Providers in Liability Limbo
Perceptions of cloud computing have taken quite a nosedive over the last month. Between Amazon’s mass outage and the highly-publicized Sony Playstation attack in which a hacker used AWS servers to steal the personal information of over 100,000 gamers, cloud providers are feeling the heat as security and accountability questions are bubbling to the surface.
While the downing of a general web-based services and the assault on Sony’s customers don’t necessarily touch the high performance computing end of clouds, these issues cannot be ignored. After all, as Eric Sherman argued this week, even companies that don’t consider themselves cloud vendors at the moment are heading down that path—and should be all ears as conversations turn to liability.
“More companies in many industries want to store data for customers, offer services over the Internet and otherwise undertake work that quickly looks like cloud services. Banks keep lists of vendors and schedule payments for customers. Logistics companies offer order handling scheduling, and shipments through what you could call cloud services….eventually a great many companies that don’t think of themselves as cloud computing providers become exactly that—because they host computing services that their customers come to depend on.”
Sherman goes on to argue, there are serious questions we all (customer, provider, governance bodies) need to consider when some nefarious, cloaked figure uses cloud servers to wage an assault on another web service. While it’s possible that Sony could sue Amazon, it’s just as clear that customers with compromised data could sue Sony.
Just as cloud security expert Dr. Nir Ksherti notes in the video we posted here, there are serious milestones we need to reach in terms of questions like these and until we do, the cloud will not be a ripe business environment for enterprise users—in terms of perceptions and some cases, actual offerings.
Full story at BNET