Data Basics: Cloud and Security
A panel at AUVSI Xponential 2017 titled “The Devil’s in the Data: Managing, Protecting and Making the Most of Your Information,” touched on key aspects of data management. From the cloud to security, panelists from a variety of verticals discussed dealing with data under the scope of drone technology.
Very early on, the conversation broadened its reach to digital data in general, acknowledging a drone as just another way to acquire it. Jason Barton, founder of KSI Data Sciences; Lars Hegdahl, safety engineer and director of UAV integration at Great Southwestern Construction Inc.; Michael Jones, software engineering manager at Lockheed Martin; and Ken Kranz, associate director of UAS big data solutions at Cognizant Technologies, covered a lot of territory. While they are not necessarily geospatial professionals, they, along with their clients, face the same data management questions and challenges that geospatial professionals do.
What is the Cloud?
For starters, what exactly is the cloud? “The thing I tell people is: The cloud is just somebody else’s computer,” Barton said.
To expand, Jones encouraged the audience to start by imagining one desktop computer that sits under a desk. Its owner can put data in it and pull it out; very straightforward. Then he said to imagine talking to the computer over a network instead of using its keyboard and mouse. Now it is being remotely operated instead of manually operated. Next, multiply that one computer by thousands. “That’s essentially what they’ve done. They have 1,000, 10,000, 100,000 different computers … and they’ve separated the machine you do the work on from the work you do. That’s really what they’ve done at the heart of it. So you take work and you put it on any machine within their giant system,” Jones said.
He likened cloud computing to a generic execution engine for work. He said the big players, including Amazon and Microsoft, have massive facilities filled with physical computers that have virtual computers running them. “It’s gigantic buildings, warehouses, high-secure facilities usually. … They’re these giant facilities full of computers where they manage to abstract the work from the worker. … Once they realized they had that, you could share that [data] with everyone, or a network. So now other people can go and access the data that you entered.”
An important advantage of the cloud, according to Barton, is that an application can move to where the demand for it is. If a service provider needs access to their project from Colorado one day and New York the next, it is possible without packing heavy hardware. “You want the redundancy of the cloud. You want your application to be able to move and maybe your data to be able to move. But we have to put restrictions around it. We also have to take it upon ourselves to secure the cloud,” he said.
Digital Data Security
Technology geeks tend to run for it and discover the cool new things, often forgetting about less sexy factors like security, Barton said. It is much better to consider securing data before instituting a management system for it than after, but the answer to how isn’t as straightforward as one might hope.
Security is a considerably abstract concept that is really a matter of perspective in Jones’ eyes. He gives Google, Apple, Microsoft and Amazon credit for being generally reliable with digital data. “So if you have a castle, they’re pretty good at manning the wall, but you could leave your window open or people inside the castle could get out. So the question is: What do you actually care about? Security is about: Do only the right people have access to the data?”
Security is a term relative to the owner of any given dataset and where their comfort level lies. Geospatial professionals should ask themselves what they are concerned about in order to determine what data security measures to implement. One built-in positive Jones pointed to is the volume of data stored on various cloud platforms. “They have the same problem you do and we do. There’s so much data that ... you are buried in a sea of it. That does form a bit of security in itself. It’s security by obscurity to be sure, but it is nevertheless a form of security because the same way we can’t actually make use of all the data that’s there, they can’t either.”
Legal compliance is another beast, but it doesn’t leave room for choice; the rules are the rules and Barton foresees a lot of service providers getting bit by this bug in the near future. This is where professionalism can rise to the occasion.
“Whether it’s financial data, healthcare data, it’s the same questions we ask clients,” Kranz said. The questions that help guide security decisions include: Are there government regulations involved? Which regulations are involved? Where was the data taken? If you’re in the U.S., does the data have to stay in the U.S.? Is there going to be personal-identifying data in the database that could be compromised? The next phase involves the comfort level of the client; whether they’re more comfortable with their data in their basement or on Amazon’s cloud, for example. Next they consider whether they want all of the data in the same location, pieced up, or in multiple places for backup.
Data is no more secure or insecure if it is placed on a rack in the basement versus on Amazon’s cloud in Kranz’s opinion; it’s all about how the data is handled. He says security is its own issue that transcends big data and nobody has a lock on it. What matters in the end is that it is accessible to the right people. “You’ve got to make sure you have that hard outer shell so that [outside] people can’t get to your data with that soft inner core so your people have access to it.”
The significance of the data itself was a point highlighted repeatedly by the panel. “It doesn’t matter how we get the data,” Hegdahl said. “People are very excited about drone technology and that’s phenomenal. But if I have to Velcro a GoPro to a pelican to get the data, I’m going to get that data.”
It is important to remember that a drone, LiDAR sensor, camera, total station, etc. is only as valuable as the data it acquires and provides. With so many new product launches left and right, it is easy to get excited and feel pressure to keep up. But can the tool deliver the data you need? If not, who cares?
Barton, who serves government clients, says before the commercial side, he watched his government clients grow enamored with drone technology without taking a technical look. The actual data — the most important part, the point of the hardware — was an afterthought. While most geospatial workflows start with using tools and end with new data, they should start with data. Service providers should not only think about the data they need before making technological investments; they should think about the data they need before kicking off each and every project. It will determine technique, timeline and more. And with that, more administrative data management issues like storage location, security, lifespan, etc. should always be taken into consideration.