All the recent hoopla about cloud security overlooks an important point, which is that it's not strictly a cloud problem. The linkage of online services into cooperative chains creates the risk, and only biometrics and federation of providers can save us.
I think that's exactly the issue, Kim. The question is whether you can change the size of an "attack surface" by adding things to it, including security itself. Doesn't more stuff just make the surface bigger? It seems to me that we have a new vision in the cloud, a vision of cooperative experiences that combine elements from multiple sources. That combination process is inherently a major risk unless you make the mechanism highly secure intrinsically. Arguably this is a "federation" issue because all clouds are federations of multiple parties, and we are IMHO absolutely nowhere with cloud federation.
I think those are good questions, tintolou, and ones that can be expressed in a single point; "are best practices for security adequate for the cloud"? If so, then we can train and organize people to address cloud security. If not, then we need different security tools or different cloud architectures that are inherently more secure.
IMHO, it's the latter. I think that cloud security is different because the cloud opens a new level of risk...likely several new levels...and also exacerbates pretty much all of the current network and IT application risks. My view has always been that cloud computing has to be more than IaaS hosting, it has to be a whole new conception of IT and applications. That new conception has to integrate security and not tack it on. Think of the cloud as distributed SOA combined with distributed resources and you can quickly realize that we don't know how to make two indefinites combine in a definite, predictable way. Given that, we can't secure the combination.
Yes, Tom! To mix metaphors, that ever-lengthening chain is what I think NIST was getting at when it referred to the very large attack face of cloud systems.
I agree, Mary; I think that the real security culprits are the inherent anonymity of the Internet and the growing tendency to link things, which creates a secruity chain that's weaker simply because it's longer. The cloud has security issues but they're not in the main the problem we experience (they're the problem to come!)
Thanks Tom for reminding us how cloud services don't exist in a vacuum but connect to other online access points that need to be secured. Pointing the finger at cloud services as the weak point is inviting trouble, IMO, since it fails to see the big picture. Sometimes it's not the cloud that's insecure, it's the user, the data, or the contract with the provider.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
Subsidized handsets, rather than locked handsets, should be the focus of regulators. We're not getting good deals, not fostering innovation, and weakening our power as buyers.
50 billion household devices will be on the Internet by 2020, according to Cisco. And we're hearing foreign governments are hacking our infrastructure. Surely our refrigerators are next!
YouTube's move to a partial pay-for-view model could help relieve a dearth of good new content but it could also complicate debates in many parts of the world over payment by content providers for delivery of their material to customers.
That's what Larry Page said on Google's earnings call, referring to the conjunction of mobile and the cloud. Well, let's chart it then! We need to be thinking about an Internet where 90% of our traffic goes to 70 destinations within 40 miles of us.
Facebook's Graph Search may face some profound challenges and risks, first, because Facebook users haven't been thinking of their posts as product reviews; and second, because Facebook will now have to contend with the social-network equivalent of SEO "gaming" of results.
EU operators are considering joining up to create a pan-European network to reduce competitive overbuild and cost. This might lower costs and focus operators on higher-level, more interesting services.
Enterprises are discovering that using social networking within the secure setting of a SaaS provider's network gives them an unusual opportunity to freely collaborate with partners, suppliers, and even competitors.
Microsoft's recent decision to bundle its Office software with business partner offerings indicates that cloud software may be in the news, but licensed packages are still in demand for failover.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Multi-tenant clouds assure security for clients, but not necessarily for their ideas. Here's one thing you should discuss with your cloud provider before you sign on.
The Amazon smartphone rumor and the Apple mini-iPad rumor show that the mobile device giants think they have to be in all the device spaces to win. Why? Because the cloud can create an ecosystem where every device can cooperate to support the user, and if you don't supply all the devices you miss out on the total value.
Less than a year ago, we were debating whether private or public cloud would prevail. Private cloud now appears to be a clear favorite. The reason? Organizations of all sizes are getting comfortable with cloud, and vendors are providing solutions that make the adoption of private cloud straightforward and less risky.
65% of CIOs are on board with cloud, but 55% are still thinking about it. Risk is the major barrier to entry. Cloud purveyors can help to address this by providing turnkey cloud solutions targeted at specific vertical industry markets.
Security issues are all over the media today, along with condemnation of hackers who "create" them, but the sad truth is that only one enterprise in eight says it would submit to a public security audit. We need to get serious about this issue as we head into the cloud era.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
M2M: Rise of the Machines? Not Yet David Weldon In the 1970 science fiction thriller Colossus: The Forbin Project, two giant supercomputers from the United States and Soviet Union secretly join forces to take control of the collective nuclear might of the two countries. In the film, the two machines discover each other's existence, communicate back-and-forth, share their collective data, and cut their human creators out of the process. It is the ultimate example of machine-to-machine communications, or M2M. CLICK FOR MORE
Email This
