July 9, 2016 at 9:24 pm
Comments posted to this topic are about the item Going On-Prem?
July 10, 2016 at 10:04 pm
What do people use for industry specific data on penetration rates for new technologies?
Does anyone follow up in a rigorous way on the predictions made from a few years ago?
July 11, 2016 at 1:16 am
I spent nearly 2 years on a project that was intended to put a data lake in the cloud. It turned into an infrastructure/data centre migration project in all but name.
The amount we had to do to satisfy the security regime added months and millions to the cost. At one point there was a n exasperated engineer saying "If they can dig down to the 15Tbit glass pipe in a crowded street, bend it to get some light leakage, de-multiplex the signals and decrypt your data then perhaps they deserve to have it"!
Some of the security challenges were unanswerable. What happens if there is a disgruntled employee in the cloud vendors data centre who puts a packet sniffer between two servers to harvest your data?
The answer we gave that was rejected was that with a virtualized multi-record setup there would be no way to identify which physical host the particular VMs would be running on or even if they were separate physical hosts.
The cloud vendor was at pains to point out that their data centre's had extremely stringent physical access restrictions for personnel, high levels of monitoring and just about every other precaution you'd hope for in a secure data centre.
None of this satisfied the security guys.
Some of the security guys concerns were genuine and certainly raised the bar for security in the organisation. One of the vendors involved commented that if we implemented everything that security required there wouldn't actually be any CPU power left over to do any work.
I think the cloud vendors need a security standard to which they comply that can be put in front of any security expert in a potential client organisation.
I also think that organisations need to have a view of the comparative risks between on-premise and cloud data centres. In many cases I suspect that organisations data is less secure than in the cloud
July 11, 2016 at 3:11 am
What about POPI laws? (Protection of Personal Information Act). If your data is in the cloud and the whereabouts of the actual server can change with fail overs and the law states that you are not allowed to take personal information past the country borders, you could be breaking the law without knowing it. Wonder how international companies gets past this one when they want one HR database?
5ilverFox
Consulting DBA / Developer
South Africa
July 11, 2016 at 3:23 am
I'd echo the point about personal information, though I'm in a healthcare environment so it would be patient information that would be "cloudified" (I'm trademarking that).
As I'm in the UK and much of the cloud infrastructure is based in the States, our Data Protection Act is a bit more stringent than that of the US (so I'm told by my Information Governance Manager) and our data would be subject to US law if it's held on a physical server in the USA. If Microsoft want to be pushing for online data storage as a norm, surely they would have to give assurances (and signatures) to say that they are happy to be prosecuted under the law of the country they rent space to before UK (or even European) companies look at this seriously.
The NHS in the UK is extremely twitchy about cloud storage in general for this exact reason.
July 11, 2016 at 3:42 am
Japie Botma (7/11/2016)
What about POPI laws? (Protection of Personal Information Act). If your data is in the cloud and the whereabouts of the actual server can change with fail overs and the law states that you are not allowed to take personal information past the country borders, you could be breaking the law without knowing it. Wonder how international companies gets past this one when they want one HR database?
Certain cloud providers such as Amazon have the concept of regions and availability zones. When you set up a database instance you can specify whether or not you want resilience and where you want that resilience to be.
There are implications for the UK because data transfer within the EU is one of the things covered by membership of the EU. The UK has voted to exit the EU though I'd be amazed if it actually did. The complexity of what a divorce from the EU entails plus the spectacular levels of ineptness in the UK government (regardless of which side of he argument they were on) are a daily source of embarrassment. And as a Brit being embarrassed has been genetically bred into us for generations.
July 11, 2016 at 4:25 am
rob.carter 79958 (7/11/2016)
I'd echo the point about personal information, though I'm in a healthcare environment so it would be patient information that would be "cloudified" (I'm trademarking that).As I'm in the UK and much of the cloud infrastructure is based in the States, our Data Protection Act is a bit more stringent than that of the US (so I'm told by my Information Governance Manager) and our data would be subject to US law if it's held on a physical server in the USA. If Microsoft want to be pushing for online data storage as a norm, surely they would have to give assurances (and signatures) to say that they are happy to be prosecuted under the law of the country they rent space to before UK (or even European) companies look at this seriously.
The NHS in the UK is extremely twitchy about cloud storage in general for this exact reason.
I work for a multinational but I'm based in the Uk. The company as a whole is moving on to Google but as soon as our MD found there was a slight risk of PII being stored outside the EU, he dug his heels in and nixed it. We're staying with local systems and will be for the forseeable future. As David mentions though, it could be one of the largely unconsidered implications of Brexit. Much of the legality surrounding data protection is EU driven and if we're not covered by EU law who knows what could happen. I wouldn't be surprised to see some kind of data free-for-all as the protections are removed and companies swoop in to buy up the data.
How to post a question to get the most help http://www.sqlservercentral.com/articles/Best+Practices/61537
July 11, 2016 at 7:46 am
International considerations are a challenging area.
If you want to operate in a market then you have to abide by the rules of that particular market. Back in the 1980s there was some debate about the sale of certain American sweets in the UK. It turned out that America had 15 allowed food colourings where as Britain had only 8 however not all of those 8 were included in the American 15. The upshot was that the UK sweets could not be sold in America and the American sweets could not be sold in the UK.
I'm not sure how the issue was resolved but it probably involved a change in recipe.
If Britain is in the EU then we have to comply because it is the T&Cs of membership. If we are outside of the EU then we should comply in order to tap into that market.
Let us suppose that Britain wanted to raise the bar on what was required to be able to store Personally Identifiable Information. In theory we could do so outside of the EU because there would be no need to get umpteen member states to agree. However this could fall one of two ways:-
1. Higher standards of security become attractive so Britain becomes to data what Switzerland is to money
2. Higher standards reduce the use of British data centres because of the extra costs on achieving the standards required.
Would I be darkly cynical to regard national safe havens as a comfort blanket for the delusional? I am pretty sure that when foreign powers want your data the best you can hope for is that their access is delayed enough to reduce the value of the data. The Mossad always knows!
July 11, 2016 at 9:07 am
One of my concerns has always been that there is a difference between contractual obligations and reality. We encountered just this issue recently when we sunset a product and needed to migrate our data to another system. The vendor had zero interest in helping, what should have taken hours to plan took months, what should have taken days for data migration took over a year and is still ongoing, and we still do not anticipate getting all of our data.
The fact is that if my data is on my servers, in my building, I have complete control over it. Once that data leaves my building I no longer control it. Access is at the whim of the vendor that is hosting it.
How much did we pay to host the data? Were there cost savings over local storage? When we sunset the product, what was the cost to migrate back to our storage?
In the end, the cost to our organization was far, far higher by having it hosted, than it would have been had we kept it internal from the start.
Now, this is a single example. I would hope that others have had very positive experiences. That isn't the point. The point is that hosting can be cost effective and provide additional values, or it can be overly costly and end up not providing any additional value. Worst case, it can end up causing problems that were not anticipated, nor covered in a contract. So, consider the possibilities before signing.
Dave
July 11, 2016 at 9:46 am
David.Poole (7/11/2016)
Japie Botma (7/11/2016)
What about POPI laws? (Protection of Personal Information Act). If your data is in the cloud and the whereabouts of the actual server can change with fail overs and the law states that you are not allowed to take personal information past the country borders, you could be breaking the law without knowing it. Wonder how international companies gets past this one when they want one HR database?Certain cloud providers such as Amazon have the concept of regions and availability zones. When you set up a database instance you can specify whether or not you want resilience and where you want that resilience to be.
There are implications for the UK because data transfer within the EU is one of the things covered by membership of the EU. The UK has voted to exit the EU though I'd be amazed if it actually did. The complexity of what a divorce from the EU entails plus the spectacular levels of ineptness in the UK government (regardless of which side of he argument they were on) are a daily source of embarrassment. And as a Brit being embarrassed has been genetically bred into us for generations.
I know how you feel. Here in America, we're coping with our own recent political embarrassments.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
July 11, 2016 at 10:25 am
The Data Protection Act 1998 is actually a UK piece of legislation, not really governed by Europe. Because European legislation is as stringent (or because we were put under pressure to allow it) data sharing agreements were put in place.
The Data Protection act was created to bring the UK into line with the EU Data Protection Directive 1995 (I checked.. slow day). it does state that "Personal data shall not be transferred to a country or territory outside the European Economic Area"... [which is wider than the EU, incorporating the EU, Iceland, Norway and Switzerland, among others] ..."unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data."
I guess the correct response would be for cloud companies to create nationally based server farms and ensure they were locked down and clearly bordered...
July 11, 2016 at 10:42 am
Eric M Russell (7/11/2016)
I know how you feel. Here in America, we're coping with our own recent political embarrassments.
What could possibly be embarrassing about an ex-president illegally meeting with the US Attorney General, her then illegally pushing her responsibility off to the FBI, and the FBI illegally deciding to violate federal law while explaining that a presidential candidate violated multiple laws, but we aren't going to prosecute them?
Stronger words probably apply here.
Dave
July 11, 2016 at 12:15 pm
djackson 22568 (7/11/2016)
Eric M Russell (7/11/2016)
I know how you feel. Here in America, we're coping with our own recent political embarrassments.What could possibly be embarrassing about an ex-president illegally meeting with the US Attorney General, her then illegally pushing her responsibility off to the FBI, and the FBI illegally deciding to violate federal law while explaining that a presidential candidate violated multiple laws, but we aren't going to prosecute them?
Stronger words probably apply here.
Now you opened a can of worms called politics. π But you cannot be worse off than some parts of Africa. π
5ilverFox
Consulting DBA / Developer
South Africa
July 11, 2016 at 12:50 pm
Japie Botma (7/11/2016)
djackson 22568 (7/11/2016)
Eric M Russell (7/11/2016)
I know how you feel. Here in America, we're coping with our own recent political embarrassments.What could possibly be embarrassing about an ex-president illegally meeting with the US Attorney General, her then illegally pushing her responsibility off to the FBI, and the FBI illegally deciding to violate federal law while explaining that a presidential candidate violated multiple laws, but we aren't going to prosecute them?
Stronger words probably apply here.
Now you opened a can of worms called politics. π But you cannot be worse off than some parts of Africa. π
Or Russia, Egypt, Saudia Arabia, Yemen, France, Germany...
Oh, Eric gave me the opening, so can I blame him? Nah, my fault. π
Dave
July 11, 2016 at 4:06 pm
djackson 22568 (7/11/2016)
Japie Botma (7/11/2016)
djackson 22568 (7/11/2016)
Eric M Russell (7/11/2016)
I know how you feel. Here in America, we're coping with our own recent political embarrassments.What could possibly be embarrassing about an ex-president illegally meeting with the US Attorney General, her then illegally pushing her responsibility off to the FBI, and the FBI illegally deciding to violate federal law while explaining that a presidential candidate violated multiple laws, but we aren't going to prosecute them?
Stronger words probably apply here.
Now you opened a can of worms called politics. π But you cannot be worse off than some parts of Africa. π
Or Russia, Egypt, Saudia Arabia, Yemen, France, Germany...
Oh, Eric gave me the opening, so can I blame him? Nah, my fault. π
With geo-location, you could wake up one morning and discover that a replica of your database is now physically contained within the borders of a country that decided to re-write their digital privacy laws, overthrow their government, or has had a political falling out with your home country overnight. Not only is the data inaccessible (no big deal you have other copies) but the real problem is that it's now vulnerable to hacking, looting, or eminent domain.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
Viewing 15 posts - 1 through 15 (of 16 total)
You must be logged in to reply to this topic. Login to reply