Friday, May 13, 2011

Will privacy and security be critical differentiators in cloud computing?

The debut this week of Google's new web-only Chromebook laptop, coming hot on the heels of Sony's massive data security breach just a few weeks ago suggests that data security is becoming increasingly critical for the success of technology companies. Google, no stranger to accusations over infringements of privacy, is upping the ante with the release of a computer that, rather than running software and storing files on its own hard drive, will instead rely predominantly on cloud computing. Yes, that means everything that you'd usually keep stored on your laptop will actually be held somewhere in a vast data center run by Google ... and of course, everything that you do can be tracked and recorded because you're signed-in and doing it online.

Although the Chromebook itself may not become quite the challenger to Microsoft and their Windows operating system that Google hopes it will be, the shift to cloud computing (which anyone using Picasa, Google Docs, Dropbox or numerous other applications is already very much part of) is sure to continue apace. But cloud computing raises a number of troubling ethical issues. On the one hand there are the environmental problems associated with running servers capable of storing such huge amounts of data. And then, of course, there are the privacy and data security issues that are faced by any company storing so much personal data online.

In recent weeks, consumers have been made all too aware of these privacy and security issues because of several high profile data disasters. Last month, for example, Amazon, which has been a leader in cloud computing, was forced to shut down its service for several days. A number of companies using its services were paralyzed and some even lost potentially valuable data. Then Sony's travails with hackers reached a new zenith when the company was forced to concede that more than 20,000 of users of its online gaming system had their financial details stolen. Osama bin Laden even got in on the action when a swath of spam Facebook messages purporting to be photos and videos recording the death of the former Al Qaeda leader turned out, according to the Financial Times, to be malicious malware designed to phish for passwords and financial data from infected computers. Ironically, even as we tried to publish this post, Blogger experienced a service disruption that meant that we were unable to publish for more than 24 hours. So much for the instantaneity of social media! All of this added up to bad news for technology companies looking to convince customers of the safety and security of their products and services.

This then raises the question of whether data security and privacy protection will increasingly become critical areas of competition between leading technology companies, especially those relying on cloud computing, rather than just being a kind of necessary evil for everyone concerned. Microsoft, whose operating systems and internet software had long been plagued with security problems, certainly seemed to be thinking this way when it launched its Windows 7 operating system. The company has long been compared unfavourably in terms of security to Apple's Mac OS - but appears to have regained some ground with its latest version. But as more and more personal data moves to the cloud, and companies like Facebook and Google become increasingly involved in recording, using and selling data related to our usage stats and preferences, this is likely to affect a wider range of companies ... and potentially in an even more significant way. Yesterday's revelations that Facebook employed a leading PR company to plant negative stories in the media about Google's privacy policies gives some indication of just how high the stakes are becoming. And nothing focuses corporate attention more than the threat of multiple lawsuits, which is the latest ignominy faced by Sony in the fall-out from its hacking attack.

Despite all this, there are still reasons to doubt whether security and privacy will ever become major differentiators in the battle for technology market share. Unlike speed, performance and design, security is a tricky intangible that is difficult to evaluate up front. And besides, despite their criticisms of technology companies, most end users in practice tend to display a fairly carefree disregard for security issues, and even for their own privacy protection. After all, how many people actually read all of those terms and conditions when they download another Facebook app or install a new piece of software? With commercial users the equation is different, of course, but for the average Joe, security is a concern but not one that yet impacts significantly on their technology choices.

In the end, a better way of looking at this might be for technology companies to start looking at privacy and security as pre-competitive issues. That is, rather than competing on the quality of their privacy protections, why not collaborate with one another to improve standards across the industry. After all, a major hack at Sony, an outage at Amazon, or a spate of malware at Facebook threaten the reputation for security across the board not just for the individual company that is targeted. Problems at one company can spell reputational damage for the industry as a whole. Sure, healthy competition can drive innovation in new security systems. But so too can healthy cooperation. And in the long run it might just be more effective, and provide a better service for skeptical consumers unsure of how far they want to put their trust in tech companies.

Picture by samplereality. Reproduced under Creative Commons licence.

No comments:

Post a Comment

Have some thoughts you want to share about this post? We would love to hear them, so comment here (all comments will be moderated to prevent spam and random acts of advertising)...