Enterprise IT Watch Blog

Feb 22 2011   2:29PM GMT

The Cloud Security Boogeyman



Posted by: MelanieYarbrough
Tags:
Cloud security
Outsourcing

There’s quite the reaction across the blogging community today to a particular article by ComputerWorldUK: Cloud computing is just outsourcing, says Information Security Forum. The article quotes Adrian Davis, principal research analyst at ISF, from his speech at (ISC)2 SecureLondon Conference, including this bit about the insecurity involved in trusting cloud security to providers:

“If you don’t know the classification or sensitivity of information, how do you judge what goes in the cloud and what doesn’t? How does the cloud service provider back up and destroy the information? Is there proof that everything they do happens?” Davis said.

While the issue at hand seems to be that most people disagree with the assumption that cloud services are another form of outsourcing – like David Lacey, who also attended (ISC)2, disagrees in his own IT Security blog – there is another aspect of assumptions and fear-mongering happening here. While I would agree with the caution that Davis is strongly suggesting the enterprise exercise, it seems more users would benefit from being educated on the ways to avoid his seven deadly sins rather than having a finger wagged at them. Mike Vizard blogged about one motivation for raising security concerns related to the cloud:

In face, most of what gets ascribed to security in the cloud are really data management and compliance issues, or simply deliberate attempts to create concern over security as part of an effort to protect jobs that might be threatened by cloud computing.

Is that a fair assessment? Is there simply a lack of understanding surrounding the technology that has spun off into a misunderstanding of security surrounding that technology? How do you respond when you hear negativity toward cloud security: Do you run away or desire to learn more about how to avoid common pitfalls?

Let us know in the comments section or send me an email at Melanie@ITKnowledgeExchange.com.

Melanie Yarbrough is the assistant community editor at ITKnowledgeExchange.com. Follow her on Twitter or send her an email at Melanie@ITKnowledgeExchange.com.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: