The so-called cloud currently manages more and more of the digital information assets and needs of both institutions and individuals. And it’s growing rapidly. When seeking information, it’s increasingly found in the cloud. When storing or archiving information, it’s increasingly preserved in the cloud. When processing, managing, and using information, most of the time it’s done in the cloud. Indeed, you are already floating in the cloud when using a smartphone, tablet, laptop, computer, or web browser, when engaging in texting, e-mailing, online chatting, and other social media communications, and when using services like Dropbox, GoogleDocs, or Netflix. Information, in other words, is in the cloud.

The cloud provides cheap, convenient and large computing capabilities for various actors, big and small, and their different information assets and needs such as space, storage, scalability, and services.

“Just as we have come to expect to be able to watch movies or play games whenever we want online, cloud computing offers a way to tap into computing resources on-demand: data, computing, applications and services,” says Angel Luis Diaz, IBM’s Open Technology and Cloud Performance vice president.

Many economists and industry analysts predict that by 2020 almost 90 per cent of new spending on internet and communications technologies will be on cloud-based technology. Using the cloud appears to no longer be an option but an inevitable necessity.

But what is the cloud and what is its impact on our lives, work and institutions?

Defining the cloud

The cloud is neither something floating in the sky, nor is it some ephemeral entity. Instead, it’s an airy term for advanced, fast and reliable internet-based computing. According to the US National Institute of Standards and Technology, the cloud is: “A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.”

Similarly, Quentin Hardy of The New York Times describes the cloud as: “A method of configuring and delivering computing power on-demand. Individual servers and storage, along with networks and software applications, are pooled and shared by various devices like smartphones and laptop computers, allowing easier use and higher performance. Usage is frequently metered, like a utility.”

The cloud is comprised of computers networked together on a global scale, their power combined together for collective use, and information efficiently distributed across its vast network, presenting huge computing possibilities for whoever taps into it.

But what does the cloud look like?

The cloud’s characteristics

According to NIST, the cloud’s main characteristics are on-demand capabilities, broad network access, resource pooling, rapid elasticity, and measured service.

First, on-demand capabilities permit the acquisition and employment of various computing capabilities as and when required.

Second, broad network access makes computing capabilities available across the network; accessible and usable by different devices including computers, laptops, smartphones, and tablets; and highly mobile, that is, access is available wherever there is an internet connection and online access point.

Third, resource pooling – including storage, processing, memory, and bandwidth resources – enables simultaneous multi-user engagement as resources are assigned and reassigned according to demand and usage.

Fourth, rapid elasticity enables flexibility, malleability, and scalability for different needs and purposes. Thus, computing capabilities and resources can be elastically employed for a variety of reasons, in any quantity and at any time.

Fifth, measured service provides affordable and transparent metering of cloud usage. That is, one is charged on a metered basis – in other words, you only pay for what you use – enabling usage to be controlled and monitored by both the cloud provider and user to help ensure transparency.

The cloud’s service models

The cloud offers three major kinds of service models: software as a service, platform as a service, and infrastructure as a service. The choice of model to employ depends on your information assets and needs: some users will only require one model, a combination of them, or all of them in order to accomplish and manage their particular needs.

The cloud has helped transform computing power from a scarce to an abundant resource

The SaaS model provides direct access to the cloud provider’s applications. Access is multi-user, offered on a rental basis, and available on different devices including computers, laptops, smartphones, and tablets. There are no licences to maintain or upgrades to administer because these applications are controlled and managed by the cloud provider instead of the user.

The PaaS model provides the platform – including programming languages, libraries, services, and other tools – on which to design, develop, deliver, and deploy applications over the internet. The user has no control over the platform except for their own applications on it, freeing them from the costs and complexities involved in running a platform.

The IaaS model provides computing capability and resources – including power, processing, storage, networking, and other resources – which users can use for their own applications and operating systems. The user does not control or manage the infrastructure (including the hardware resources, such as server, storage, and network components, nor the software resources that are manifested in the cloud’s characteristics), thereby diminishing the financial, physical, digital, managerial, and other costs of establishing, maintaining, staffing, upgrading, and otherwise running an in-house data centre.

The cloud’s kinds

There are three main kinds of clouds: private, public, and hybrid. A private cloud is cloud infrastructure for exclusive use by a single organisation, which may own it or may be owned and managed by a third party. A public cloud is cloud infrastructure for use or rent by the general public, which may be owned and managed by a governmental, academic, or private party. A hybrid cloud is a combination of a private and public cloud, which remain separate entities but share standardised or proprietary technology for various systems, services, or resources.

The cloud is engaged in multiple private, public, and personal spheres. For instance, it’s employed to manage workplace systems and software programs, deliver private and public services, organise academic and scientific research, run computer and mobile games, and serve other institutional or individual information assets, management, and needs. Indeed, the cloud has helped transform computing power from a scarce to an abundant resource.

Most businesses and governments are migrating their information to the cloud for the cost-saving advantages, fast and powerful computing capabilities, wide-ranging service and storage features, and other technological conveniences.

According to IBM’s Diaz, “cloud computing is making it possible for companies to provide new services faster, create new applications quickly, and figure out the goods and services that customers like”. Diaz further explains how institutions and individuals: “Using the cloud can focus on business, instead of buying and running servers and software. The cloud gives them new tools and techniques, which reduces the time it takes companies to go from idea to app. It helps them pull together, share, and analyse huge amounts of data.”

Individuals, moreover, have been able to use the cloud to engage in large-scale business and research that were previously constrained by costly and massive investments in the infrastructural, technological, and managerial staff, facilities, and systems required to undertake such initiatives.

The average person can now harness the cloud’s power and possibilities to start-up businesses with wide impact or reach, and engage in major scholarly or scientific research that were once the domains of big corporations and universities.

The cloud’s risks

The cloud does not come without risks. When information is placed in the cloud, risks arise for ownership, authenticity, confidentiality, forensic readiness (such as e-discovery and compliance regulations), privacy, and security. For instance, risks to efficiency arise if the cloud provider only guarantees availability 99 per cent of the time. A one per cent unavailability can mean the difference between success and failure especially in urgent or time-sensitive operations.

Risks to access, privacy, confidentiality, and other security considerations can emerge if the cloud provider changes its policies or practices on these matters. Risks to access, compliance, durability, management, and overall operations can increase when the cloud provider changes its technological capacities, offerings, or services. Risks to everything you place in the cloud can unfold if the cloud provider is compromised by hackers, sabotage, espionage, theft, or mismanages its business, or is legally or regulatory non-compliant, or is itself shut down or sold to, acquired by, or merged with another party.

Security breaches, for instance, are one of the most serious storms facing the cloud. Increasingly, these breaches are not the exception but instead the norm. When the cloud’s security is compromised, everything that goes along with it – from information stored, shared, and used, to user’s privacy, business, compliance, and reputation, to the cloud’s capabilities, services, and operations – is at risk. Hackers attack the cloud for financial, competitive, criminal, and political purposes: databases and systems are infiltrated, monitored, copied, or sabotaged; passwords are cracked or stolen; and malicious links and attachments bait unaware or unsuspecting victims into clicking or downloading them.

Further, using the cloud often requires a choice between control and economy. If you want full control over your information, then you probably should not put it in the cloud. Using the cloud necessarily means relinquishing some, or all, control over the deposited information. This relinquishment of control, in turn, means that you may not be fully aware or able to prevent such aforementioned risks. Relinquishing control, moreover, means that your information is subject to the cloud provider’s particular circumstances: its accountability, availability, policies, compliance, technologies, security, and fortunes, all of which can change. Relinquished control, in other words, necessitates the acceptance of multiple risks. When something is not owned, it cannot be fully controlled. And when cost savings and technological speed and convenience are wanted or needed, then some control must be given up.

Because of the many benefits of the cloud, some institutions and individuals tend to ignore or underestimate these risks. As Hugh Thompson, chief security strategist of Blue Coat Systems, argues: “We’re seeing growing confidence in the cloud – not because we magically solved the security problems – but because we’ve seen them put aside as operational practicalities trump security.”

Being aware of the cloud’s risks, and taking proactive steps to counter or mitigate them, will help ensure reaping the cloud’s benefits and avoiding drawbacks. Some possible security measures that could be employed include secure end-to-end data encryption, strict metadata annotation, reliable identity and information authentication schemes, and regular auditing requirements. These steps are not unnecessary overhead – rather, they are required to help protect both the cloud and its users.

The cloud’s materiality

With our heads in the cloud, it’s important to remember that the cloud is not ephemeral but is comprised of material things, most notably industrial-sized data centres containing thousands of giant servers that process and store all of this information. As James Glanz argues in a special The New York Times series on these so-called cloud factories, data centres and their, “physical realities of data are far from the mythology of the Internet: where lives are lived in the ‘virtual’ world and all manner of memory is stored in ‘the cloud’”. Major telecommunications and internet companies, including Google and Facebook, own and operate these large-scale complexes that arguably function as both the foundations of their businesses and an essential part of the Internet’s backbone.

In Tubes: A Journey to the Center of the Internet, Andrew Blum illuminates the very physical, real-world, bricks-and-mortar realities of the internet, including the cloud. He observes that there is nothing cloudlike about the cloud. He notes: “According to a 2010 Greenpeace report, two per cent of the world’s electricity usage can now be traced to data centres, and that usage is growing at a rate of 12 per cent a year. By today’s standards, a very large data centre might be a 500,000-square-foot building demanding 50 megawatts of power, which is about how much it takes to light a small city.”

Indeed, as The New York Times’s Glanz notes: “Some wonder if the very language of the internet is a barrier to understanding how physical it is.”

Conversations about the cloud belies the physicality of the infrastructure and resources needed to create and maintain it. The information in the cloud does not just magically disappear and reappear like some immaterial apparition. It materially goes somewhere. But that somewhere is not some immaterial cloudlike place – instead it’s a very real data centre. Yet it’s our growing appetite for more and more information made accessible, available, and useable in cheap, on-demand, convenient, and ‘anything, anytime, anywhere’ services that is driving the need for such a massive, physical infrastructure and its accompanying large-scale consumption of land, power, and resources.

Accumulating clouds

Using the cloud has gone from being an enticing option to a seeming inevitability. Its importance and impact, not to mention its material size, is growing as institutions and individuals continue their online migration. The cloud provides cheap, fast and huge on-demand computing capabilities that are dramatically changing the information landscape. It has, for instance, helped transform computing power from a scarce to abundant resource. Despite potential risks, many businesses, governments and individuals are adopting many features of the cloud for diverse reasons from managing workplaces to providing public services to storing and sharing all kinds of personal data.

Indeed, as the cloud accumulates in more aspects of work and life, it’s arguably beginning to represent the future of digital information.

Marc Kosciejew is head of department and lecturer in the Department of Library Information and Archive Sciences in the Faculty of Media and Knowledge Sciences, University of Malta.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.