Globalizing Clouds, Geopolitically Speaking

By Ali Shabdar, originally posted on May 11, 2009.

Security in fact is and will remain as one of the main concerns of the cloud adopters.

Cloud (and SaaS) providers can minimize the security risk to an acceptable level in which clients could comfortably migrate to clouds.
This will however, require a major paradigm-shift both business-wise and personal for decision-makers.

However, this won’t be the biggest challenge. Sooner or later cloud computing needs to be globalized, and by that I mean all countries around the world need to benefits its advantages.

Take Middle East for example. Almost 197 million people live in this volatile region of the world. With a 23% internet penetration rate, (Source: Internet World Stats) and being one of the important destinations for goods transit, finance, tourism, etc. there is no doubt that countries of this region will benefit various cloud solutions.

Ironically enough, although Middle East has some of the richest oil and natural resources of the planet, they are amongst the poorer. This makes it even more viable to adopt cloud based solutions leveraging its economic offerings.

All said, there is a bigger concern than just security measures for such countries in the road to moving their information in the cloud: data safety and service consistency.

In this early days of clouds, we see stories like FBI carelessly shutting down an entire datacenter to investigate “one” client’s suspicious acts causing incompensable damage to other businesses that hosted their data on the same datacenter.

We have seen similar cases like closing ISPs hosted PirateBay few years a go. Such acts harm not only the companies who innocently share the multi-tenant platform with the villains, but also the often poor service provider that can’t check the background of all its clients.

In a simple conclusion, my start-up SaaS company can go off the business anytime, if the law enforcement officers of the country my cloud provider runs from, decide to shut the datacenters down to track some sort of national security threat. This is extreme vulnerability.

Sanctions are historically used against any country who doesn’t abide the global moral. In the age of Cloud-computing sanctions are not only on banking and industry sectors, but on cloud services too. A Denial of Service (DoS) on IPs of a certain country can bring its cloud-dependent businesses down to their knees in less than few seconds.

Distributing datacenters all over the world (like Google does) is not a cure to this since the cloud provider should comply with the rules and regulations of their country of origin.

Cloud computing should be protected from governments. This is far from all the ongoing technical buzz we have nowadays.
Maybe a governing body for clouds working under United Nations could be a kick-start, although unlikely to be the best solution.

In the international scope, each country can develop their own country-wise public clouds independent from other countries, yet connected to the global grid. But it still doesn’t answer the cases like FBI’s.

This might trigger the emergence of off-shore clouds in which cloud providers will freely offer their services without being pressured from any political power.

Such offerings could imply further complexities.

• What if the bad guy too can benefit the power of clouds for his evil purposes?
• What if such off-shore cloud datacenters become terrorist targets, if their locations are exposed?
• Etc.

The scale of damage in such cases could be compared to a nuclear attack.

Such stories are definitely not exclusive to specific regions or countries and will apply to the entire world.

Implementing cloud computing in larger, global scale, without deciding how immune are cloud providers from governmental pressures is of deep concern and I see it as a real threat to our dreams of a cloud-based world. Surprisingly I feel that this issue doesn’t get the necessary coverage. Not providers nor the advocates seem to be worried about it that much.

Hopefully this will be a start for an engaging discussion to analyze the political impacts on cloud-computing existance.

Source: CloudAve.