Turning Sidekick's Data Losses into an Opportunity to Influence the Cloud

What wasn’t addressed in the flurry of responses to the Sidekick news was any indication of a practical course of action. It ignores the two fundamental concerns that everyone shares: Consumers and business users have increasing volumes of data that need to be securely shared with authorized parties, as well as backed up for safe keeping.


29 October 2009

The overwhelming response by the media, bloggers, and consumers to Sidekick’s data losses earlier this month was the usual question: Whose fault is this? Many doubts were raised as to whether or not the cloud can be trusted with any valuable information.

What wasn’t addressed in the flurry of responses to the Sidekick news was any indication of a practical course of action. It ignores the two fundamental concerns that everyone shares: Consumers and business users have increasing volumes of data that need to be securely shared with authorized parties, as well as backed up for safe keeping.

The first problem of controlling data access is becoming increasingly complex to address, since information needs to be shared with new categories of users, sometimes outside of the data owner’s control. The second problem of backing up data lies not in the complexity but in volume.

Both problems become more manageable if data is centralized. It is easier to implement access control and to duplicate data for a single repository of users and their information. (Of course, this means we all need to implement that single repository approach which—I am the first to admit—is no trivial matter.) Technologically, clouds are the closest thing we have to a ‘single repository.’

If centralized data is the easiest to control and duplicate for backup, then I believe the cloud is the safest place we can store information. I realize this may be a controversial conclusion, but it is one I believe in and even examined in-depth in a recent article on ZDNet.com.

The cloud will always have advantage in resources and expertise to implement proper security and disaster recovery procedures over consumers and most internal IT organizations. Cloud vendors will use those resources to implement sound data confidentiality and availability practices only when there is materialized demand. If only a critical mass of cloud services consumers switched from passivity to demanding high data security standards, the conversation will begin to change.



Mushegh Hakhinian

Mushegh Hakhinian

Mushegh Hakhinian represents Intralinks at the Cloud Security Alliance SME Council, is a certified information systems security professional, and is a frequent contributor to industry publications. Prior to joining Intralinks, Mr. Hakhinian lead security functions at a multi-tenant online banking service provider and an international bank.