Bill Brenner and CSO Online in partnership with CIO Magazine and PriceWaterhouseCoopers have published their Eighth Annual Global Information Security Survey . One of the findings of the survey as reported on by Brenner is that many companies while seeing the benefits of the cloud are hesitant to move to the cloud because of security. Bill actually spoke to 3 or 4 CIO/CISO’s about this and has some interesting reports.

While this type of finding is not new by any means, I am surprised that we are not yet seeing some of this FUD dying down. One information security officer besides worrying about the reliability of Cloud networks (I am not sure I agree that they are less reliable then most LANs), worries about who cloud providers are hiring. That doesn’t seem like a immovable rock of a problem. Should be pretty easy to find out what kind of background checks and access your cloud provider performs.  Of course there was the recent case with Google, but for the most part, I just don’t see this as anything more than the red herring it is. Sounds like a case of the people who like to say “no” to me.

Another person interviewed did have an interesting twist. He was a CSO in a large financial company.  His comment was that until the Security and Exchange Commission ruled on what type of data could be stored in the cloud and what the reporting requirements were, he was hesitant to put anything there. Until he can get some answers I don’t think you can blame him. To me this is a case of where the law and regulations have to catch up to the technology. In such a regulated industry as finance, that view is perfectly logical and justified. It may take some time to catch up, it often does.

The third person in Bill’s article was more typical of what we see a lot of with the cloud security bogeyman”. He was with the USTA.  While they do not use the cloud for any of the thousands of transactions they perform with tickets to events and stuff, he has no problem putting the USTA’s back end office, including financial into the cloud.  I am not sure which pieces of the transaction puzzle he thinks are not secure in the cloud, while he does think it is secure to keep such data as their financials.

With all of this though, here is the thing. Cloud security concerns are sometimes valid and sometimes exaggerated. But what we seem to never hear from are people who have put their trust in the cloud and have lived to regret it.  If any of you are out there reading this, please comment and let us know your experience.

Enhanced by Zemanta

{ 1 comment… read it below or add one }

cloud computing May 27, 2012 at 2:48 am

Well, I would have to say that there is always going to be loopholes, security flaws and risks. I mean think about credit card risks, yet everyone use them. I think the best way some one will use cloud computing and not be at risk is to work with a provider that they actually trust and not hear bad things about them and have more than enough money so people don't have to worry about them data mining, because they have no life or money and need ideas. But regardless, the cloud is something that people will want as tablets and mobile in as they have and will only increase if everyone ends up turning into a robot.

Reply

Leave a Comment

{ 1 trackback }

Previous post:

Next post: