I’ve had the opportunity to discuss the issues related to the lack of transparency of public cloud previously. This is forcing users to trust the cloud service provider, not knowing who is actually behind the delivery of a particular service.
In a recent discussion about this needed trust in the cloud some of the people I was speaking to argued we need to differentiate between B2B and B2C when talking about cloud computing. Frankly I did not understand what they really meant. So, I asked them how they would define a “B2B cloud” versus a “B2C cloud”. Here is their explanation, but let me tell you right from the start, I’m not convinced.
A B2B cloud is, in their mind, a public cloud where a specific contract is signed between the customer and the cloud provider. I do know that Amazon for example, has a team recruiting what they call enterprise customers. Those customers are accepting legal terms and conditions (T&C’s) that are different from the standard ones on their website. By that definition, a B2C cloud relationship is one that uses the standard terms and conditions, you know the ones we all read before checking the box “Accepting Terms & Conditions”, the 15 or so pages that you can scroll through on a small window in the middle of your screen.
The debate quickly focused on the necessity to establish regulation to ensure the user would clearly understand what he is getting into when subscribing to a cloud service, and which type of customer should benefit from such regulation. To increase trust in public cloud it is critical that users are clearly made aware of who delivers the service and what it entails. Cloud service providers typically want to limit their liabilities. I can understand that. But many seem to hide behind complex legal jargon. So, their customers do not really understand the limitations and often discover them when the problem has happened.
Negotiate on your own terms.
When you can negotiate your own agreements, you have the possibility of better understanding what you will get and how to protect you from borderline T&C's. But the fundamental question is whether services can be separated between consumers and businesses. If not, the discussion becomes sterile as the same service does have both types of customers and requires the regulation anyway. Actually, are businesses and consumers using different services?
In my mind, the boundaries are blurring very fast. Yes, businesses probably do not use "angry birds", but many SMB's use Skype, office 365, window live, dropbox etc. Is LinkedIn a business or consumer service? And I could go on like that but you get my point. We had B2B and B2C in Web 1.0, and there it made sense. I’m not sure we can just take those concepts and apply them to web 2.0. The fundamental question is actually whether the public cloud can actually be trusted. That’s something I leave yuou to judge, but you’ll have to do your homework.
Shadow IT can be dangerous.
Particularly in larger enterprises, where IT may seem to lack the agility the business would like, users continue to use "shadow IT", risking to put the assets of the enterprise at risk, it's important that appropriate protections are put in place to limit exposure. Cloud service providers should understand that and avoid using T&C's that protect themselves while exposing their customers.
Education of cloud users is also long overdue. They need to understand what they expose themselves and their enterprises to when signing the proverbial T&C's that they all read completely before checking the box, right?
To conclude is there a difference between B2B and B2C services in the cloud. Not in my understanding. Customers may have different T&C’s for consuming the same service. But shouldn’t we make sure all customers are protected and know what the implications of their decisions are, even the ones that are not powerful enough to negotiate their own contracts? Do you disagree? Don’t hesitate to comment.