Cloud computing and insurance
Observing the buzz on cloud computing, I enjoy finding pearls of wisdom among 99% gobbledegook.
The term Cloud had its luck last year. How come it made such a career in 12 months? You've heard the story x times, so here's my version. Late 2007 brought Nick Carr's "The Big Switch" which coincided with Amazon announcing EC2. These two came as a revelation to all the Grid vendors, scratching their heads as the term "grid" faded in its popularity in press. So the Grid guys willingly embraced the Cloud (luckilly equally ambiguous and broad) as their "new" paradigm. Amazon made it into the news for making the difference in the industry. Carr won applause as an instant prophet, as he predicted the Cloud and the Cloud happened. And the press folks could write tons of new material about Carr, Amazon, Salesforce, and the surprising heaps of new Cloud businesses. See? Everyone instantly happy. Added value? Very little.
Today UnivaUD sends me their newest white paper "A cloud guide for HPC", which essentially recommends their software as a kickstart for migrating to clouds. This company was started in 2004 by some former colleagues and superiors of mine from Argonne Lab, so I like to follow up with their developments. Univa, once a grid business, now attempts to build a semi-complete software stack linking HPC parallel processing environments with a possible external cloud environment. I read their paper. It made me go through some deep educational findings such as "I recommend multiple levels of security, making it difficult for hackers to break.” Oh really? But then I found something for myself.
As one blocking factor for corporations to move on the cloud the author cites "the amount of insurance that may be necessary on the corporate data in the public cloud environments". Agree. Although I would put it differently: "absence of insurance instruments enabling one to safeguard his data on the cloud".
Contrarily to most people I met, I don't see how the fact of "storing one's data externally" could in the long term remain a blocking factor to businesses considering to use the cloud. After all, something similar has been happening all the time: we all grant access to our data to contractors, suppliers, service providers, data center outsourcers, etc. Why is this acceptable? Because of the contract, which allows to transfer the responsibility for any information leakage, mitigating the risk.
So the problem is not technical, it is a legal one and eventually, financial.
Same will happen to the cloud business, sooner or later. Once there are legal and financial instruments, including insurance, allowing to mitigate the risk, the discussion will stop. And these will appear sooner or later, as utility computing and pay-as-you-go model becomes a standard way of doing things in IT. Interesting that with all the buzz on Cloud, I haven't heard much discussion on financial or legal tools that would indeed drive the adoption, by forcing the problem away from technology. Perhaps except post like this one, essentially observing that the niche is there, empty.