NSA Scandal Spells Trouble for Cloud Services

Cloud Technology Partners' Dave Linthicum

Cloud Technology Partners’ Dave Linthicum

Lost in much of the outcry and public handwringing over the NSA data-snooping affair has been the impact the PRISM scandal is likely to have on those who sell cloud computing services for a living. Any solution provider with a serious cloud practice knows that much of the battle involves getting new clients past their misgivings about the security and integrity of their data once it’s consigned to far away servers and accessible over the Internet.

The added wrinkle brought about by the revelation that the US government is rooting around in that data with little in the way of probable cause – ostensibly to ferret out illegal activity – could make an already skittish client base downright reluctant to even engage in the cloud computing conversation. Noted cloud expert and author David Linthicum, senior vice president at Cloud Technology Partners Inc. in Boston says the NSA affair “will provide more fuel for the already cloud-paranoid.”

Channelnomics got with Linthicum to hear his thoughts on the emerging government espionage scandal and to get his advice for partners navigating the cloud space in a time of heightened fear, uncertainty and doubt.

CN: How big a deal is the NSA spying controversy to partners dealing in cloud services?

DL: It’s a PR issue, really. Some of the FUD around the use of pubic cloud computing has been that the government can monitor or even seize your public cloud hosted data much easier than if it is in your own data center. With the NSA spying controversy, they may actually have a point.

If the government can monitor message traffic on Verizon, it’s not much of a stretch that they can also monitor data flowing in and out of public clouds. Although it clearly was not the government’s intention to cause this problem, it’s an outcome of their actions.

CN: What are the biggest, most legitimate concerns raised by the NSA issue relative to the cloud?

DL: That there can be “secret court orders” that allow the government to peek into data communications traffic without the owners of that data knowing that it’s occurring. While most of us understand that it’s a possibility, we did not have the verification that it was occurring at such a scale.

CN: Where is the NSA controversy likely to have the biggest impact on cloud?

DL: I think that the Finance vertical will be most impacted, considering that they are the most paranoid and can afford not to go to the cloud. The health care vertical, which is also paranoid, will find this as a good excuse not to move quickly to public cloud providers, perhaps pushing back on existing plans. Not sure manufacturing or retail cares if the government is watching our not, generally speaking.

Larger companies will be most aware of the impact of the NSA controversy, since they can afford not to leverage public cloud providers.  Smaller businesses with limited IT budgets will be the most impacted since using public cloud providers is a necessity.

CN: What can partners do by way of damage control to head off the market reluctance to engage cloud providers that this is sure to create?

DL: I would remind them that their data is just as vulnerable behind their firewalls as in the public clouds. If the government wants to see it, they will figure out a way to see it, and do so within the confines of the law. Moreover, that it’s the objective of the government to find patterns in data, and not the data itself, typically.

CN: What are you telling your customers who ask if they can still trust the cloud in the wake of the NSA matter?

DL: We tell them that you have to look at the track record of the public cloud, and thus far it’s been exceptional.   While there are indeed a few outages from time-to-time, for the most part public cloud providers have done a good job providing services, and protecting the data and the systems they host. The record is much better than systems in enterprise data centers.

Cloud Technology Partners SVP David Linthicum is an expert in complex distributed systems, including cloud computing, data integration, service oriented architecture, and Big Data systems. His latest book is “Cloud Computing and SOA Convergence in Your Enterprise, a Step-by-Step Approach.”