As more information, entertainment, and even software moves toward ‘the cloud,’ we meet both new freedoms of access and flexibility as well as new needed skills and risks. For most of us (including this author), envisioning the end of huge hard drives and CDs to deliver content is stressful: How can a whole movie (at least one of decent quality) come over my wireless network? How am I going to access Microsoft Word when it must be rented from the cloud? Where is my spreadsheet when I save it for the company’s annual report?
Last week we noted some of the legal turbulence that could meet both personal users and institutions as their content lifts off to the cloud. We want to follow up with a report on some recent technical snafus that have shadowed some of cloud services of late.
Security should be Concern Number One for any charity or nonprofit considering the move. One of the most trusted names in online retail, Amazon.com, has been called out on its security measures – rather, the lack of them. As Amazon points out the need to keep your email and password secure (of course!), but how many of us use the same email and password or two for numerous accounts?!
The comment by Tim Williams, though, really gives one reason to pause:
I set up an account yesterday and dumped some files up that I had on dropbox and was a little stunned with the lack of security on the cloud drive. I realize the authentication scheme could use two-factor like you are saying, but what I found was very troubling. If you are authenticated and open a jpeg stored on the Amazon cloud drive, it will display in your browser. So I copied to the URL from Chrome and pasted it into my IE address bar and the jpeg displayed even though I was not authenticated to the Amazon cloud drive. So I pasted it into Safari as well and again the image displayed. I realize the pretty random URL generated by cloud drive would be hard to guess, but it is security through obscurity. I agree with your assessment that the service is not ready for personal documents.
from the security-consultant firm , praised Amazon’s service and scalability, but also pulled no punches about the fact that Amazon was not up to its claims to be ready for enterprise/business operations. Amazon has remained coy about discussing either its security measures or how it might respond to these security concerns.
To make matters worse, Amazon suffered a mere technical failure a couple of weeks ago that left sites like Foursquare and Reddit down for a few days, and peoples’ personal files inaccessible for a number of hours.
Though everything was back up within forty-eight hours, many analysts point to the same fallout: perception of such a high-profile problem is that cloud computing can not yet be trusted for vital information.
Though such security and reliability concerns must always be taken into account (for any technology, really), we would also remind folks that hard drives still fail, though not nearly as often as in the recent past. Motherboards die. Windows computers crash. Batteries lose the vitality to recharge. Etc. Yes, ‘the cloud’ has many problems, and erring on the side of patience is surely wise at this stage of takeoff.
Nevertheless, the flexibility and opportunities for inexpensive software, storage, and sharing make it an enticing prospect, even in the near future. No less a player than Apple seems to think so: the next iteration of its computer operating system,will be available only from ‘the cloud.’