“Without trust, banks can't exist,” President Franklin D. Roosevelt said in his first fireside chat with the citizens of the United States on March 12, 1933. That radio broadcast came only eight days into his first term. Eventually Roosevelt had to close down all banks because of a run on assets.
Since then a variety of regulations and faith-building steps were put into place in the financial system, until of course grim mistakes were made that put into question, "Who is running this ship?"
Trust is what makes an economy flourish or flounder. Trust in companies. Trust in the relationships we build and the assurances we get that the products we buy meet our expectations.
Interestingly enough “trust” is given and taken each time we open our (physical) mailboxes. Believe it or not, 87 percent of the 9,000 Americans surveyed by the Ponemon Institute in its 2010 Privacy Trust Study of the US Government ranked the 230-year-old Postal Service first amongst 75 federal government agencies they trust.
If you are extra cautious about tax forms, you still call in FedEx or any number of courier services.
It’s hard to see that an enterprise (hospital, bank, law firm, pharma etc.) that is exploring cloud computing will disregard the weight and traditional meaning of trust as it goes about doing its business - especially when talking about proprietary information. And by trust, I mean our willingness to depend on someone or something else to handle our sensitive information with care and integrity.
Security of sensitive data in the cloud is certainly being hashed out. However, there is not enough focus on the larger context and meaning of trust: how it’s created, how it's maintained and how it's destroyed.
As enterprises and consumers ramp up the volume of outsourcing data storage, shared application hosting and third-party data processing, we'll see more of a prudent mind-set applied when it comes to cloud services.
In turn, the marketplace will respond to a demand for "assured" cloud services that offer more than one-sided technical commitments and empty service-level agreements. These cloud services will ship with strings attached. And suppliers will demonstrate and flaunt financial viability, especially if they have a history and reputation.
There will be clear compensation for disruption, damage or loss of data. It’s nothing new in terms of old-school expectations from any service provider. The reality that will dawn on both the buyer and the supplier will be: you can measure trust in cyber space.
There will of course, be service providers that cannot, or won’t, make any commitments to its customers. History tells us the outcomes for these service providers is predetermined:
- they will be relegated to low-cost, low-quality offerings (i.e. handling worthless customer data)
- they will shutter after a major data breach
- if large enough, they will be considered "critical infrastructure" and be regulated by government.
President Roosevelt told his countrymen, "There is an element in the readjustment of our financial system more important than currency, more important than gold, and that is the confidence of the people."
The confidence factor or lack thereof will be a deal breaker for critical cloud services.
Blog post by Walid Negm, Director Cloud and Cyber Security Offerings, Accenture.