jules - Fotolia

Take-up of cloud storage in Europe affected by privacy issues

The cloud storage narrative has been heavily US-biased, with take-up of cloud in Europe modified by concerns over privacy and responses to Safe Harbour’s nullification

This article can also be found in the Premium Editorial Download: CW Europe: CW Europe: February 2016

Cloud storage is hot, so we are told. It will rejuvenate your company, offload all that troublesome and expensive on-premise hardware, and help you ready staff and applications for Generation Mobile.

But when we look at European organisations, we see a somewhat different – and, dare one say it, more realistic and nuanced – response to the preachings of the technology evangelists.

First off – and this is not just a European issue, of course – cloud storage is not a monolithic concept. There are many ways to the cloud, as a technology Zen master might say, and we will discuss this shortly.

Also problematic for many Europeans is the fact that the version of the cloud story we hear most often comes from the US, as tech stories often do.

It is a narrative rooted in US concepts of what is and is not important for individuals and corporations, and comes from mainly US-headquartered companies with self-serving approaches to privacy – in other words, it's OK for them, but not for us.

There are several routes for organisations to make use of cloud storage – by which we mean remotely hosted, shared and managed storage, normally sold on a subscription basis with usage-based pricing.

An initial choice is whether you want pure cloud storage, with everything held remotely, or a hybrid version where some data is stored locally. These then subdivide based on what kind of data you want to store in the cloud, and whether you will use it for all applications or only for specific tasks, the most obvious being backup and archiving.

The choices

Pure cloud: In this model, the cloud is your primary data store. Advantages include access from any platform anywhere, although of course access is constrained by the speed and latency of your internet connection.

Public vs private vs hybrid: Public cloud storage is based on shared infrastructure at a service provider, although of course with considerable provision for security and data isolation between customers. Private cloud storage runs on dedicated infrastructure, either in the datacentre or at a hosting site.

Although it loses some economy-of-scale benefits, it still provides other benefits, such as elasticity and service-based operations. It also addresses some of the remaining security concerns. Hybrid combines the two, using whichever best meets the requirements of an application or dataset.

Hybrid for performance: The cloud holds the master copy, but some data may be synchronised to local storage or cached by a local cloud gateway-type device for faster access. Local caching can make access to it from other locations a more complex issue. This is the model most personal cloud services follow, so think in terms of how your Dropbox or OneDrive folder is replicated on your desktop.

Hybrid for privacy/security: Certain data is stored only locally and not in the cloud. This could be to ensure ownership and control for regulatory compliance, for example, or to allay (justified or unjustified) doubts over cloud security.

Cloud backup/archiving: These models leverage some of the cloud’s specific advantages, such as its ability to provide deep and highly extensible storage capacity. Also, cloud backup is well suited to remote offices and roaming users, and the fact that cloud storage is typically object-based means it can be a good option for unstructured data, such as archives.

The cloudy future

Market research company IDC forecasts that in Western Europe, public and private cloud storage will grow from 29% of the total storage market value in 2014 to almost 60% by 2019. Most of it will be off-premise (public and private) storage, rather than on-premise.

Carla Arend, programme director for IDC’s European storage and cloud research, says the key factor here is that IT expenditure follows application development.

“We have seen a ten-fold increased in ‘apps’ in three years,” she says, adding that “85% of new enterprise applications are being developed for the cloud, while legacy applications are gradually migrating to cloud-hosted virtual machines and/or containers”.

Arend also points to key trends such as the internet of things, which is very much cloud-based and will drive yet more demand for cloud storage.

So why do European individuals and organisations seem more wary of cloud storage than their US peers? For many, the answer lies in differing attitudes to personal and data privacy, a difference that has been brought into sharp focus by the Snowden leaks and the European Court of Justice ruling in 2015 that Safe Harbour is incompatible with the European Data Protection Directive.

Agreed between the US and the EU, Safe Harbour had for 15 years allowed US companies to move data outside the EU in contravention of the directive, as long as they self-certified adherence to seven data protection principles.

Read more on cloud storage

Penny Jones, senior analyst for European services at 451 Research, says that although European companies are keen to adopt the cloud, they are doing so under specific regulations and requirements. The clearest example is in Germany, where public awareness of surveillance and its evils is very much alive, thanks to a 20th century history that includes the Gestapo and the Stasi.

“Companies in Germany are moving towards the cloud for all intents and purposes, but they have strict requirements that data must be stored in-country,” says Jones. “This was one of the drivers for the Deutsche Telekom/Microsoft arrangement announced last year.”

This arrangement will see Deutsche Telekom’s T-Systems unit become the data trustee for Microsoft’s German cloud customers. It is hard not to see a connection between this and Microsoft’s fight to prevent the US authorities spying on customer emails held in its Irish datacentre without first going through Irish legalities.

“Concern is not only over storage,” says Jones. “It is about the support processes used for cloud. For example, does your data need to travel out of country, despite being stored in-country, for 24x7 support services to be delivered from the US or India, say?

“I think it has been of less concern – but is still of concern – in markets such as the UK, which are more mature in their approach to cloud and more familiar with doing international business.”

Fortunately for European businesses, there are several potential routes around the roadblock. In particular, more service providers are opening European datacentres – Jones gives file-sharing service Box as an example – and, of course, it has provided a boost to local service providers who can guarantee not only in-region storage but also that they cannot readily be threatened by government authorities abroad.

Read more on Cloud applications