While it’s frightening, it doesn’t really damn cloud computing any more than the private data center. When these hackers can go after companies, law enforcement even the CIA, for goodness sakes, if you’re sitting there thinking you’re somehow more secure because you control the data center, you are sadly mistaken.
The fact is it’s a systemic problem to which nobody is immune, regardless of where you store your data or who you are. It’s clear that the people charged with architecting the Internet have to take a long look at what they’ve been doing because it’s clearly no longer working, not when these hackers can take down sites or get inside systems with impunity virtually at will.
It’s easy to point to cloud computing in times like these and suggest that these companies are somehow more vulnerable than a private data center, but as these hackers have shown, they are equal opportunity disruptors and until we find a way to secure the internet, these guys are going to continue to attack simply because they can.
If the Internet establishment needed a bigger wake up call, I’m not sure what its. Companies like Google, Facebook, Microsoft, Amazon, Apple and so forth should be working together to create a more secure environment. In the current atmosphere, everyone loses, and it gives more credence to the purveyors of good old-fashion cloud FUD (fear, uncertainty and doubt).
Chances are, when you sit in a conference, you’ll hear the anti-cloud arguments and the anti-cloud crowd almost always plays the security card. They won’t come out and just say it of course, but they’ll hint at a lack of security and suggest that on-premises software might be (in hushed tone) “the safer choice.”
But the fact is that unless you want to shut down the Internet and have no contact whatsoever with the outside world–and even then I’m not sure you’re safe–you are going to have to live with the possibility of being hacked along with every other organization on the planet.
This is by no means an ideal situation, but it absolutely is a level playing field. If a hacker can penetrate the CIA with all of the security fail-safes I’m imagining it must have in place, it tells you that the system as currently constructed needs a complete overhaul.
So if we are going to have a conversation about the issues we are having these days, let’s agree that whether you’re a cloud vendor or the CIA doesn’t really matter. What we need to do is find a solution to the larger security problem affecting everyone instead of creating a false argument that one approach is safer. The fact is that your data is probably vulnerable no matter where it is, and until we address that issue, we are going to continue to have these problems.
Photo by gwire on Flickr. Used under Creative Commons License.