Cloud

Leave a comment Posted on cloud, Cloud Computing, cloudprivacy, tableaupublic

4 Brave souls or fools?

I recently asked my friends on Facebook and Twitter to help me fill out a survey. I have a secret admission: my intention was not to create or propose a new Netflix / Hulu / iTunes functionality. My intention was to see how many of my friends, who are relatively tech savvy, would reveal their propensity to share personal data
with an online video service. And it turns there are 4 brave souls who would share data! I want to raise
my glass to these 4 brave souls, and yet, part of me thinks they should be more hesitant.

Question 1:

To be fair, 100% of the survey respondents said yes to whether or not they had a Netflix / Hulu / iTunes service. This was satisfying to me, because I would expect no less of my friends. If someone did mark it as a no, I would have lost my mind trying to figure out who is still living in the 20th century. They probably chose not to fill the survey … so the final results here may be biased 🙂

Question 2:

The second question was also a filler question. Most of the people I know watch 30 minutes to an hour off an online video service.

Question 3

The third question is where it gets interesting. Let’s call this functionality S. I want to see this Functionality S in Netflix / Hulu / Movies on iTunes because I always fall asleep watching an episode or a movie before my wife does. And then going back the next day to watch the program means you have to watch the entire program from the start or struggle with streaming it to the exact spot (which I neverget exactly correct). Any small help in getting close to the spot where I fell asleep would help. I admit this is a very trivial problem; however, introducing ease of use in any product has always made it a great sale.

So what did my friends say? Apparently they agreed in majority. 70% of my friends thought it would be beneficial to have this option. 30 % said no, and no one skipped this question. I don’t know how many of the 30% have no partner / husband / wife. That is a piece of data I didn’t want to collect for obvious reasons.

Question 4:

For the next question, however, the tables turned. A large majority (greater than 80%) said no in regards to sharing any information about your partner / husband / wife to enable the Function S with the online service. In fact, some of you (slightly greater than 15%) might have been so turned off by the idea that you skipped this question. There were only 4 individuals who would share this data! Are these 4 brave souls or fools?

Side note: I wonder if anyone noticed that it was on the next page on purpose, to make sure there is little bias on the previous item from this question.

Thoughts:

I completely agree with the notion that sharing private details with an online video service can be difficult. However, I have to ask myself, most of the avenues where I asked the question are social media-based online services (cloud based services). These are online services where we are already exchanging this information. And with data mining and big data tools, being able to predict some of the semi-private information about your family has become easier. We all tag our spouses and partners on Facebook and Google+ pictures. Most of us exchange our family and partner’s geo data in our pictures and tweets as well. So what’s the harm in providing the partners’ basic information to an online video service?

The question becomes, are these 4 people actually smart to trade off functionality and ease of use for exchanging data that is already available? Or have they just given up the privacy and acknowledge that in this day and age it is not possible to maintain? And for the rest of us, why are we exchanging private data with sites like Facebook and Google+ but not others?

Results

Dashboard 1

By the way, I don’t get to see the personal information of any of the respondents.

Credits:

I produced the graphs using Tableaupublic.com. For a deeper dive of the results, you can view it at https://public.tableausoftware.com/views/Onlinevideoinfosharingsurvey_0/Dashboard1?:embed=y&:showTabs=y&:display_count=yes.

Leave a comment Posted on apple cloud, cloud, Cloud security, cloudprivacy

Are you the reason why the cloud isn’t ready for the masses?

This is an anonymous post from a friend who has been involved in the tech industry for the past 7 – 8 years. While we are not always aligned in our views, he brings some unique insights that are worth sharing to get a diverse perspective on the issues.

Are you the reason why the cloud isn’t ready for the masses?

“I’m not an expert on cloud storage or security, but I do know enough to be dangerous. One thing I do know for sure is that the cloud isn’t ready for the majority of people to store their personal content. My parent, my siblings, my wife and my brother-in-law are all smart and intelligent but they are all exposing themselves to significant risk by using the cloud.

What bothers me a lot about this is that there are many of vendors that oversell the benefits of cloud storage and side-step some of the risks. They put the burden on the consumer to figure it out themselves.  They even opt users in to using the cloud by default or make it confusing to turn the cloud sync functionality off. I’m looking at you, Apple.

“How do I turn the damn cloud off”

You need not look further than Jennifer Lawrence or other data breaches to see the impact of such an issue. Forget the millions of cases that never make it to the front page.

The biggest problem that we currently face is in dealing with passwords. The concept of user name/passwords is over 20 years old. As such, the weakest link isn’t the cloud but the user. Phishing can make it very easy for a user to give up their password. Even in cases where phishing isn’t involved, many users will use the SAME password on websites that they really should not trust. If Uber can have loose controls over who accesses your data, I guarantee you that other websites have weak controls as well.  Who in those companies has seen your password? Do you even know?

What’s really scary is that you can be careful and provide unique passwords to each website, but accidentally type in the wrong password once and lose all the security you depended on. This is because some websites might be logging your password. Facebook’s founder took advantage of such an approach when he was in college. I used to accidentally do this all the time.

There are ways to alleviate this issue, but NO ONE wants to use them unless forced. One-time passwords (OTP) are a good example. Phones are a great way to actually verify the user. They allow a user to control who has access, because the minute they lose their phone they know that they are no longer secure. Setting up an OTP on your phone is what major cloud service providers recommend, but few know about it or use it. It also needs to be simpler AND available for use on ALL sites that you trust.

1Password-like solutions are also another great option. There is a chance your one local password could be compromised, but it is significantly lower risk than manually entering in the same password across websites (possible over the unsecure internet).

There are so many vectors for attack and many papers have been written about them, but OTP and 1Password-like solutions alleviate a lot of them with regards to protecting access.

For full disclosure, as I said before, I know enough to be dangerous. As such, I put a lot of sensitive data such as health related receipts in the cloud because I have given it significant thought and found it untenable to keep hundreds of receipts in my basement. I also use a VPN over insecure WiFi and encrypt files – but I think that’s a little extreme for most.

The reason why I wrote this blog post is because a lot of cloud vendors make ease of use a priority over security, because they need to show their VCs growth. But, they need to make our security our priority and innovate beyond the password. The assets they keep in their storage are, in many ways, more important than those kept by a bank. Once they are leaked, there’s no way for a government body like the FDA to make the consumer whole again.”

Leave a comment Posted on Apple two step verification, Cloud Computing, Cloud security, tradeoffs

How to be personally secure in the cloud world (Part 2)

Interestingly after publishing the last blog, I started getting blog views from the Russian Federation. The image above shows the last 7 days of views, before this blog was published.

Here is part 2 of the discussion with Jeremy (Background: I recently had a chance to talk to a friend, Jeremy Guthrie, who has been in the Information Technology / Internet Service Provider business for 23 years, concentrating on networking and security architecture).

What about the tradeoffs of over-securing?

Jeremy: One of the most dangerous things you do every day is get into your car and drive somewhere. But we all do drive or use some sort of transportation daily, because of the fact that there is a risk and a tradeoff. So don’t over secure yourself so much that you hurt your online experiences substantially.

For example, let’s think about the Apple iCloud breach from this summer. Apple and other providers could have done way more to protect the information that was stolen. However, these providers also have to consider the tradeoffs of various levels of security vs. usability. For example, you can gain more security by using multi-level authentication or varying degrees of password complexity or user logouts after X number of logins. This also means it could make their cloud services difficult to use and cumbersome. So this security situation is a tradeoff between convenience and usability vs. security. If you have to attract a large user base, you have to make the product easy to use. Regardless, the provider should be transparent about how they protect their data across their entire online interface. Your choice is whether you want to leverage their additional tools to secure your data and post your data there.

My thoughts: Apple has implemented two-step verification for Apple ID, which is the user ID used with iCloud. It is not turned on by default. Here is a link to turn it on: http://support.apple.com/en-us/HT5570

Anything else we should watch out for?

Jeremy: Be careful about exchanging too much information on websites associated with different political / charitable causes. While the websites might try to secure the environment, these are generally targets for groups of hackers who want to malign the website / cause. Thus you are providing an unnecessary target on your information.

Another Interesting phenomenon currently developing is the Apply Pay feature and how it will impact your financial services. For example, before when your credit card was stolen and unauthorized transactions were made through it, the bank would help you out in most cases and take your word for it. However, now that the credit card credentials are on your phone, if it gets stolen for a certain time period before you realize the phone is stolen, will the bank hold you responsible for proving whether this item was stolen? Effectively, the phone is still authorized by you to make the payments on your behalf. And if you thought TouchID was not vulnerable to finger print spoofing, think again. The onus would shift to you to prove that the phone was stolen, in a time period when you don’t actually have your phone in your possession. Just something to ponder.

Interesting reads Jeremy recommended about security:

  • Freakonomics blogs and podcasts about security offer an interesting take on security, risk aversion and the costs related to it
  • Science of Fear – Why We Fear the Things We Shouldn’t–and Put Ourselves in Greater Danger by Daniel Gardner is about tradeoffs
  • Spycraft: The Secret History of the CIA’s Spytechs, from Communism to Al-Qaeda by Robert Wallace is a look into how far people will go to get information.
Leave a comment Posted on Cloud Computing, Definition, What is Cloud

What is Cloud?

What is Cloud?

For a technical definition of cloud computing please see the National Institute of Science and Technology’s definition of Cloud Computing. In my opinion, Cloud is a term that refers to anything that is delivered “as a service”. The term “as a service” means you use it when you need it, but you don’t have to own it to use it. You probably also shouldn’t care about how it is delivered as long as it meets your requirements.

For the sake of simplicity, LinkedIn, Facebook, and Twitter are cloud services that provide interactions to their customers as and when required. Just 20 years ago, if you wanted to send your favorite pictures to grandma or to your friends, you had to buy a physical album, and mail it to them. Now this whole process can be turned around in seconds, and can be viewed all over the world. No more buying an album—Facebook provides that facility as and when you want it.

Impact on Business

Let’s translate this into a business scenario: cloud computing communication options like Webex, Slideshare, etc. have revolutionized business interaction. Now you can work from home, airport, hotel room, or coffee shop and interact with your customer. This changed the travel industry as more and more businesses required essential travel only. Just a few years ago, when you wanted to present an idea or pitch a sale to clients or management in different offices, you would have to travel around the country, schedule travel schedules and get everyone in the same room. Now all you have to do is make sure the calendars are aligned and the presentation can be worked on. Does that mean human interaction is dead? No! The level of the human interaction has significantly increased because of the increased frequency of online touch, and our ability to use services as and when you want them in the cloud. In these scenarios, cloud acts like a tool to increase human interaction. And like any tool, it is how you use it that makes the difference.

Real World Examples

For example: In 2009, a US based retail business customer came to the organization I was working for at the time with a problem: they faced major competition from online retailers and their in-store shopping model had taken a beating. To compete in their industry, they needed to completely revise how their customers were interacting with their organization and buying products. However, given their older systems and their past performance, they did not have the budget available to make a major upfront investment in building solutions to make their customer experience better, let alone retrain their staff to implement and manage those new solutions. And considering the timing: 2008-09 recession period, this was also not a good time to get managements / investors to make major investments in any business. We helped them deal with this situation by delivering to them a cloud based solution for e-commerce. We kept the upfront investments down by replacing this with on-going costs which matched their usage of resources and sales. Retailers in America love this because 3 months out of the 12, they have a great spike in sales and then most of the year, can be slim pickings at best. The impact was that retail business was able to survive the recession, able to come out leaner and meaner, and able to face competition from the online retailers in their industry.

In another case, we recently had a small business come to us that competes with the organizations much bigger in size and scale, in their industry. Their major issue was that they had no idea how well their discount campaigns worked. While larger companies can typically tell how their campaigns are working, this small organization didn’t know if the customers who were cashing in the discounts, were loyal and how quickly were they interacting with their organization due to these campaigns. This was primarily because the organization could not combine customer data (from loyalty email registrations) to data from sales. Plus the small business had a very limited technical staff, so deploying any IT solution to help combine the multiple data sources, was next to impossible. So we developed a cloud based solution where we managed the solution, and combined the data sources and delivered reporting on the impact of discount campaigns. In this case, we were managing the whole IT solution in the cloud, so that the customer could derive the business value, and limit their attention to business problems.

In the end, one of the lessons to be learned is that cloud computing a tool to solve problems. At the end of the day, it is a hammer, but it needs its nail: a business or personal problem, that must be solved to make it valuable.

 

Feel free to leave a comment 🙂

Leave a comment Posted on Cloud Computing, Introduction

About Cloud Sommelier

I have worked in the cloud computing industry, in various positions, from Governance Consultant to Product / Program Manager to Sales, for the past 5 years. This also means very few people really understand what I do—and this includes my wife. I can’t recall exactly when this conversation happened, but I think it was during our drive to Orlando, Florida from Madison, Wisconsin. I guess long drives tend to bring out the questions.

 

My Wife: What exactly is your new job all about?

Myself: Well, I am responsible for cloud presales for my company in North America.

My wife: But what does it mean?

Myself: My company deals with data warehousing and big data technologies. Basically it is a way of collecting, organizing and analyzing information about our customers’ business so they can help grow their business. I help put this technology in the cloud, so that customers …

My wife: But why is the cloud part of your job?

Myself: Cloud is an easy way to deliver information. You can deliver it quickly. I basically combine different elements of the cloud to bring together a solution for the account teams and customers. I advise them on what things they should have in their cloud, what cloud solution would suit them and how it would work. And how these different aspects come together. What could suit their needs and wants, and help them run a cloud based solution …

My wife: So you are a Cloud Sommelier.

Myself: That’s one way to put it.

 

And that is how this idea started

What is this blog about?

This blog is about helping people understand what cloud is and how it affects our lives, from the point of view of someone who works with it every day. Over the years whenever I have had conversations about cloud computing, I have heard a lot of comments and questions: What exactly is the cloud? How safe is it? I don’t like the cloud so I don’t use it. It’s not for my business (big or small). My focus is to address a lot of these issues and considerations around cloud computing with this blog. I would like to hear from readers about what you want to read around the topic of cloud. I will try to share with you with my personal advice, opinions and my experiences, and I would love to hear yours.

In addition, I will welcome guest bloggers on a semi-regular basis to express their opinion about cloud computing topics. I will rely on people I know in the industry to express about their thoughts about cloud computing or any topic they want to bring to the readers.

A special thanks goes out to my wife Nikki for the motivation, and my friend and writer extraordinaire Laura Schaefer for editing my blog! She is a co-founder of wordchum, writes travel books for kids and the author of The Teashop Girls and its sequel The Secret Ingredient (out now!).

 

Feel free to leave a comment 🙂