Each morning I receive an email from Blawgletter, the alter ego of none other than my old boss Barry Barnett over at Susman Godfrey. Always a good read and if you do not already subscribe, do so. I am often tempted to post on a related topic, but usually don’t. Today’s post was about the “Cloud”. Those who know me know that this is a topic about which I am very passionate. Today I could not resist and as a result, this post.
Blawgletter writes of lawyer’s concerns over the security, or lack thereof, within the cloud. “We worry some about storing confidential client info in the cloud, our work product especially.” As Blawgletter points out, the “Cloud” is just the internet. In fact, the “Cloud” is nothing more than a buzz word created from “Cloud Computing”, the origin of which is hotly disputed and several attempts have been made to trademark the phrase. The first use of “cloud”, outside of describing that white fluffy stuff in the sky, was as a metaphor for the internet in a paper published by MIT in 1996. So, it’s not a new term. See post “Who coined the phrase Cloud Computing”. But I digress. Like the white fluffy stuff, the cloud is everywhere. What exactly are examples of information stored in the cloud? Everyone who uses a computer places information in the cloud every day, including that all important confidential information. If someone to whom you send email uses Postini spam filtering or email archive system, for example, you’re leaving information in a “cloud” without even knowing about it or giving your permission. Google apps, gmail, hotmail or any of the external email systems or applicaitons leave information in a “cloud”. Essentially any information hosted or sent outside your firewall is “in the cloud”. Blawgletter’s concerns are real and not imagined. For lawyers, eDiscovery (another marketing buzz word someone coined) hosted at a service provider is of particular concern. Virtually every case of any size these days require hosting or processing at some level and usually data resides on a server somewhere outside your direct control. Everybody with a server, software and a connection to the internet is in the eDiscovery business these days. The reputable ones have many layers of authentication, encryption and conduct security scans regularly. My company is scanned by financial institutions frequently becuase we keep terabytes of highly sensitive information, for example. The security tokens and multiple layers of authentication are indeed an annoyance at times, but necessary. Keeping information “in the cloud” is unavoidable. We seem content to bank online; pay bills with the iPhone; connect our whole house to the “internets” with no firewall. Blawgletter is exactly on point – we all need to pay more attention to where our information is kept and how it is protected, particularly in today’s fast paced eDiscovery world where there seems to be somebody new every day. Be careful out there in that "Cloud".
2 comments:
You make several valid points.
One additional point however, is what is the final location of the data?
I know my email traverses the 'cloud' to get to the destination. However, my copy and the recipient's copy may be in organizational storage.
This blog, and my response are both residing in the cloud. Data on the organziation's services is easier to 'find' than data that is 'somewhere out there' in the cloud. How does the company FIND the information, much less determine if it meets corporate standards?
Kevin - good questions; this becomes somewhat existential in that data does not have a final resting place. It exists in parallel and varying states in multiple places at the same time. Are you viewing "the data" or an indexed copy of "the data"; are you viewing data in it's original form or in a modified form; has "the data" been synthesized with another, to form a new piece of data; do you really care about the entire corpus of any object, or just a small piece? Interesting days ahead...
Post a Comment