SQLServerCentral Editorial

Lots of Security Concerns

,

This past week I found more security headlines appearing that bothered me than I have most other weeks. I think I still have a little hangover from the Heartbleed bug that was reported last month. The only good thing is that researchers are using the bug to look for the bad guys. A reminder that trying to exploit this for fun is probably not a good idea.

Security certainly has changed, and rapidly, and it seems as though we are going backwards. In addition to criminals and hackers using bugs to attack us, we potentially have law enforcement, or even border guards that may look through our devices. I certainly hope this is struck down, though even if it isn't legal, that might not help you when you cross a border or are stopped in front of an office. It makes me think we more and more need a way to wipe our devices quickly and easily, but then reload them from backups. I'd love to see someone provide a way to do this that might not allow immediate restores in sticky situations. Maybe the iTunes, "connect to a computer" isn't such a bad idea.

Cloud computing security also had a bit of a setback when a judge ordered Microsoft to comply with a subpoena. A US judge is asking a US company to comply with US law about data stored overseas. This is disconcerting, though to be clear, this is a potential discovery action from US plaintiffs and defendents. It is disconcerting, however, for companies that are looking to some sort of cloud service. I'm glad to see Microsoft isn't just letting this go and is looking to appeal this and seek higher courts that can make rulings about digital information and having any handling of this data be consistent with analog data.

This is even more disconcerting as a survey about encryption use in the cloud found many people expecting the cloud provider to manage encryption. No, no, no, no, this isn't what we want. Companies need to manage and secure their own data, including their own encryption keys.

Perhaps it doesn't matter if you're in the cloud or not. After all, most employees think their employers do a poor job of securing their own systems. Could the cloud be that much worse?

Rate

You rated this post out of 5. Change rating

Share

Categories

Join the discussion and add your comment

Share

Rate

You rated this post out of 5. Change rating

Related content

SQLServerCentral Editorial

Mini-Me

Will the next version of Windows be a "Mini-Me" version of Vista? Who knows, and it's too early to tell, but apparently there's a mini-kernel version of Windows 7, the one after Vista, which fits into 25MB on disk. That's a touch lower than the 4GB that Vista takes up. Granted it's not a full […]

You rated this post out of 5. Change rating

2007-10-25

105 reads

SQLServerCentral Editorial

An Hour in Time

Daylight Savings time switches a little later this year. In fact it's November 4th this year, after having been in October for all of my life. In case you don't remember which way we move the clocks, here's a saying: Spring forward, fall back.

5 (1)

You rated this post out of 5. Change rating

2007-10-17

216 reads

SQLServerCentral Editorial

Software is Like Building a House

One of the really classic analogies in software is that it's like building a house. You have a foundation, multiple teams, lots of contractors that specialize in something, etc. And it's an analogy that's debated as to its relevance over and over. I won't go into the correctness of this analogy, but I wanted to comment on it.

You rated this post out of 5. Change rating

2012-10-08 (first published: )

331 reads