Harris Exits Cloud Hosting, Citing Fed Server Hugging

miller60 writes "Despite the publicity around the U.S. Government's 'Cloud First' approach to IT, many agencies are reluctant to shift mission critical assets to third-party facilities. That's the analysis from Harris Corp., which has decided to get out of the cloud hosting business and sell a data center in Virginia, just two years after it spent $200 million to build and equip it. 'It's becoming clear that customers, both government and commercial, currently have a preference for on-premise versus off-premise solutions,' said Harris' CEO."

Server Hugging

[stevegee58]

Have you hugged your server today?

Re:Server Hugging

[gstoddart]

That would be a real concern for me if using an American cloud hosting provider, as I am not located in the US. Do these companies have any choice but to bend over to the government when they are told?

You are correct, they have no choice.

The wording of the USA Patriot Act allows them to basically demand data from any US company (it might even be US owned). So, any data there you should consider to be essentially available to the Americans on a whim.

I've done some consulting for the Canadian government, and we legally can't store any data on any servers in the US or host certain data with US owned companies. Because, if the US authorities came in and demanded it, they'd have to hand it over and be legally bound to secrecy and not tell anybody it happened. Not a good situation for confidential government data with private information in it.

So, if you have data you don't want to be subject to US rules, the only solution is to not store it with them, and possibly not with anybody owned by a US company.

I believe the EU has encountered some situations in which companies can either be breaking the EU laws, or breaking the US laws ... it's not possible to be in compliance with both if one prevents you giving access, and the other insists they get it.

The only way to keep your data secure, is to keep it in-house.

Re:Server Hugging

[berashith]

so this is proof that the canadians are terrorists! If there is nothing to hide then why are they hiding it?

Re:sorry, but nothing changed

[MightyMartian]

For some of us it's the simple reality that our data is out of our hands. Yes, we can encrypt, and that offers some security, but you're still left with the fact that you're going to need some sort of third site backup to truly make sure your data can survive a catastrophe (including the cloud provider being raided, its/your servers ending up in an evidence room for an indeterminate amount of time) that could destroy or make inaccessible critical business data.

I think there's a place for it, but in the type of business I'm in, where contractual and legislative obligations on securing of confidential data is quite stringent, the cloud just doesn't offer what we want. Data out of our custody is data out of our control.

They did not target startups and small business

[dstates]

Everyone wants to keep their data close to their chest, but only the Feds and Fortune 500 companies have the resources to actually do it. For a startup or small business, cloud services are a god send. Compared to the costs of building a data center and staffing an IT department, a good cloud provider gets you up instantly and expands seamlessly. Harris targeted the wrong audience and/or they could not compete with Amazon.

Re:sorry, but nothing changed

[vlm]

Data out of our custody is data out of our control.

Oldest story in the endless repetition of the IT world. Reliability. Lets say you're a midlevel manager in charge of providing email service to the biz.

1) Hire a low level sysadmin to run a server in the basement, he knows he's fired if the server isn't up 100% of the time, if he doesn't respond to your slightest whim at 2am every morning, or instantly correctly answer the dumbest question. Paying a server jockey $60K/yr just to run email, makes sense if reliable email brings in $3M/yr of revenue in your biz and unreliable email brings in $0M/yr. This option gets you a promotion because you did so well.

2) Or cloud it for $50/month, and the boss selected the provider for you on the basis of how good the season tickets were and/or how hot the saleswoman is. The provider knows they have a bullet proof legal contract that makes them responsible for pretty much nothing, and if you leave the provider doesn't care because each customer is only about 0.01% of their total revenue anyway. If its not working as you prefer, you have no leverage over the provider unless you are one of their top 10 customers (if you have to ask, you're not), what are you going to do, make your boss look bad for selecting the wrong provider for you, or cancel a multi-year contract resulting in days to weeks of downtime and involving legal. This option simply gets you fired.

Last cycle of the eternal IT wheel I was a very small cog in a very large machine at a provider fitting option 2 and I know some customers got fired for buying email service from my ex employer, always awkward to call a customer about an old trouble ticket and be told they got fired because of your service (whoops). Clouding your web server today is no different than clouding your email IMAP and POP server a decade ago. Dumb career ending move for management unless you're in such a ridiculous special case that they may as well write a book just about you.