Mayday, Mayday, Mayday !

When your perception is cheeting you..........

Cloud Computing is complex, the internet is involved (thats the place where all the hackers life), your data are far away (you can probably not visit them in the data center and take the disks home).

On CloudCamp one of the artists called this way:

"You have a faster, better, more flexible and more state of the art solution. And nobody does understand it"

As with every new technology, every new approach there is a certain subjective perception of danger and trouble. Especially, when it comes to control over data.

We have to discuss security in general to get a better understanding of the underlying problem.

Data corruption, loss of data and issues with data integrity

Can have both internal and external sources. During Identity Management and Security Projects we found internal sources in a lot of cases as the root cause of fraud. Some experts call internal fraud as the reason for data loss / data integrity problems with not less than 50% chance. So, the problem is maybe behind your firewall.

One of the recommendations to solve this is a strict security management with data encryption for everything in the network and/or everything on disk.

The same rules are valid for any kind of date stored in the cloud: encryption and strict access control.

Cloud Evaporation

A serious problem, as  we see a consolidation trend from smaller to larger Clouds. You can get around this problem, when you follow standard rules of engagements. Have a look in frameworks like ITIL V3: There are such things like Vendor Management. There are strict recommendations, that you should have a clear, proven exit strategy before you start using a service. It is so easy and sweet like honey to just start to use a service without planning a complete lifecycle for the service. This is unprofessional, the negative effects will kill some of the early adaptors.

A joke (from CloudCamp)

You order a pizza via the internet. The complete transaction will be done via https. But you won't type your credit card number, as this is not secure. You will call them an provide the number by phone.

But we all know that phones can be wiretapped a lot easier than an https internet connection. This shows the perception problem in a very clear case...


Posted on: Mar 25, 2009

Posted by: Ralf Zenses

Category: Sun

Tags:

Permanent link to this entry

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed

This blog copyright 2009 by Ralf Zenses