Monday's Musings: NSA PRISM Scandal Hurts US Cloud Companies And Hastens The Return Of On-Premises Software

Non-US Based Organizations And Even Some US Organizations Will Not Tolerate Snooping In A Post PRISM World
Since the Edward Snowden PRISM revelations, Constellation has received a steady stream of inquiries on cloud strategy.   In fact, nervousness runs high among many non-US based companies using services from US based cloud companies across the cloud stack.  In early August 2013, the Information Technology & Innovation Foundation put out its report "How Much Will PRISM Cost the U.S. Cloud Computing Industry" Assuming that 20% of current clients switch to a non US based provider,  the report estimates a loss of $22 to 35B by 2016.
Constellation agrees.  All signs point to an anti-US stance until the security issues is addressed.  The odds on the US government moving fast on this issue are as good as Major League Baseball players or Tour de France Cyclists honoring a performance enhancement drug use ban.  In fact, Constellation is aware of at least 50+ contracts that have been put on hold or cancelled in the past 30 days.  With the EU's Nellie Kroes already sounding the alarm bells in a way she only can, cloud buyers have taken notice.
The Bottom Line: Clients Should Consider Alternatives To Pure Cloud Models And Encryption Technology
Interesting enough, fifteen years into the cloud revolution, talk has rekindled about building on-premises software in light of this scandal. Unfortunately, the last major on-premises software company to receive funding squandered it all in 2005 and retooled to the cloud. Furthermore, a few entrepreneurs are looking at VC funding to take some key systems back on-premises.
However customers do not have time to wait for new software to arrive in the on-premises deployment option.  In the meantime, a few near term strategies have emerged:

  1. Encrypt everything.

    Despite public services such as Silent Circle shutting down, organizations can still buy their own encryption technologies.  Secure all transmissions via encrypted email.  Prior to uploading to a cloud service, consider pre file upload encryption technologies.  Many cloud services have explored how to deploy this since the NSA scandal.
  2. Use your VPN. While the virtual private network may slow down your communications, in general, the encrypted tunnel allows for private communications to the server.  Encryption should extend back to the mobile device management systems as well.  Maybe now is the time to take another look at the RIM BES server.  Those Blackberry 10's could just make a comeback.
  3. Move to private clouds. While public clouds have dominated the news, the shift to private clouds allow for the peace of mind that only ownership brings.  However, ownership means the reincarnation of the data center will carry it's own set of ownership costs.  The tradeoffs in security may be worth the hassle for some clients.
  4. Identify providers with a non-US data center presence. Many clients have postponed upgrades in light of the scandal.  One fix may be to identify services that have European or Non-US data center jurisdiction.
  5. Reconsider on-premises software. Many CXO's who have been cloud evangelists, have had to reevaluate their on-premises software footprint.  The non-US CXO's must abide by their national interests and desire to keep their data away from the spooks in the US.

Clients should continually evaluate the situation as US based cloud providers will not sit still and have been addressing concerns as customers have slowed down their purchasing cycles.  Constellation is researching how the major cloud vendors will address this.  Follow Constellation's lead Cloud IaaS and PaaS analyst Holger Mueller for the latest developments.
Your POV.
What's your back up plan? Ready to secure your data from the government?  Add your comments to the blog or reach me via email: R (at) ConstellationR (dot) com or R (at) SoftwareInsider (dot) com.
Related Research And Resources

Reprints can be purchased through Constellation Research, Inc. To request official reprints in PDF format, please contact Sales .
Although we work closely with many mega software vendors, we want you to trust us. For the full disclosure policy, stay tuned for the full client list on the Constellation Research website.
* Not responsible for any factual errors or omissions.  However, happy to correct any errors upon email receipt.
Copyright © 2001 – 2013 R Wang and Insider Associates, LLC All rights reserved.
Contact the Sales team to purchase this report on a a la carte basis or join the Constellation Customer Experience!