“Oh, the land of cloudless days,” Willie Nelson croons in one of his better known tunes. “Oh, the land of an unclouded sky….”
Which is just one of the reasons Willie writes songs instead of code: He just doesn’t “get” the cloud.
Lots of folks do, though, and they’ve been making much of it, in briefs on behalf of cloud computing.
The “cloud” in cloud computing is still described in much of the tech press as the Latest Thing, even though it has roots at least as old as Google’s popular g-mail program. It’s been gaining currency as its core notion takes hold: By providing a place for users to keep data and applications, it promises free trips to cyberspace without the nuisance of buying a computer. All you need is access – at a public library, at an Internet café, wherever – and presto! you’re a cybernaut.
That’s why Google is pushing Google Apps – cloud computing gone wild – and Amazon, Microsoft and half a dozen others are trying to climb on board.
It’s all so exciting. But, for government, it’s problematic in the extreme, because it could mean putting public data somewhere beyond the public sector – with obvious implications for the cornerstone components of privacy and security.
The basic public sector concern with the cloud was nicely captured not long ago by Carolyn Lawson, CIO of the California Public Utilities Commission.
“From the government perspective,” Lawson told a tech think-in, “I don’t see a time when we will move all of our information into the cloud, because [our data] includes Social Security numbers, driver’s licences.
“We know where your children go to school…and the public gives us this info and expects us to protect it. If we give this data to a cloud computing company, and there is a security breach or if that company gets sold, how do we address that? I am accountable.”
Right: The A-word.
Closer to home, the cloud figured indirectly in remarks by federal privacy commissioner Jennifer Stoddart over the summer, when she mused with journalists about federal tribunals and other quasi-judicial bodies posting names of people online in decisions and other documents.
“The open court rule, which is extremely historically important, has now become distorted by the effect of massive search engines so that documents containing all sorts of personal information find themselves searchable worldwide,” Stoddart said. “That wasn’t really the context in which this rule evolved.”
That’s the kind of thinking that affords context to cautions about the cloud from the research heavyweight Gartner. The analysts at Gartner have identified no fewer than seven security-focused posers around the cloud:
Privileged user access Regulatory compliance Data location Data segregation Recovery Investigative support Long-term viability.
Wrestle each of those to the ground and, maybe, you could consider the cloud. Maybe.
Mostly, all this makes the cloud a dubious proposition for the public sector, notwithstanding the evolution of a possibly massive swarm of newbie netizens. Those eager beavers may not be bothered by the stream of reports of lost data, but government technology managers are; just ask the folks involved in the loss of a memory gizmo containing information on every prison inmate in England and Wales.
Except:
Clouds don’t have to be public.
The public sector already has considerable experience with internal web 2.0 applications – specifically the wikis that have been popping up everywhere. There’s no good reason why the same approach can’t be taken with the cloud. Google, in fact, has seized on the possibility; it’s positioning Software As A Service as the key to “a significant paradigm shift in the way that government agencies will access data and applications.”
It is, of course, an approach that would keep the public sector cloud(s) out of cyberspace as it’s known and even loved. But the architects who turned intranets into wikis while barely working up a sweat would have no problem with that; they’ve already got their heads in the clouds.
