By: Becky Bracken
When South Park's Kyle Broflovsky unknowingly agrees as part of his iTunes terms and conditions to be sewn up into a human centipede, it's funny precisely because very few people actually take the time to understand what they are agreeing to when they thoughtlessly click that little box. The completely NSFW, gross-out gag colorfully illustrates the importance of knowing what you're agreeing to, and that is certainly the case when you store data in the cloud.
Fact is, most of you would probably rather be sewn up in a human centipede than lose access to your data. Admit it. In any case, the details of a cloud computing agreement can make or break either the service provider side or the enterprise side of the equation, and protect against the unthinkable.
Salesforce.com, for instance, defines its responsibilities with this language:
"Our Responsibilities. We shall: ... (ii) use commercially reasonable efforts to make the Purchased Services available 24 hours a day, 7 days a week, except for: … any unavailability caused by circumstances beyond Our reasonable control, including without limitation, acts of God, acts of government, floods, fires, earthquakes, civil unrest, acts of terror, strikes or other labor problems (other than those involving Our employees), Internet service provider failures or delays, or denial of service attacks..."
It's words like "reasonable efforts," "reasonable control," and "acts of God" that leave plenty of room for interpretations and beg the question, what is reasonable? Particularly when the word "Services" means "Data" - in this case critical sales data and highly sensitive company information.
There have been several reported widespread Salesforce.com outages that left customers dead in the water and unable to access their customer data. In March 2012, a North American Salesforce.com outage left customers with little to do but take to Twitter their frustrations.
"Just thought to let you guys know that Salesforce.com is having a major outage right now!!" One customer Tweeted. "It is almost completely inaccessible, which means zero productivity for their customers, like me!!!"
When Dropbox, a file sharing service, casually announced last July they were changing their terms so that the company had the right to any files transferred over its service, it was followed by the requisite freak out from their customers.
The company wrote:
"By submitting your stuff to the Services, you grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sublicenseable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent reasonably necessary for the Service."
Predictably, there was a rapid about-face and the matter was dropped.
So, we're all being really, really careful with our data right? The UK's Guardian reported that a recent survey revealed only a measly 7 percent of Brits actually read the terms and conditions before they agree, even though 21 percent of respondents had suffered the consequences of agreeing to something they didn't read.
These anecdotes aren't just cautionary tales. Although the fever for public cloud computing is rising, promising cheap, innovative solutions that drive down costs, there's a real opportunity for network operators to offer a secure, more reliable alternative to cloud, and an opportunity for cloud service providers to speak to their customers in meaningful terms about the security of their data.
