Over the last year, the technology sector has become enamored with the possibilities of the "cloud."
That's the computing paradigm that allows consumers to forget about storing their software and data on local hard drives -- where it can be vulnerable to electrical surges and soft-drink spillage -- and let companies like Amazon, Google and Microsoft worry about keeping it safe.
But last week, a hole was poked in the cloud's massive hype bubble. Microsoft Corp. and T-Mobile Inc., the respective maker and carrier of the Sidekick mobile device, acknowledged a "service disruption" that cut off most users of the device from large amounts of personal data -- contacts, calendars, personal notes and more -- that were stored in Microsoft's cloud.
Initially pessimistic about their data recovery efforts, the companies on Monday released a more sanguine forecast, saying that "the prospects of recovering some lost content may now be possible." (For close readers, note the number of conditional nouns and verbs in that sentence -- not very confidence-inspiring.)
But the larger questions may be how this incident will affect attitudes about the dependability of cloud computing, or if it should affect them at all.
In places where the cloud is now on trial -- in Los Angeles City Hall, for one -- decision makers may have one more reason to be suspicious of its many promises. Google Inc., a major proponent of cloud software, is quick to offer a laundry list of advantages -- lower cost, ubiquitous access, no hassle. But the company spends less time warning of its potential pitfalls.
Though absent in Google's promotional literature, those pitfalls are enumerated at length in the company's regulatory filings, where it must legally disclose risks and liabilities to its shareholders. In a letter last week to City Councilman Bernard C. Parks, John Simpson of advocacy group Consumer Watchdog noted the stark language Google uses to describe the many things that could go wrong with its cloud-based systems:
"Our systems are vulnerable to damage or interruption from earthquakes, terrorist attacks, floods, fires, power loss, telecommunications failures, computer viruses, computer denial of service attacks, or other attempts to harm our systems. Some of our data centers are located in areas with a high risk of major earthquakes. Our data centers are also subject to break-ins, sabotage, and intentional acts of vandalism, and to potential disruptions if the operators of these facilities have financial difficulties. Some of our systems are not fully redundant, and our disaster recovery planning cannot account for all eventualities. The occurrence of a natural disaster, a decision to close a facility we are using without adequate notice for financial reasons, or other unanticipated problems at our data centers could result in lengthy interruptions in our service.”
Of course, if a company is compelled to enumerate every possible risk to its bottom line, it may read like the above parade of nightmares -- when in reality each individual disaster may be exceedingly unlikely. So far, Google is not known for weak security.
Still, with the Sidekick situation, Microsoft has proved that data disasters do -- and will -- happen. (Notably, the Redmond, Wash., software maker is vying with Google for the Los Angeles computing contract). What's less clear is how frequent this type of incident will occur and whether cloud users ought to be actively worried. As with plane crashes, disease outbreaks and shark attacks, a handful of sensational instances may not reflect the risk to the population at large. Moreover, some businesses can learn from errors and reduce the likelihood of a repeat occurrence.
People are willing to tolerate a certain amount of risk -- otherwise they wouldn't be flying, driving, eating spinach or surfing in Malibu.
But the cloud is new and fragile, kept levitating largely by the trust of its users. To date, serious problems have been relatively rare. But if consumers begin to believe their data is not safe in the hands of certain companies, they'll just pull it out -- and poof!
-- David Sarno