There’s an excellent thread going on among the MyDex team about the accelerating shift towards cloud computing and what this means for the individual. I strongly recommended to them Nicolas Carr’s The Big Switch for a discussion of this very subject.
Arguably, we as individuals need the cloud even more than companies do. On the whole, we have less ability to maintain our own “individual piece of the cloud” than a company does. We have neither the capital, the expertise, nor the ability to persist across major changes (all but the very smallest company can persist when an employee leaves or dies, but when an individual person dies, their world of information disintegrates very quickly).
Google and other cloud-based service providers have recognized this. Given the proper safeguards* (see huge asterisk below), the advantages to individuals maintaining their personal data store of all their personal data assets at one or more cloud service providers are enormous. The latest example: watch the migration taking place from Intuit’s venerable Quicken franchise of desktop personal money management to the cloud-based equivalent at Mint.com.
Mint.com’s advantages are so compelling – all your data is automatically backed up, automatically accessible from any Web-connected device, automatically updated from any of your (supported) financial accounts, automatically able to send you important alerts and reminders – that it makes desktop money management look as antiquated as 5-1/4 inch floppy disks. (Remember, there was a time when 5-1/4 inch floppy disks were manna from heaven.)
If you need any further proof of this paradigm shift, Mint.com was acquired by Intuit last September.
I think we’ve seen only the very start of this paradigm shift of migration of personal data and personal data services to the cloud. And I don’t believe it will be take than a year or two until it becomes the norm. Check back here in January 2012 and let’s see where we are.
*HUGE ASTERISK: I don’t mean for one second to gloss over the topic of the safety (umbrella term for security, privacy, and control) of personal data in the cloud. I spend a good part of my day job as Executive Director of the Information Card Foundation on this topic, and it is the entire premise of emerging VRM service providers like MyDex. It is so deep and rich of a topic that I believe before long it will result in a whole new branch of the law.
Other security considerations aside, users access the Mint.com service with e-mail/password only. The point is made that, since users don’t identify themselves when setting up the service, no personally identifiable information would be available to anyone who manages to break into an account, and anyone breaking in could not move money out of any financial account anyway.
Still, I would raise a question. If I’m going to store and manage sensitive information (financial, medical, whatever) in the cloud, shouldn’t access to that information be protected with something stronger than just a password, even if it’s hard to tie that information directly to me? There are good reasons for wanting to keep others out, if for no other purpose than to prevent someone else from modifying or deleting the information.
Mint.com has this whole thing about protecting yourself from phishing attacks. I’d counter that I should not have to worry that any passwords that may be compromised could allow access to any of my sensitive accounts. Information Cards and OpenIDs are coming along, but even these are (most of the time) backed-up by passwords only.
Today’s password managers allow users to access accounts without having to remember a whole bunch of passwords. So for many people, maybe the password problem has disappeared. But I can’t see these cloud-based services really taking off until stronger methods are adopted to keep the information secure from access by unauthorized people.