Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The sum of all cloud security fears

J. Peter Bruzzese | Sept. 29, 2014
Resistance to the cloud is more emotional than technical, but gut reactions do matter

Lipson continued, "Most cloud computing companies are like experienced airline pilots." They are well trained, have alternate plans, and know the implications of a hack or crash on their bottom line.

At the same time, I still put the onus on the consumer to choose an elite security solution -- they aren't all equal. Before purchasing an on-premises system for storing and securing data, you must do a tremendous amount of research. Yet it seems that some people do very little research -- if any at all -- before moving their data to the cloud. That's a mistake, obviously.

You have to ask: What is the reputation of the company storing your data? Has it experienced a breach? How long ago? What SLA does the company provide? Is there encryption of your data both in motion and at rest? What recourse do you have should a hack occur? What if you wanted to get your data back?

What usually comes next -- it did last week -- is the cloud objector saying, "Even though I may not be able to give my organization the time and skill set perhaps that a cloud vendor could in terms of security, right now I'm a small fish that nobody is targeting. But if I put my stuff in the cloud, the vendor may be the target and I get caught in the data breach."

That's a plausible dilemma. Therein, as they say, lies the rub. You're the innocent bystander who does everything possible to ensure users are trained, make security a key objective, and choose a solid vendor. But a weakness is found in your provider, which is breached, and now your data is compromised. You're convinced that had you remained on-premises, this never would have happened.

It's hard to argue with that. Going to the cloud indeed takes a leap of faith, and only you can make it. You have to live with the decision, so ultimately you are convinced the security in the cloud is adequate -- or you aren't. If you're not, wait until you feel safe enough to make the move.

There's no need to bully folks into the cloud. It will happen in its own good time, when people feel safe enough entrusting their data to the cloud. It may take a good long stretch with no breaches (real or false) to create the trust the cloud is a safe place for your infrastructure and data to live.

That's an emotional decision, not a technical one. Be clear exactly what it is.

Source: InfoWorld


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.