Wednesday, December 17, 2008

Cloud Security: Eliminate humans from the "Information Supply Chain on the Web"


My upcoming article, part - 3 data center predictions for 2009, has a slideshot talking about the transition from the current age to the cloud computing age to eventually the ideation age- the age where you will have clouds that will emote but they will have no internal employees.

Biggest management disasters occur because internal folks are making a mess of the playground.

Om's blog is carrying an article about Cloud security and it is rather direct but also makes a lot of sense:

I don’t believe that clouds themselves will cause the security breaches and data theft they anticipate; in many ways, clouds will result in better security. Here’s why:

  • Fewer humans – Most computer breaches are the result of human error; only 20-40 percent stem from technical malfunctions. Cloud operators that want to be profitable take humans out of the loop whenever possible.
  • Better tools – Clouds can afford high-end data protection and security monitoring tools, as well as the experts to run them. I trust Amazon’s operational skills far more than my own.
  • Enforced processes – You could probably get a co-worker to change your company’s IT infrastructure. But try doing it with a cloud provider without the proper authorization: You simply won’t be able to.
  • Not your employees — Most security breaches are committed by internal employees. Cloud operators don’t work for you. When it comes to corporate espionage, employees are a much more likely target.

So where are the risks?



Source
and here's Guardian's post.

No comments yet