You can't secure what you don't acknowledge.SM

Friday, April 26, 2013

Clueless in the cloud - think before you act

A recent Network World piece about an RSA 2013 panel that covered cloud forensics and whether or not your cloud providers will be able to come through for you in the event of a lawsuit or breach bringing some critical pitfalls of cloud computing. 

Two things are certain:
  1. If you're lucky enough for your business to be around for the long haul, odds are that it'll ultimately be hit with a lawsuit or a breach in some capacity, some way, that will involve a cloud provider. And...
  2. Your cloud providers won't be prepared to help you out. At least in the foreseeable future.
In an era where cloud providers still believe "security" is a SSAE 16 checkbox, we've got a looong way to go before they're going to be in a position to help us in even greater capacities such as these. They simply don't have the means nor the incentive.

I can't stress this enough: unless you want to appear foolish, think through the security, legal, and business aspects of cloud computing before you fall for the marketing hype and jump on the bandwagon.

I've written pieces with more insight and prescriptive cloud advice here. Take it slow and good luck.

No comments:

Post a Comment