New security threats, data integration, affecting cloud adoption

Cloud lock-in an emerging issue

Tim Lohman (Computerworld)
26 March, 2009 11:19
Comments

Questions around security, vendor openness and cost continue to hold back cloud computing adoption in Australia, according to analyst firm IDC.

Speaking at its Sydney summit on cloud computing in Sydney, IDC associate director of consulting Linus Lai, said the emergence of new pricing models, like paying by the hour, per user or per transaction, were creating cloud computing-specific security risks.

“Because you are charged on the number of transaction, say for a data base service, hackers have found a way to create false database transactions,” he said. “By doing this they can rack up a huge bill for the customer with the cloud computing service provider.”

This opened up the potential for hackers and organised crime elements to extort cloud computing users, Lai said.

With its ability to create virtual infrastructure on demand for use in software development and testing, among other uses, cloud computing itself was creating sandboxes for hackers, he said.

“A more malicious use of cloud computing is the fact that hackers can use virtualised infrastructure as a launching pad for new attacks,” Lai said. “Virtualised infrastructure is a resource, and with all resources, they can be used for good or bad.”

While 18 percent of Australian enterprises are using cloud computing in some form, and 38.5 percent considering using it, according to Lai, a lack of frankness from vendors about the true capacity of their cloud offerings was affecting cloud computing adoption.

“I challenge you today: if you ask any of the cloud service providers what their absolute limit of capacity is – and when are their services going to break – they are not going to tell you,” Lai said. “[Providers] will say their services is infinitely scalable. The allure of cloud computing is based on that illusion of the ability to infinitely scale. This is very different from the model of today which is based on capacity.”

Added to this, a lack of a critical mass of cloud computing suppliers and concerns that cloud services in the long run could cost more than paying for infrastructure and services up front were also factors, Lai said.

“There has been a lack of proper discussion about how cloud services can integrate with in-house data bases, business process applications and customer data.”

Angus McDonald, chief technology officer at Sun Microsystems ANZ, said interoperability was the biggest issue affecting cloud adoption.

“At some stage cloud providers will be the same as electricity providers – and that won’t happen unless there is interoperability locked in,” he said.

“The concept of vendor lock-in is now being applied to the cloud in terms of cloud lock-in, so you have to ask: how do you go from one cloud to another? How do you manage your security and backups?”

With organisations like Google and Amazon highly reliant on the speed of their Web sites for maintaining traffic and transactions, the level of performance of cloud-based services was also a potential inhibitor to adoption.

Alan Perkins, CIO at Australian headquartered electronic design software vendor Altium, and a user of cloud services from Amazon, Google and Salesforce.com, was more sanguine about cloud computing adoption, especially when it came to security and availability.

“Suppliers of security services do a better job of security than I as a CIO can do: you can penetrate our security with a hammer and ladder. Unless you are in the business of security then you shouldn't be doing it,” he said.

“The risk of a cloud provider going down is probably less than that of your own systems going down. You actually gain more control over your data by putting it into the cloud as you gain more control over the use of that data.”

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email CIO
Follow CIO on twitter

More about: ALTIUM, Amazon, ANZ, Bill, Google, IDC, Salesforce.com, Speed, Sun Microsystems

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

Latest Stories

Community Comments

"I recently came across your blog and have been reading along. I ..."

Australia's first 4G smartphone is the HTC Velocity 4G
"I am crazy about this blog. I have visit so lots of ..."

Social networking, ignorance, and apathy
"Thanks in favor of sharing such a pleasant thinking, paragraph is nice, ..."

China's Alibaba sees big growth with AliExpress site
"I have a bully boss who even has a tshirt that says ..."

10 Tips for Dealing with a Bully Boss
"Good to know about the How to design a successful RACI project ..."

How to design a successful RACI project plan

Tags: cloud computing, IDC, SaaS, security, virtualisation

Latest Blog Posts

Whitepapers

OVUM Report: Governance Risk and Compliance-- GRC usage and buying trends in the ANZ markets
The existence of an established and stable governance risk and compliance strategy is extremely important to public and private sector organisations as they strive to meet an evergrowing range of regulatory demands. Given the current constraints, it is one of the few areas where the vast majority of organisations intend to either maintain or in many cases increase spending. Read more.

Learn more »
The State of Privacy & Data Security Compliance
With the plethora of new privacy and data security regulations, we believe it is time to ask whether regulations help or hinder an organization’s ability not only to protect sensitive and confidential information assets, but to be competitive in the global marketplace. Further, how difficult is it to be in compliance, who is the typical person or functional leader accountable for compliance? What is the value to the organization? Finally, what differences (if any) exist in security practices between compliant and non-compliant organizations?

Learn more »
Print security and the mobile workforce
Where, when, and how we work is changing. Whether your employees are working on the road without a dedicated workstation or from a home office, they need a safe way to print. Driving this shift is the accelerating adoption of smartphones, tablets, and other mobile devices. But even with these devices, printing remains a key business function for virtually all employees, and many may already be using them to print. Read more.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

Zones

Featured Whitepapers

ALM Buyers Guide: A Practical Guide to Choosing the Right Agile Tools for your Team

This buyer's guide describes the key criteria for application lifecycle management (ALM) solutions for today's high-performance teams. It includes key considerations for enhancing your single- or multi-vendor ALM environment.

New security threats, data integration, affecting cloud adoption

Comments

Post new comment

Building trusted relationships

Planning your IT career

Taking the risk out of diversity

5 open source help desk apps to watch

How to create a clear project plan

IT service management going social

BYOD security: How to protect your business on the move

5 open source billing systems to watch

Face Time - Interview with John Brennan and Robert DiStefano

All Systems Down

IT service management going social

Australia's first 4G smartphone is the HTC Velocity 4G

Survey: Over 97 per cent of enterprise tablet users got an iPad in Q1

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

ALM Buyers Guide: A Practical Guide to Choosing the Right Agile Tools for your Team

The Pathways ICT Leadership Development Program Brochure and Curriculum 2012