University of Bristol | ILRT | IntDev blog

Jump to content Subscribe via RSS

This is a blog from the Internet Development Team at ILRT, Bristol. We build websites and web applications for a wide variety of customers, many in the UK higher education sector. Continue reading…

Life in the cloud

Despite working in the IT industry for more than fifteen years, when it comes to my personal use of IT, I find that I’m rather reluctant to embrace new technology. I’m one of the few developers on the team who continue to use a Microsoft Windows operating system, not only that, but it’s one that was released nine years ago. My version of Microsoft Office is seven years old, my desktop background is a plain, dark shade of grey and I’ve used the same model of keyboard for ten years. I don’t “Tweet”, I abhor Facebook and my photographs (albeit digital) never make it out onto the wider Web. My one concession to new ways of working over the years has been my mobile phone, which I’ve carefully kept in sync with my desktop calendar and contacts.

All that has changed. Over the past few weeks I’ve been gradually moving my life into “the cloud” and, in this article I’d like to briefly talk about why I’ve done this, and some concerns that I still need to address,  since I suspect that my use case will be a familiar scenario for lots of people.

What is “the cloud”?

Like so many terms associated with new technology, “the cloud” (or cloud computing, to use the more correct terminology) almost certainly conjures up different ideas to different people. In this context, I’m choosing to use it to refer to a group of services that replace or augment traditional desktop services (e.g. calendaring, tasks lists, contacts databases, document editing and storage), with services available over the Internet. These Internet-based services are provided by third-parties, are often free for light usage, and frequently shared with other people (albeit with appropriate access controls). The data held within these services are normally widely distributed across multiple machines in multiple locations, which serves to optimise both performance and resilience. Use cases might be as simple as an individual choosing to use an online diary, or as complex as an institution (such as a University) choosing to host all their calendaring, email, contact data and document stores with one of these services. I’m going to confine discussion to the simplest end of this spectrum, and consider personal use of the cloud.

Why migrate into the cloud?

Often, I find myself looking at technology and finding that it seems to provide a solution for a problem that I didn’t have to start with. However, my catalyst for all this was a significant diary headache. I work in more that one institution and will shortly be increasing my number of workplaces. Each institution has their own diary system. People in different institutions need to be able to check my availability and potentially book meetings for me. I will also be away from home more frequently and it’s helpful if my wife can readily see where I’ll be based on a given day, and potentially plan free weekends. This needed a diary system that sat outside all my workplaces, supported multiple calendars with different access rights, and was always available – Google Calendar was the obvious solution. From this, followed my purchase of an Android-based mobile phone, since this allows me to view and update all these calendars on the move.

Next came access to my home computer. Whilst it would be perfectly possible to leave it on permanently, it wouldn’t do wonders for the environment or my electricity bill. Since I was also lacking a decent backup solution that could keep pace with my storage use (mainly from my burgeoning number of digital photographs), it made sense to opt for a solution to both problems. Amazon S3 (accessed via Jungle Disk) or Dropbox allow me to share some documents between all my computers, keeping them in sync automatically. They also provide an automated backup solution, and those items that are backed up can be made accessible anywhere. So, items that I’m currently working on can be kept in sync, and the backup of my desktop is available anywhere if I’m missing something.

Finally, a few other services then started to make sense. For example, task lists sit best alongside calendaring and, thus moved, can also be managed on my phone. Likewise it makes sense to hold contacts somewhere where they are globally available but also manageable from my phone.

Is it safe?

The answer to this probably depends on what you mean by “safe”. On the face of it, for example, my Google account is protected by a password which is exchanged securely with Google when I log in. One might well assume that Google has appropriate methods in place to protect against attempts to compromise this password, though clearly if I were to choose something predictable their efforts might be in vain. Likewise, the fact that the data isn’t held in one place, but securely distributed across multiple locations, should ensure that it isn’t susceptible to a hardware failure or theft. Nonetheless, there’s plenty of other things that could go wrong:

  • I might accidentally delete all or part of my information (e.g. my calendar). Equally, malicious software might do this for me, or might surreptitiously obtain my password and abuse this access.
  • Staying with the calendar as an example, whilst my password is sent securely over SSL, my diary entries may not be. Thus a malicious individual could potentially intercept this traffic and have access to the contents of my diary. Depending on what I choose to store there (and, perhaps, whether or not I was “famous”) this could prove problematic.
  • I might lose my phone, or have it stolen, in which case if I haven’t taken protective measures, any or all information that I hold in the cloud might be exposed or removed.

Whilst data loss could be mitigated against by an appropriate backup strategy, the tools to do this in an automated, secure fashion still aren’t as readily available and obvious as they should be. Unauthorised information disclosure is more problematic and requires both users and service providers to be mindful of the risks.

I’m aware that this section sounds rather geeky and, I think, that’s the problem – there really needs to be a “big red lever” to enable much of this functionality. At the moment, too much is left to users’ knowledge and a range of third-party applications, rather than being integrated from the ground up.

What next?

My next step is to go through a period of consolidation to try to ensure that I’m making the most of the services I’m using. I also want to be confident that I’m taking reasonable steps to ensure that the data held within these services (and on my phone) are backed up, and that these data are both held and exchanged securely. Maybe then I’ll play with the really cool stuff, like Google Sky Map.

This entry was posted on 16th July 2010 at 10:03 am and is filed under Briefings. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.