Is Another Cloud Possible? - Expert
2 May 2012 at 2:40 pm
Allen Gunn addresses the Connecting Up conference in Sydney. Photo: Jackie Hanafie |
Cloud computing is the way of the future, American NFP technology expert Allen Gunn has told the Connecting Up conference in Sydney.
In his keynote address at the second day of the conference, Gunn pointed out the strengths, weaknesses and ways to go about implementing cloud computing in Not for Profit organisations.
Gunn defined cloud computing as an “incredible miracle of technology” encompassing data storage and collaborative creativity accessed from anywhere you have internet.
However, Gunn warned that while 'the cloud' offers great potential, there is no singular titular 'cloud' and that many cloud offerings come with great risk and responsibility on many fronts.
One of the key considerations when it comes to cloud computing, says Gunn, is security.
“Most cloud solutions represent uniquely unleveraged relationships,” he said. “Do not buy anyone’s assertion that it is more secure. It’s a different kind of secure.”
Gunn said that data loss, government request for data, intelligence seekers and disgruntled staff all represent threats to data security.
He cautioned on the need to carry out a threat analysis before using cloud computing, including:
Data loss
Is your data redundantely backed up? S3?
Have you practiced test restores?
Governments
Who are your grantees, where are they?
What jurisdiction does your data live in?
Are you funding in areas of “national security”? e.g. Immigration?
Let Wikileaks and MegaUpload be lessons
Intelligence seekers
Who are your opponents and assailants?
Who wants to know more about how and with who you are working?
Disgruntled staff
Have a proactive password policy
Have a smart account ownership protocol
Staff turnover should trigger thorough password changes
But Gunn says that real-time collaboration is one of the key selling points to the cloud technology.
“The fact that you can access what you want to access wherever you are creates new paradigms of collaboration, and because of availability, serendipity is possible,” Gunn told the 200 strong crowd.
However, Gunn said that while cloud computing is a part of the future, as organisations ‘cloudify’ they shouldn’t forget who controls it.
“Have that proverbial Plan B. And a Plan C… and a Plan Z,” he said.
Gunn also warned delegates never to sign a contract that is long-term.
“You should never sign a contract that goes for more than 90 days without some opt-out – because technology changes quickly,” he said.
For organisations ready to upgrade their technology to cloud computing, Gunn says it’s important to focus first on people, then the process, then the technology.
“Cultural change can be hard,” he said.
Connecting Up chief executive Doug Jacquier said that Gunn was “a universally respected thinker about where technology fits in the world of Not for Profits globally”.
Allen Gunn is the executive director at AspirationTech, and has spent the last fifteen years exploring how technology can most effectively empower and support social justice causes.
You can see Gunn's full presentation here.
AU privacy rules specifically limit transborder data flows;
I believe there are currently no on-shore cloud servers.
shouldnt cloud advocates warn that if NGO data includes individuals’ personal &/or confidential &/or health information, that moving this to cloud would likely breach these national principles?
Hi Russell – thanks for your comment. Yes you're quite right and Allen did touch on this in his keynote speech. However due to the substance and detail of the speech we could not cover absolutely everything in this story. We suggest that NFPs wanting to make the transition to 'cloud' should seek further advice from technology professionals. – Jackie, Pro Bono Australia News team
Russell: at least here in Victoria, the Information Privacy Act 2000 allows off-shore transfer and storage in you can satisfy a number of conditions, including assurances about access to the data, and performing your own ‘due dilligence’. There’s no blanket ‘you can’t transmit data off-shore’ legislation.
The definition of ‘sensitive’ or ‘confidentia’ information is also open to interpretation.