Cloud Computing: a question of trust, availability and security

In spite of many advantages like scalable processing power or storage space, the acceptability of Cloud Computing will stay or fall with the faith in the Cloud! I am pointing out three basic facts Cloud providers would be faced with, when they are offering their Cloud Computing services.


Using Amazon services or Google apps does not give you the same functioning guarantee as using your own applications. Amazon guaranteed 99,9% availability for S3 and 99,95% for the Elastic Compute Cloud (EC2). Google also promised an availability of 99,9% for their "Google Apps Premier Edition" including Mail, Calendar, Docs, Sites and Talk. In February 2008 Amazon S3 was down after a failure and Google was even affected by a downtime in Mai 2009. Just looking back to the undersea Internet cable which was broken last year and cut off the Mideast from the information highway, Google, Amazon etc. are not able to promise these SLAs, because they have no influence for such problems.

Companies must carefully identify their critical processes from the non critical ones first. After this classification they should host the critical ones within their own datacenter and maybe sourcing out the non critical ones to a cloud provider. This might be a lot of work but could be a benefit.

Cloud providers must care for an anytime availability of their services. 99,9 % availability is a standard by now and advertised from any service provider - but for a Cloud Computing service it is to insufficient. 100% should be the goal! The electric utility model might be a good pattern in this case. It's not as simple as that! But then, a company won't use Cloud services/ applications for critical business process if the availability is not clear.


Keeping crucial data secure has always been a high priority in Information Technology. Using Cloud Computing, companies have to take their information outside their own sphere and basically transfer them through a public data network.

SLAs (Service Level Agreements) are essential which closely describe how Cloud Computing providers are planning and organizing on protecting the data. This may cause a lot of litigations someday, if any company did not take care of the information.

A hybrid Cloud might be a good solution to avoid those kinds of problems. The company operates on a Private Cloud for crucial information stored within the own datacenter and uses the Public Cloud of a provider to add more features to the Private Cloud. Secure network connections are indispensable in this case and meet a today standard. This approach does not solve the problem of knowing what alse happends to my information I am sending into the "blackbox".


Carry on the last sentence above there are doubts about what might happen to the information in the Cloud as well. Regarding to the data management and local data privacy, many companies such as insurance or financial institutes seeing a lot of problems using Cloud Computing. Using a Private Cloud is no issue, but a Public Cloud doesn't even enter the equation. This is due to the fact that insurance companies are handling with social data and no letter may not be written or stored on an external system. Insurance companies subject to supervision of many national laws. For example, the data of a german insurance company may not be hosted on an american host.

Faith and local laws are big hurdles for Cloud Computing. If a word of data abuse in the Cloud gets out to the public, an irreparable damage will be the direct consequence - maybe for the whole Cloud!

Share on: