I am fresh off a 10 day visit to SE Asia where I had a chance to teach a security workshop to IT and security folks from organizations throughout the region. There were folks from Thailand, Malaysia, Cambodia, Vietnam, Singapore, Papua New Guinea,  Brunei and other places.  It was a great opportunity to not only teach security, but to learn as well.

One of my observations is that while here in the US cloud security may be brought up as an obstacle to greater cloud adoption, in that region of the world not so much.  The IT culture there is already rich in outsourcing. The idea of outsourcing your data, hosting and security with it is not terribly upsetting. In fact the expectation is that the cloud or hosting provider would of course have better security than any one organization.  This was both refreshing and enlightening. It proves once again that once you get past control issues, service provider provided security is a superior choice in most instances.

The bigger obstacle to the cloud that I heard was the whole idea of Iaas vs PaaS, public versus private cloud, hybrid, etc. These are all still very new concepts. Virtualization itself is just starting to catch on.  I don’t know, maybe as they become better versed in all of these concepts, security will become more important. But I think not, as outsourcing is just so ingrained.

One thing that I did hear loud and clear though was the need for better log management solutions.  Many of the folks I spoke to were dismayed by the amount of information they were logging and even more dismayed by the fact that they really didn’t do anything with all of that information. It would seem that a log-as-a-service or log management service would be very well received there. Note to Alert Logic folks!

Anyway, my biggest lesson learned was that no matter in the US, in Europe or Asia, security admins face the same challenges. Getting budget approved, staying on top of the latest threats and understanding how security can better advance the goals of the organizations they work for.

Enhanced by Zemanta

Leave a Comment

Previous post:

Next post: