically important. He also highlights the importance of open source software and open source expertise -- both of which provide benefits on mulitple levels, including a higher likelihood of standardization and, frankly, probably a stronger interest in not just caving to government snooping.
But the biggest one is the final point: having a way out.Know your escape plan.Indeed. As I've argued a few times in the past, so many "cloud" services available today aren't fulfilling the real power of the cloud. Instead, they're little more than locked-in silos, where you're stuck with that particular vendor. The switching costs are incredibly high in those cases, which may not matter when everything's going great, but when you're suddenly worried about the privacy of all of your users (or yourself!) these things suddenly matter quite a bit. And yet, many who are jumping on the cloud bandwagon don't take the time to explore the amount of lock-in and what it means for their own flexibility and liability as well.
Solutions that are provided to you as fully open source have an elegant escape hatch built into them by their design. Read: You can take the entire stack and host it yourself without losing productivity or data. This backup plan protects you against legislative changes, company restructuring, and much more. The other side to this is provided by open standards.
The Takeaway: Choose solutions that have the most complete open standards approach to go with open source, because if your escape plan fails for whatever reason, there is a backup. Beware of "Open Core" offers masquerading as open source, though. Gartner called them the "emperor's new clothes" for a reason.
Part of the problem, of course, is that many users of cloud services just haven't put a premium on having such control and freedoms. Hopefully, with the growing recognition of why this is an issue, more cloud providers will recognize that not locking people in, and providing more open and flexible solutions is a powerful selling point.
This post is sponsored by The Hartford.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cloud, data security, liability, sponsored post
Reader Comments
Subscribe: RSS
View by: Time | Thread
I miss the days when America was the home of the free and the land of the brave. Now it's the land of the oppressed and home of the scared.
[ link to this | view in thread ]
Re:
Switzerland once was considered a good choice, but that ends when Swiss bank bends to U.S.'s order to give out account owners' information. I don't have much confidence left to that country any more.
[ link to this | view in thread ]
[ link to this | view in thread ]
Cloud computing is 100% hype
And worse than hype: cloud computing is 100% insecure. Every cloud provider of any size has long since been served with NSLs that require them to hand over all data and/or provide real-time network taps. Heck, major ones (e.g. Amazon) probably have APIs for surveillance built in.
Cloud computing is used only by the inferior people who haven't thought it through.
[ link to this | view in thread ]
The Hartford
[ link to this | view in thread ]
[ link to this | view in thread ]
rush limbagh
[ link to this | view in thread ]
And since I thought of it you can be sure they did.
[ link to this | view in thread ]
Cloud computing security
And remember, rule #1 of Cloud Computing Operational Security if you actually have confidential information you need to protect: don't use cloud computing.
[ link to this | view in thread ]
Re: Cloud computing security
[ link to this | view in thread ]
Re: Cloud computing security
And the odds are overwhelming that you do -- particularly if you're using "cloud" services in connection with your cell phone or tablet.
[ link to this | view in thread ]
A Secure Cloud Solution
IMHO
[ link to this | view in thread ]
Re: Re: Cloud computing security
I would add to that the near-certainty that agents in the employ of other governments and/or criminal organizations have found employment at Amazon and Rackspace and wherever. It's a no-brainer: get your people on the inside, have them collect a paycheck from the cloud provider and a tax-free bonus from you...and then wait. Just wait.
If and when the day comes that they can retrieve specific information, or take specific action, that minimal investment will pay for itself a thousand times over.
[ link to this | view in thread ]
say no to drugs,er usa services
[ link to this | view in thread ]
Re: Cloud computing is 100% hype
Correction, it's for the digital invalids who cannot setup their own secure server, for that matter any server at all :)
[ link to this | view in thread ]
Re:
And since they have access to all other records from major entertainment and communication services, they will know exactly when you leave and most likely for how long.
They can just do a friendly drop in, copy your hard drive, and then poof back out. You need a pretty intense system to know that they were even there. Or just a non-bribable dog perhaps.
[ link to this | view in thread ]
Re:
"I miss the days when America was the home of the free and the land of the brave. Now it's the land of the oppressed and home of the scared."
love your comment dude
[ link to this | view in thread ]
[ link to this | view in thread ]