You *can* take it with you: musing about cloud principles

Photo courtesy of @psd. Paul, I owe you one.

There was a time when the “high street” bank was a disconnected silo, an island of tranquillity. Except when it came to a busy afternoon and you wanted to withdraw money. Your money. Because the only place you could withdraw it from was the branch with which you held your account. If you weren’t near it, tough. If it was too busy to serve you, tough.

There was a time when the only way you could draw money from a hole in the wall was to use your bank’s ATM network. It was private. Disconnected from all other bank networks. So if you weren’t near an ATM belonging to the bank you banked with, tough.

There was a time when you could only use the cards you had in the country you lived in. If you had to travel anywhere else, tough. Try cash or travellers’ cheques.

There was a time when there were no guarantees for what happened if someone impersonated you, if your cards were stolen, or, for that matter, your bank had a problem.  No guarantee schemes. No nothing.

Thankfully, we’ve moved on from those times. Today we can choose who to bank with, draw money from any branch, any ATM, anywhere, anytime. Securely, efficiently, conveniently. Underpinned by the trust that comes from feeling secure, having guarantees.

And because of all this, we trust our banks with some of our most precious assets. The financial system has had its problems (which system hasn’t?). But people continue to use banks rather than revert to paper money and metal hidden under mattresses.

So it is with the cloud. Your data is a precious asset. Which means that you really have to think about where you keep it, whom you trust to look after it.

The “bank” where you keep your data must use a network that provides you access anywhere in the world; it must support a large variety of “data ATMs”, your mobile devices. It must provide you access swiftly and securely. It must have transparent pricing and charging. If there are legal reasons why someone else seeks to look into your “account” it must tell you about it.

The cloud, like the banking system, like any truly global system, is about openness and standards and transparency and trust and guarantees.

Which is why I’m delighted with what my employer Salesforce is doing, in putting forward a series of “cloud principles”, principles we work by, principles we seek to adhere to. This is something the company has been working on for a while now. Incidentally, where relevant, my posts also appear on

Here they are, ten guiding principles, in draft form:

  • Transparency: Companies that provide enterprise cloud computing platforms should explain their information handling practices and disclose the performance and reliability of their services on their public Web sites.
  • Use Limitation: Companies that provide enterprise cloud computing platforms should claim no ownership rights in customer data and should use customer data only as their customers instruct them, or to fulfil their contractual or legal obligations.
  • Disclosure: Companies that provide enterprise cloud computing platforms should disclose customer data only if required to do so by the customer or by law, and should provide affected customers prior notice of any legally compelled disclosure to the extent permissible by law.
  • Security Management System: Companies that provide enterprise cloud computing platforms should maintain a robust security management system that is based on an internationally accepted security framework (such as ISO 27002) to protect customer data.
  • Customer Security Features: Companies that provide enterprise cloud computing platforms should provide their customers with a selection of security features to implement in their usage of the cloud computing services.
  • Data Location: Companies that provide enterprise cloud computing platforms should make available to their customers a list of countries in which their customer data related to them is hosted.
  • Breach Notification: Companies that provide enterprise cloud computing platforms should notify customers of known security breaches that affect the confidentiality or integrity of their customer data promptly.
  • Audit: Companies that provide enterprise cloud computing platforms should use third-party auditors to ensure compliance with their security management system and with these principles.
  • Data Portability: Companies that provide enterprise cloud computing platforms should make available to customers their respective customer data in an industry-standard, downloadable format.
  • Accountability: Companies that provide enterprise cloud computing platforms should work with their customers to designate appropriate roles for privacy and security accountability.

As I said, these are in draft form right now. Comments welcome. Our intention is to publish them in a more accessible form soon, and to make it possible for you to participate more fully in shaping them and improving them. Watch this space for details.

67 thoughts on “You *can* take it with you: musing about cloud principles”

  1. @reza the key word is trust. and trust is based on a number of things: transparency, unilateral commitment to published principles, a demonstrable willingness to work out answers where none existed before. the cloud is a new way of doing business. so we need the new answers. hence the principles. which will get better as a result of all your comments.

  2. Thank you for creating this set of principles.

    I had come across the post on while I was doing research as part of developing my own set of principles. It is a pity I didn’t follow back to your personal site because the quality of the comments was excellent. (I just found it when rechecking my notes)

    For what it’s worth, my set is here []. They are a kind of synthesis from NIST, US/UK/AU Government Cloud Strategy documents and various blog articles including your post on Principles.

    My focus was really from a Cloud Service Consumer perspective. It was also oriented towards the generalized Cloud Service Model (in NIST terms). In particular, this means it’s not just ‘data’ that needs to be protected, managed etc it’s all assets (software, scripts, configuration and so on)

    Regardless, just some observations, most have been made in some form or other already:

    . There is a very gray ethical area relating to the use of knowledge inferred by analytics. E.g. Without any negative implication intended, companies like Amazon or Google specialize in, and have a business model that heavily exploits, the analytics of customers’ behavior which could equally be applied to Cloud Consumer assets and traffic without going anywhere near their ‘data’. What is inferred, what is disclosed/acceptable to the consumer, and how it should be used is an issue that should be the subject of a principle.

    . I think an explicit principle concerning Availability and Disaster Recovery/Business Continuity is required. Personally, I see this as a major vulnerability, the most difficult to resolve, and the most likely to inhibit Government adoption (in the Public Cloud sense).

    . A related principle is one dealing with the need for an explicit contract/SLA between the Cloud Service Provider and the Cloud Service Consumer.

    . Perhaps, principles involving the Location aspects should be pitched in Sovereign Jurisdiction terms to capture the broadness of the issues for assets that may be simultaneously covered by the regulatory and legal requirements of multiple sovereign jurisdictions.

    Thanks again…

  3. Pingback: Cloud computing
  4. Pingback: High rise
  5. Your example (corporate banking) to illustrate the need for cloud computing principles for enterprise computing is ridiculous.
    Can you seriously imagine a multi billion dollar a year bank trusting its very existence to a ten/twenty million dollar a year infrastructure provider.
    Once core banking services are stored externally they then have the problem of security. You require the service provider to delineate between internal and external traffic whilst at the same time as the internal walls of the company are being broken by the demands of workers to have corporate (intranet style) access from outside of the normal security walls of the organisation.
    Security which is already a nightmare to administer and maintain will become so unmanageable that the firewalls will be all but useless.
    Ultimately core functionality (the very life blood of a large corporation) will be kept very close to a companies chest as they realise that corporate self destruction is an inevitablity if they do not sufficiently safeguard their future.
    I have seen many fads come and go and many evolutionary steps that have been popular one minute, and less so the next. Policy shifts such as Downsizing, RightSizing, UpSizing, Outsourcing, Insourcing and Off-shoring. All that cloud computing is in essence is a rekindling of the old 1970’s Burea services just as XML is an rekindling of EDI. But every generation has to re-invent the World in its’ own image and Cloud Computing is just another step in this generations development whilst trying to ignore the legacy it inherits simply because it’s not sexy anymore.

  6. @joe I think you’ve misinterpreted what I’ve said. I am not using corporate banking as an example anywhere; instead, I’m using •retail• banking as an •analogy• for trust, safety, access, deposits and withdrawals, drawing parallels between banks and cloud service providers in this context.

    And by the way banks •do• use cloud services. They have been doing for a while. And will continue to do so. But that’s a separate point.

  7. Hi JP,

    I read with great interest the cloud concept. One of the crucial milestone for a buy in from a medium size organisation would be to ensure how secure my date is and on what grounds can the service provider can break into.

    a comparable example could be:
    In many countries there storage yards where people keep their spare belongings or store stuff as temporary storage.

    when we rent a storage yard it is like us renting a house. The caretaker has a spare key to our storage unit but will not
    1. open or enter in himself unless to protect the belongings from some fire or flood damage etc.
    2. security of the unit and the adjoining area is the responsibility of caretaking organisation.
    3. as with entering an house a law enforcement agencies cannot enter into a storage unit unless a court search warrant is issued and presented to the storage provider and then also storagee provider will open only if the tenant is not contactable.

    If the companies get a similar assurance from the providers and from the governments (in from of some legislation) in those countries where the servers are hosted, organisation then would feel more confident in handing over their data to them.

Let me know what you think