CD1108-cloud
CD1108-cloud
CD1108-cloud
CD1108-cloud
CD1108-cloud

Is the Cloud Safe Enough?

Aug. 10, 2011
The Cloud Is Not a Safe Place. But Is It Really Any Different Than Any Other Client/Server Type Arrangement?
By Jeremy Pollard, CET

I designed and implemented a wireless network for a local municipality that has more than 16 PLCs in separate locations. We get data and alarms from more than 160 points. The server is in the township office, which to the remote stations is the cloud. Call it the local cloud.

The local cloud is somewhat similar to and somewhat different than the remote cloud.

I look after my own servers and wireless connections. I own the data, and the subsequent reports and sensitive data. I am the only one able to access the data in raw format. I am God.

In the remote cloud, DropBox threw a spanner into the works by admitting it had/has access to all data on its servers. That raises many questions about security, accessibility and availability.

Security of data and intellectual property might be scary. Tony Busseri, president and CEO of Route1 (www.route1.com), perhaps said it best in response to a tweet by Tom Liston, an equity technology analyst: "Netflix is down because of PS3 password issues. Still want everything in the cloud?" Busseri responded, "Just secure it properly." Busseri argues that Route1's technology does just that.

Relying on a vendor such as IzonData (www.izondata.com, see previous column "More on Cloud Computing: What Does It Really Do?") might be a leap of faith. Anyone who controls the servers always has access. Putting up reports, data access in web format driven by raw data from the plant floor and local servers could be a better and more secure way to present data to the user base.

In InfoWorld, James Gaskin indicates that cloud applications can query the endpoint for such things as two-factor authentication. Route1 built its model on two- and three-factor authentication, and since you communicate with its servers first, it is a cloud infrastructure, but accessed before you get to your vendor-supplied virtual desktop or cloud applications. Doing business without some sort of data and application lock is asking for trouble.

Since most interfaces want to be and should be browser-based, end-point security can be an issue. Just check out the boards on the use of Android mobile devices. Users are downloading everything with regard to security. And these devices are allowed to access IP in the cloud? Major pilot error.

[pullquote]Dale Calder, founder of Axeda (www.axeda.com), an M2M platform provider, says, "M2M will be bigger than social networking." Huh? Would you rely on the ability of others to have your M2M data pass through the ether?

That leads us to accessibility.

The Internet is a wonderful sandbox, and it's full of scorpions. Denial of Service attacks happen. If you have a plant issue and need to access historical data in real time from your playbook, but the host vendor's servers are down or being attacked, then you could be in trouble.

Contingency is an everyday practice, and no more evident than cloud computing in our space. If your vendor space isn't available, then what? Be sure you realize the consequences of not being able to talk for a while.

Availability is the issue of connectivity, and its path is based on where you are. The Internet has redundant paths to go from A to B. Where those paths are isn't important—we just trust that they are there. But the connection we have to the net might be in question. Do you have a redundant path from your location to your ISP? Does your ISP have a redundant connection? What happens when a construction crew slices through a fiber line that connects you to the world?

Most of us haven't thought about redundancy at all. My township client hasn't. But I have. I have triple redundancy. If need be, I can drive 10 minutes to get onto another segment of the local Internet infrastructure.
Most people wouldn't have that luxury, nor would they have the time. The cloud is a great opportunity for public documents, manuals and non-intellectual data. Real-time reports maybe, but nothing that gives away any company secrets.

If the cloud is in your future, be very careful. Be thoughtful, and be prepared.