Comments on: Is it too easy for your cloud provider to snoop on your business?

By: Cloudways Hosting

Cloudways Hosting — Thu, 07 Feb 2013 13:06:35 +0000

Public Cloud service providers that provide micro-SMBs with innovative SaaS capabilities can take advantage of the incremental profits from this segment. Cloud Hosting I Cloud Security I Cloud Server Hosting

By: keaocaindec

keaocaindec — Wed, 23 Jan 2013 17:29:06 +0000

Alan, you raise an interesting point regarding client data privacy and coopetition. The telecom industry has always operated in a state of coopetition, whereby carriers both compete and buy services from each other. AT&T Wireless competes with Verizon Mobile, while both companies buy long haul fiber from each other. That’s the reality of a model in which no single provider has perfect coverage and access into markets.

There are rules in place for carriers in how they may use client data. The US Telecommunications Act of 1996 granted the FCC authority to determine how customer proprietary network information (CPNI) can be used. The 2007 FCC CPNI Order further defined how carriers can use client information to market and what whey can and cannot share with third party marketers. In 2007, when I was at Yipes, we in fact had to change the way we handled client data in order to satisfy some elements of CPNI as a carrier. The CPNI order effectively says that you cannot use CPNI data to market to them unless the client opts in.

I am not aware of any CPNI rule that extends to cloud providers, however, I wouldn’t be surprised if the FCC expands its definition of CPNI to include cloud data some day.

Clients have been sharing product plans, expansion plans, and entrusting their vendors with confidential information for years. NDAs should explicitly limit the use of such confidential information to the teams working on their project for that project. As telecom carriers, systems integrators, hosting companies and pure cloud providers compete with each other, we all will have to live in a world of beneficial coopetition. Caveat emptor as they say. The reality is that if enterprises and service providers cannot entrust their cloud provider or cloud technology vendor to help them drive their business, they will have to build their own technology or service or slow their growth.

At the end of the day, I think the coopetition model wil prevail in cloud, and enterprises wil have to ensure that they trust their cloud provider (with appropriate NDAs) as needed. In fact, the coopetition model is alive and well at the PTC Conference in Honolulu right now where hundreds of carriers are bartering, buying and selling capacity at one of the most interest conferences in our industry. Aloha!

By: Ed Laczynski

Ed Laczynski — Tue, 22 Jan 2013 14:11:21 +0000

Allan,
Did you write this article for NetFlix?

Nicely done.

By: Allan Leinwand

Allan Leinwand — Tue, 22 Jan 2013 01:28:57 +0000

Jeff – agreed. I was more thinking of a business that has reached a large enough scale that it merits the cloud infrastructure provider to consider entering the same market. When your business get to that scale, a hybrid cloud may make sense for both performance and commercial reasons.

By: Jeff Schneider

Jeff Schneider — Mon, 21 Jan 2013 15:04:25 +0000

Allan –
You’ve hit on a valid concern. However, if you go through a reseller (or broker), the specifics of your account are hidden from the CSP. The brokers holds your keys and bill the customer directly. The cloud provider never sees the end customer nor do they see line-item billing. By blending multiple customer accounts, the broker is able to obfuscate the activity of any one account. Of course, very large accounts would still stand our like a sore thumb (e.g., Netflix).

The hybrid (private/public) is another way of hiding workload activity, but may limit you to a least-common-denominator solution and create extra gyrations. I’m a fan of hybrid clouds – but to do it purely for ‘account activity obfuscation’ seems like too much effort (IMHO).
Jeff

By: Temp1234

Temp1234 — Mon, 21 Jan 2013 09:17:22 +0000

Can we not think of a term other than Chinese Wall? Is that all our technical marketing minds can come up with?

By: Allan Leinwand

Allan Leinwand — Mon, 21 Jan 2013 06:40:25 +0000

I’m not an expert in law enforcement requests and authority, but it will clearly vary per company. Regardless, those are legal issues.

The issue I am bringing up is if the cloud provider who your business uses as your infrastructure and platform provider can use information that they already have as a competitive advantage. As I said in the post, I am not a lawyer and have not read every contract between customer and provider, but I feel that more disclosure or the use of hybrid clouds is a pragmatic approach.

By: Vinod Shintre

Vinod Shintre — Mon, 21 Jan 2013 03:13:27 +0000

Certainly helps them understand the trends in demand & see which use case applies across their own customers. No one stops XaaS providers from doing this other than the thin line they would draw in terms of business ethics but hey in this competitive world that can be violated easily

By: Not Me

Not Me — Sun, 20 Jan 2013 23:50:35 +0000

The real concern is what will your cloud service provider do when the IRS or other government agency sends a request for information about your company? We already see what happens with the cell phone companies and location data requests, and who can really blame them? They’re trying to run a business not stand up for anyone’s civil rights.

I’m not in favor of supporting people who break the law, but internal information that shouldn’t or wouldn’t be exposed to the light of day could look very bad and lead to a lot of extra work defending yourself in court, especially to a regulator trying to keep busy.