Cities are adopting cloud services, but not without concerns about security and privacy.
That's the chief message emerging from reports about the cloud market, including a Wall Street Journal column by Clint Boulton last week (subscription required) on a report from Forrester Research.
"Concerns about security, in the wake of revelations of online spying activities by the National Security Agency, could boost sales of on-premise software by as much as 6% in 2014, according to Forrester Research Inc.," Boulton wrote. The research firm still thinks cloud services will grow more than 20% this year, but Boulton quotes Forrester analyst Andrew Bartels: "Security-related concerns are playing a role in keeping demand for on-premise software growing."
I reached out to Bartels Friday, but I haven't yet heard back. Meanwhile, there are plenty of other reports that underscore his declarations.
When the European Union issued a resolution on cloud services in December, for instance, the message was clear: Cloud services are great, and public-sector entities like city governments should use them -- but not without taking steps to protect data.
Two legal writers from the Association of Corporate Counsel described the EU's stance in a recent column:
Cloud services could reduce the cost of public services, and be used by the private sector for procurement purposes.... At the same time, [the EU] stresses the need for security and data integrity, particularly in relation to sensitive personal data....
Governmental surveillance is a point of particular concern, following the revelation of the extent to which intelligence services (including those of non-EU countries such as the US) access, mine and monitor personal data.
It's easy to see the attraction of cloud services for city governments. Big data projects, the sharing of city data, the push for community improvement through civic hacking -- they all work well on cloud platforms. This accounts for the robust growth of the cloud services market. TheInfoPro expects global revenue in that market to grow 36% annually, reaching $19.5 billion by 2016.
The NSA revelations last year gave many end-user organizations (including city governments) the willies about the safety of data, particularly personal information gathered as part of online city services. Still, Richard Stiennon, founder and chief research analyst at the consultancy IT-Harvest, says that the NSA leaks may have slowed down cloud deployment somewhat, but they haven't really dented the market for these services. Instead, the trend is toward some much-needed bolstering of cloud-based data security and privacy.
"There is a fundamental shift to a zero-trust model in the cloud," Stiennon told Computerworld. This means increased use of automatic encryption of data by Microsoft and Google, improved handling of security keys, and the use of local service providers whose facilities are accessible and can be vouched for by city users.
There is also a lot of guidance on offer from cloud experts, which city IT officials can use when researching offerings. Last month, for instance, the not-for-profit Cloud Security Alliance helped issue a paper titled "Practices for Secure Development of Cloud Applications." In this document, experts from several leading IT suppliers talk about ways to design more secure cloud networks -- including data handling techniques, secure access controls, and protection of APIs used in cloud applications.
It boils down to this: Cloud services will continue to attract city governments, thanks to cost efficiencies and flexibility. At the same time, municipal governments will have to pay close attention to protecting sensitive information, particularly when pushing for open data projects, online government services, and civic hacking.
— Mary Jander , Managing Editor, UBM's Future Cities