The August issue of PC Magazine began the “magazine’s” 30th year and I have not missed an issue, although this is the first one I read on the iPad with Zinio. If someone had described the iPad to me back in 1981 it would have seemed like science fiction. Even the PC at that time seemed an amazing breakthrough. The first PC had a 5.25 inch diskette drive and no hard drive. Anybody have their archives on 5.25 inch diskettes?I hope not because it might be hard to find a drive to read them.
The First Word column by Lance Ulanoff over at PC Mag this month was called Storage Evolution in which Lance discusses how storage has evolved from one type of media to another. When a new size or type of storage is introduced it always seems that the new paradigm will last forever. In the grand scheme of things the evolution looks more like pings on a radar screen. They come and they go. Sony has just made a decision to end production of the 3.5 inch disks. When the CD became popular for backing up our files it seemed to be the ultimate. Then came the DVD and then double sided and double depth. External drives, zip drives, USB keys, tape cartridges, and perhaps holographic storage soon. Getting the latest and greatest to backup your data is the easy part. What about five years from now when you want to restore some data from your archived storage? Will you have a PC or Mac that has a device that can read the storage medium you had chosen five years prior? Maybe and maybe not.
Why not let someone else worry about all this? There is something about clouds that brings the term into our daily lives. We say “it is a cloudy day”, or “there is not a cloud in the sky”, or if we feel especially elated or happy we might say “I feel like I am on cloud nine“. More and more people are answering the question of where is there backed up data with “it’s in the cloud”. Some people worry about whether it will be safe and secure in the cloud but from my perspective it is important to compare the risk to that of keeping such data on your own computer. In fact I would say that the risk of your data getting compromised at a cloud backup service is less than the risk of your hard drive crashing or having your laptop stolen at Laguardia Airport, or at some point of being unable to read the data because the storage medium is incompatable with your computer.
Cloud services companies have a lot more at stake than we do when it comes to maintaining high integrity for their operations. They will keep your backup data backed up and they will use whatever the most cost-effective storage media is. As new kinds of media come along they will adopt it and migrate all your data to it. Their problem, not yours. The argument for using them is compelling from my point of view. There are many companies that offer backup services including Mozy, Carbonite, and SOS. See PC Magazine for a review. I have been using idrive.com for quite some time and have found it very reliable. The services can be setup to automaticaly make backups while you are sleeping. You can have the backups run daily, weekly, or even continuously so that whenever a file changes on your computer a backup is made in the cloud. The best part is that you don’t have to buy any devices and worry about how compatible they may be in the future.
Is cloud computing for businesses or for consumers? It is for people. Businesses do not buy from businesses. People in businesses buy from people in businesses. People work at businesses and people work at home. Some people are students and some are e-tired. Clouds are all about making people more productive and increasingly the clouds will be where we will keep all of our data that feel is important.
Other patrickWeb stories that refer to “clouds”
Tags: backup, backup service, cloud, cloud computing, cloud services, diskette, dvd, holographic, ipad, media, pc magazine, storage, storage medium, tape, usb
Posted by John Patrick on Dec 26, 2003 in
PKI 
Another dimension of Trust has to do with standards. Because of standards, the Internet is the only thing I know of that works the same everywhere. Most things work differently in different parts of the world. The side of the road we drive on, the side of the car we drive from, the width of the railroad tracks, the plugs that we put in the wall; all work differently around the world. But not the Internet; it works exactly the same in every corner of the world. There are a lot of debates during the process while Internet standards are being developed but once published as a standard every vendor has an obligation to implement the standard. Most do. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 24, 2003 in
PKI
In “Too Secure?”, I described how a financial services company insisted that I use the fax machine to send them a document. Let’s contrast that process with how it might have worked using a public key infrastructure approach with the five security functions described in the last part of the Privacy And Trust series. We’ll look at each of the five elements. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 23, 2003 in
PKI
The most important benefit of a digital ID is authentication. Once digital IDs are more commonplace, you will no longer have to send your login ID and password over the Internet. Your password, passphrase, or biometric will go no further than your smart card, token, or your PC. Once you are authenticated, you will be able to authorize an encrypted exchange of digital data between your PC (or phone or other information appliance) and the other party. The result of the exchange is that both parties will be able to confirm that the other party is indeed who they say they are. If you provided biometric data the person will know not only that it was your ID but that it was actually you and not someone who may have ?borrowed? your login/password. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 22, 2003 in
PKI
In the near future most people will have a digital ID along with an accompanying biometric link such as a fingerprint, face print, voiceprint, iris or retina scan. The combination of digital ID and biometric will enable you to establish yourself as a completely unique person. At last you have the ability in the digital world to establish that you are who you say you are just as you can in the physical world! Step one is to get a digital ID from someone that knows for sure who you are and who is trusted by others as a reliable source for authenticating you. And who would this someone be? (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 20, 2003 in
PKI,
Public Policy
There was a cartoon by Peter Steiner in the July 5, 1993 issue of The New Yorker showing a dog at a PC speaking to another dog watching from the floor. The caption was, ?On the Internet nobody knows you’re a dog.? Very true and in fact nobody really knows for sure just who you are. Nor do you know who is at the other end of a chat session or e-commerce transaction either. Assuming success of the numerous technologies at the Inside ID conference in Washington, D.C. this week, we will soon have Digital IDs that will change this. There are many issues but has become urgent that we get digital ID’s in place for all of us (and for our servers and eventually for everything. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 7, 2003 in
PKI
Mention the word trust and many people immediately think of security. We hear so many negative questions about Internet security. Is it strong enough? What will happen to my credit card number? What about hackers? We would like to implement this or that application but we can’t because of ?security?. The list goes on. This is one area where some ?old fashioned? attitudes are actually healthy. Security is critical and needs to be taken very seriously — but not in a restrictive sense. In fact the question that business and government leaders should be asking is about how security on the Internet can become the enabler of global commerce, the enabler for enabling people to control the email they get, the enabler for more secure and efficient processing of healthcare information, and the enabler for trusted transcations. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 4, 2003 in
PKI,
Public Policy
Most websites now have privacy policies and it is a good idea to read them, especially if it is a company you have not done business with before. Some privacy policies amount to "We capture data about you and we sell it or give it to anyone we choose". Other companies have a policy like "We will always tell you if we are capturing your personal data. We will never give it away or sell it. If we want to use it in any way other than to fulfill an order or something you asked of us we will ask your permission first. We guard all data with extremely tight backup and security procedures to insure your data is never compromised". That is a good policy but how does a company insure they are actually complying with their own policy? (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Dec 1, 2003 in
PKI 
Is it possible to be too secure? This morning I was working on a personal financial matter that required me to send some information to another person. The information was on a paper document and I did not have a machine readable version of it. I scanned the document and sent it via email as an eFax attachment. I first called the person to let them know that I would be sending the email. By making the call I was able to verify that the person was who they said they were and the person would then be able to expect the email and who it was coming from and what it contained. Five minutes later I got a call. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, PKI, privacy, security, smart card, trust, usb
Posted by John Patrick on Nov 29, 2003 in
Healthcare,
Public Policy There have been
many emails about the PepperBall, but perhaps the most emotional feedback has been about my short stories on healthcare.
The cry for more efficient, effective, and affordable healthcare is universal. One reader said,
"I was happy to see your take on healthcare in your recent blog. This is a field where
some good IT could solve redundancy quagmires, but one of the basic problems is privacy. I think people reject the idea of their healthcare info being in a database for fear unauthorized people would be able to get at it to find out what their ‘weaknesses’ are".
Of all the issues which will affect the future of the Internet, the safeguarding of our personal information when it travels on or over the Net is likely the most important because it is at the heart of Trust — and without Trust the Net will not be able to realize its full potential. This means that information about an individual needs to be handled in a way that is consistent with the privacy and security expectations of the individual — if not, there will be no trust. I am planning a series of stories about trust. There may be other stories along the way, but this is Part 1. (read more)
Tags: authentication, authorization, ca, certificate authority, digital id, encyption, integrity, key, non-repudiation, passphrase, privacy, security, smart card, trust, usb
