David Chappell in conversation about Windows Azure and the cloud

OK, but no cigar. This conversation failed to tackle the biggest question hanging over 'The Cloud' and that is the question of 'trust'.

Why should organisations 'trust' their data to the Cloud and by association to the 'super-hosters'? The reasons why 'private Clouds' will probably gain greater traction initially, is related to nervous Financial Directors and CFOs, and the fact that to comply with financial regulations, they want to know, with certainty, that their data (financial or otherwise), is in a safe, private, well protected, backed-up, accessible and 'trusted' environment.

To just say 'yes' I'm going to place all my data in the Cloud, because it will be cheaper for company X to host it, does not really provide a balanced argument for the adoption of the Cloud. The Service Level Agreement (SLA) would have to be so strict that the penalties for the 'super-hosters' and 'mega-data-centres' would be huge, should there be a non-compliance.

Just look at the fallout from (cough) recent events, to witness the inherent problems and 'Dangers' of this kind of service.

Baby, meet Bath Water.   

Companies trust their data to external environments all the time.  They generally do not trust ALL their data to these environments, for good reasons.  But they generally do trust SOME of their data.  It's a good dialogue to have - what data is ok in the cloud? -- but as cloud computing is maturing, we also need to have a more nuanced conversation about trust and the cloud.  The question of when will everything move to the cloud has largely been answered... it's not likely going to happen. 

The Cloud represents a new generation of computing paradigm, but like the platform paradigms that have come before (mainframe, mini computer, PC, client-server, web - all of which are still around) we should not expect the cloud to replace everything that came before it.  

The question to ask is what data *would* make sense in the cloud?  Or even better, what parts of my technology and data portfolio should live in the cloud? 

It's a good discussion topic, and there's no one right answer for everyone.  Since Windows Azure has been purposefully designed interoperate/span across on-premise boundaries, there are many options on the continuum between cloud and on-premise. 

BTW, with highly automated service provisioning and data center operations, ISO 27001 certification, SAS70 certification, etc... the Microsoft data centers that run Windows Azure are probably "safer" and more reliable than many other environments.    More than safety and reliability, what you give up to some degree is loss of direct control. 

Finally, a note on the Danger mishap (which is not to be taken lightly): that system is a legacy Java, Oracle, Sun system  that Microsoft acquired when it bought Danger... it does not reflect on Windows Azure.  Fortunately, it looks like user data will be restored... which, ironically (and unfortunately), does NOT seemt to be true for the data that users of Mac's Snow Leopard lost due to the Mac's bug (on a machine fully controlled by the user). 

I'll take my bath water with bubbles please.

Ok, yes, we trust data to external environments all the time, but, we should always have a workable backup in place. I think of it as a belt, braces and a piece of string to stop your trousers falling down. But the industry we are in is often so full of hot air, that it forgets the practical basics of situations. I.e. cover your a** at all times, and if it ain't covered expect it to get burnt once in a while.

The Cloud is a new paradigm, the wheel turns and we move on, but we should not forget the lessons of the past. Just look at the current economic situation as an example of forgetfulness and bad management.

As data has relevance and meaning on a per situation basis, all data, should be treated with the utmost respect and care, to say, for example, that one individuals treasured photos are less important than an organisations financials, is short-sighted, and kinda misses the point. You can flower the systems up by saying that they conform to xyz standard, but we have all been in situations where we've had a 4 hour SLA in place and the vendor has not met the commitment, for one reason or another.

The trust question, is i'm sure, one that will be pondered over by company execs, long and hard. While the industry is taking 'baby steps' with these new paradigms, it should not run, before it can walk. Get the basics covered first, then move on.