There is no easy answer as to whether you will personally be happy to put all your data and intellectual property in the cloud. There are all sorts of issues that you will need to address, and nothing I can say will really mitigate any of your concerns.
Example issues might be:
- Is my data too sensitive to put in the cloud?
- Do I retain legal ownership of my data?
- What happens to my data if I forget to pay my subscription?
- Will I have a backup of my data if something happens to the cloud version?
- Can I easily move my data from one vendor to another or in house?
- Do I know and accept the privacy laws of the countries that have access to my data?
- If I’m in a shared environment, and I delete my data, how sure can I be that the data is sanitised?
- Does the SLA adequately reflect the actual damage caused by a breach of the SLA, such as scheduled down time or data loss?
In Australia, we have a government organisation called the Defence Signals Directorate. They have produced a white paper on what government organisations need to do to ensure they are adequately protecting their data. That document may be found here: Cloud Computing Security Considerations. One interesting thing is that this document has a whole list of issues for you to consider, such as those above. It is well worth a look.
That document isn’t just good for it’s discussion on security implications. It also has a great “Additional Information” section, where it provides links to various other bodies who have performed analysis in this area. For example, there is a reference to a comparison of cloud providers.
I think the message to take away from this is that it can be done, and if the military and government are allowing it to be considered, then perhaps you should consider it as well.