By Ben Rooney, Wall Street Journal
One of the key, if not the key, issues for people switching to cloud services is risk. Dare I put all my data out there? Arik Hesseldahl of our sister site All Things D interviews Drew Bartkiewicz, a former Salesforce.com employee (described as “he had already drunk deep of the Cloud Kool-Aid”) who has looked at this area in great depth.
Mr. Bartkiewicz moved on from Salesforce to working in the insurance industry underwriting insurance policies for technology companies as vice president for cyber and information security risks.
His unique job history has led him to start asking fundamental questions about cloud computing and its business models that should if nothing else give some potential cloud customers pause and nudge cloud service providers–as varied as Salesforce, Amazon Web Services, Microsoft Azure and the like–to think about something they rarely talk about: Risk.
Don’t confuse this with security. Talk to the executive of any cloud provider… and you quickly find out that cloud providers take security seriously and they mean it, because without it they’re out of business.
Rather, the question is this: If a cloud catastrophe happens–critical, financially valuable data is breached or exposed or destroyed on a large scale–who’s financially liable for the damage to the customer’s business? Is it the cloud provider, who agreed to manage the data on behalf of the customer? Or is cloud computing still a use-at-your-own-risk sort of thing? The answer is, there is no clear answer. Bartkiewicz thinks the cloud computing industry will have to start answering it, and soon.
Wall Street Journal: Are Cloud Companies in Denial About Risk?