Google's flub: Do we have a Web monoculture too?
Search giant had a rough weekend, with human error causing it to list the entire Web as malware for an hour or so. The screw-up raises issues about the risk of having a monoculture dependent on any one tech supplier.
Google tagged the Web as malware on Saturday and was rendered useless for about an hour. The search giant blamed the incident on human error.
Was the ruckus overoverblown? Possibly. But to many folks, Google is the window to the Internet. If folks can't google something, they are simply lost. That fact alone probably qualifies Google as a Web monoculture, although it may be a touch premature to make a definitive call. However, Google touches everything, and frankly that's a bit worrisome.
In security circles, monoculture is a key concept. Roughly speaking, whenever a technology--Windows, for instance--is dominant it becomes a big target to attack. You attack the target and wreak a lot of havoc. Windows is a monoculture. If Windows is wrecked, the damage is far and wide just because of market share.
ZDNet blogger Ryan Naraine in his Google coverage on Saturday foreshadowed the monoculture question. He said the Google incident "provides a harsh lesson on our total dependence on a single vendor/search provider." Is Google a monoculture? If Google isn't a Web monoculture today, it soon will be. Google is becoming a search monopoly, and it can extend that dominance into other areas. Just look at the reaction to its malware screw-up. There was one hour when we couldn't use Google--and everyone noticed quickly. If Ask.com--or Live Search for that matter--had a similar malware tagging glitch, the hubbub wouldn't have existed.
What's worrisome is that monocultures exist everywhere. The goal for every IT vendor is to become your monoculture. Windows is a monoculture. In enterprise software, there's SAP and Oracle--that's a duopoly, but depending on the company, one of those two suppliers runs the business. Cisco Systems is a networking monoculture. Pick an industry or technology, and there's some form of lock-in.
And the pressure for enterprises to become a monoculture is immense. How many times have you heard some CIO yapping about standardizing on one technology because it's allegedly more cost effective? When it comes to vendors, they want one throat to choke. The downside: what you save in costs and complexity you lose in immunity.
Without diversification, companies are at risk. In this respect, all companies should diversify a little. Say Windows is attacked and effectively wiped out. The all-Windows shop is wiped out too. But if that company is 80 percent Windows, 15 percent open source, and 5 percent Mac, suddenly the prospects look better.
If you take this argument to the Web, the implications are clear. We should all diversify from our Google habit at least a little. Ditto if you're a small business totally reliant on Salesforce.com. In fact, any technology supplier--Web, SaaS, on-premise or otherwise--that represents more than 90 percent of your infrastructure portfolio needs some competition.
The monoculture issue is a lot like a pure-bred dog with health issues. Take golden retrievers or black labs. They are popular dogs. And they are bred too much. They have bad hips, arthritis, and a host of other ailments. If you want a healthy dog, you get a mutt. Your IT infrastructure should be a little bit of mutt too. Diversify your apps and providers whenever possible even if it's only to keep the big dogs honest.
Perhaps the reaction to Google's bad weekend was overblown, but it's always a good time to ponder how monoculture affects your IT infrastructure.