The Cloud requires a new kind of intelligence, “Cloud Smarts”

Growing up as kids we could easily differentiate between school smarts and street smarts.  School smarts were the skills needed to excel in the classroom and school institution and street smarts were the “intuitive” skills that some had to survive on the “streets” and negotiate challenges, strangers, bullies and other potential threats.  These different kinds of smarts came to different kids with different levels of ease and were learned and taught in school and the home.

But in today’s Cloud enabled world driven by Big Data, there is a new set of skills and understandings that almost all of us are unaware of.  I would like to term these skills and understandings as “Cloud Smarts.” As a society, it’s increasingly critical that we cultivate an awareness of Cloud Smarts and its impact on our daily lives.  Without this awareness our democracy, economy and even our own free will are at stake!

The Cloud and Big Data Explained

The Cloud allows data and systems for many users to be maintained centrally.  This has a lot of benefits including huge operational and development efficiencies and improved access through web-based systems.  It also allows the data from a huge sampling to be analyzed, giving insights and making sense of data that would otherwise be inaccessible and seem random.  Big Data is the ability to analyze and make sense of these huge seemingly unrelated data sets.

Here are a few good examples of the positive impact of the Cloud and Big Data.

Example 1:

A large restaurant Point of Sale (POS) Cloud solution is able to see across thousands of its subscriber restaurants and develop insights using Big Data tools that can identify likely fraud patterns by analyzing retail, inventory and transaction information.  They share these findings as a benefit to its subscribers and alert them when likely fraud is taking place in their operation.

Example 2:

A large Antivirus company uses its millions of software agents across its installed base to inventory file signatures of all the files its software scans.  With this information, Big Data tools can help identify maliciously modified files and files that don’t belong on systems.  This helps the Antivirus company to identify threats that have not yet been discovered and improve the accuracy of detection of known threats.

Example 3:

A large Cloud provider of file and email services is able to see logon and access patterns of users across a large user set and geography and is able to use Big Data tools to identify likely hacking attempts by a sophisticated global actor. With this information they are able to notify the affected users and put in place counter measures to limit user exposure.

Anonymity and therefore privacy are lost forever

Cloud systems and Big Data are wonderful when they help solve problems that are becoming increasingly complex in a connected world.  However, with this incredible insight into huge amounts of data and patterns, anonymity becomes a thing of the past.

It doesn’t matter how many laws the EU puts into place “protecting” privacy or how well the medical industry protects your medical records through HIPAA compliance practices, people’s online behaviors generate unique patterns that, through the use of Big Data along with publicly available data sources, can uniquely identify them.  If you don’t believe me, check out this article.

Your Internet behaviors are being collected from many sources including your ISP (through sold DNS traffic), your Cloud service providers and Ad tracking systems (like the SilverPush system linked above). They are being carefully curated and stored by companies you’ve never heard of before called Data Brokers.  Data Brokers are happy to sell any of this information to whomever is willing to pay for it and allow the information to be used for whatever purposes the buyer would like.

With the loss of anonymity and personal privacy, the Cloud and Big Data can lead to some scary outcomes.  Here’s a few examples of the Cloud and Big Data gone wrong.

Example 1:

A large sales organization uses several online Cloud services to help facilitate their sales team.  The team can “share” materials with prospective consumers by sending presentation materials and links to online resources about their services and products.  Because the prospect is logged into Google online services (Chrome web browser) and also their FaceBook account, the Sales person can pull lots of personal profile information about the prospect without them being aware.  This is permissible through the Google and Facebook terms of use.  Also, the tool used to share the product materials allows the sales person to see what pages the recipient spends most time on, what info is skipped, etc. all without the prospect knowing it. The sales person is now armed with a trove of personal information without the prospect having any idea that the scenario is lopsided and the prospect’s chances of making an informed and fair decision are significantly impaired.

Example 2:

Large stock traders already use High-Frequency trading to connect directly into the electronic stock markets using fiber optic lines and high-speed computers to make hundreds and thousands of trades in fractions of seconds.   They use algorithms to anticipate even very minor changes in stocks and the market and make many buys and sells as a stock goes up or down.  These small changes can mean big money if you’re able to sell thousands of stocks in a fraction of a second.  Many people already find the High-Fequency trading unfair to the average joe trader.  But now imagine if High-Frequency trading firms were able to combine this capability with seemingly inside knowledge only available to them through the use of huge data sets and Big Data tools?  They might be able to correlate information from Data Brokers, Internet traffic behaviors, trending on FaceBook, trending on Twitter, trending on Google, weather feeds and other data sources to anticipate specific movements in the market.  They may even be able to track the likely geographical movement and purchasing behaviors of key executives to help determine certain outcomes.

Example 3:

It is possible that local and national elections are being impacted by well financed special interest groups using Data Brokers and other online data sources to create highly customized and individualized advertisements that would directly speak to individuals’ specific situations and concerns in order to influence their thinking and voting?  This advertising is unfair and manipulative because the viewer has no idea that the message is individualized and is based on inside knowledge of them.  These advertisements may not even look like Ads and may direct them to seemingly reputable resources and reporting with a specific political bent or misinformation.  It is very difficult to regulate these types of efforts and the use of Big Data and the availability of information in the Cloud makes these efforts relatively simple and scalable to roll out.

We must develop a good sense of “Cloud Smarts”

I’m constantly asking my friends, colleges, clients and family if they care if Google (The Cloud) knows so much about their behaviors: Searches, documents, photos, movements around the globe, phone calls, friends, etc.  And resoundingly they all say for the most part, No they don’t care!  They like the information, convenience and free services they get and are willing to give up “some info” to get them.

So what do we do to protect ourselves and make sure we continue to benefit from the Cloud and Big Data while not giving up the freedoms that make our society great?

Ultimately Laws will need to evolve to catch up with the technology to adequately protect citizens.  But until then, individually we have to cultivate an awareness of what data is out there, how easily it is collected, who has it (anyone who wants it) and how it can be used to impact our behaviors and our fortunes.  This trend is only accelerating as more systems and solutions move to the Cloud and more of our daily lives are conducted online.

We can also demand transparency and clarity from our Cloud providers.  One company who is setting the bar for this level of transparency is Microsoft with Office 365.  They clearly spell out how data is stored, protected and used and provide tools for customer auditing.

Cloud Smarts starts with a healthy sense of feeling vulnerable, a good defensive posture and being mindful of what data you knowingly put online (Ex. Google, Facebook, “free” services, Ad links, etc.). We can no longer browse the Internet believing we’re in control, because mostly we’re not.  We have to understand that Ads, links, sales people and other “strangers” likely have more information about us than we realize.

Brian Krebs is a well known reporter and blogger on computer and Internet security.  His blog posts and writings on security breaches and the general sense of online insecurity are eye opening and have helped me stay informed and understand the full scope of the issues.  He has several posts about ways to protect yourself online including setting up a Credit Freeze and Tools for a Safer PC.   There was also a very interesting article about Data Brokers on NPR worth reading.

Staying informed, aware and skeptical are the foundation of the new Cloud Smarts we should all start practicing.  Perhaps if we’re lucky the kids in school will learn about this, give it a better name and help teach us about the new reality.