Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
Log in  ::  Register  ::  Not logged in

Lots of Security Concerns

By Steve Jones,

This past week I found more security headlines appearing that bothered me than I have most other weeks. I think I still have a little hangover from the Heartbleed bug that was reported last month. The only good thing is that researchers are using the bug to look for the bad guys. A reminder that trying to exploit this for fun is probably not a good idea.

Security certainly has changed, and rapidly, and it seems as though we are going backwards. In addition to criminals and hackers using bugs to attack us, we potentially have law enforcement, or even border guards that may look through our devices. I certainly hope this is struck down, though even if it isn't legal, that might not help you when you cross a border or are stopped in front of an office. It makes me think we more and more need a way to wipe our devices quickly and easily, but then reload them from backups. I'd love to see someone provide a way to do this that might not allow immediate restores in sticky situations. Maybe the iTunes, "connect to a computer" isn't such a bad idea.

Cloud computing security also had a bit of a setback when a judge ordered Microsoft to comply with a subpoena. A US judge is asking a US company to comply with US law about data stored overseas. This is disconcerting, though to be clear, this is a potential discovery action from US plaintiffs and defendents. It is disconcerting, however, for companies that are looking to some sort of cloud service. I'm glad to see Microsoft isn't just letting this go and is looking to appeal this and seek higher courts that can make rulings about digital information and having any handling of this data be consistent with analog data.

This is even more disconcerting as a survey about encryption use in the cloud found many people expecting the cloud provider to manage encryption. No, no, no, no, this isn't what we want. Companies need to manage and secure their own data, including their own encryption keys.

Perhaps it doesn't matter if you're in the cloud or not. After all, most employees think their employers do a poor job of securing their own systems. Could the cloud be that much worse?

Total article views: 93 | Views in the last 30 days: 2
Related Articles

Cloud Safety

Is the cloud secure? How can you be sure? Steve Jones talks a little about some ways you can try to ...


Cloud Concerns

Security is a concern in the cloud, but should it be your number one concern? Steve Jones notes that...


Cloud Storage Security: Are You Doing Your Part?

If the level cloud storage encryption are so high, then why is the cloud security industry experienc...


The Cloud

I was interested to hear about Microsoft providing some services and storage in the "Cloud." I remem...


Reaching for the Clouds

This past week's news had a lot of news about cloud computing and Steve Jones comments on a few data...


Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones