I have been evangelizing public cloud for several years now, trying to mitigate the fear, uncertainty, and deception (FUD) that those threatened by cloud throw out.
In my talk, Cloud Computing-Who wins-loses-How to survive, I suggest we push the threshold for cloud concepts which means for sovereignty issues, we might mitigate all this corporate FUD by encrypting data prior to cloud storage – keeping keys in countries where this is an issue.
Behaviorally, enterprises have been content delaying this discussion with the assumption that a straight “data must reside in the country where laws dictate” response is all that is needed.
As with any disruptive concept, consumerization often leads into addressing the seas of uncertainty faster than in the enterprise. The popularity of personal cloud storage services such as DropBox, Skydrive, iCloud, and G-Drive are now returning the discussion back to who owns the data and has rights to access it.
I suppose my thoughts on this are no different than before. If you encrypt your data before putting it into cloud storage, does it really matter?
For those who are certain breaking encryption is a drop-in-the-bucket, please be the first to decrypt this file for a free lunch at Applebee’s on me…
I look forward to the day forward-thinking providers will automatically do this encryption when information is stored in their cloud service against a customer provided key!