SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Lots of Security Concerns

By Steve Jones,

This past week I found more security headlines appearing that bothered me than I have most other weeks. I think I still have a little hangover from the Heartbleed bug that was reported last month. The only good thing is that researchers are using the bug to look for the bad guys. A reminder that trying to exploit this for fun is probably not a good idea.

Security certainly has changed, and rapidly, and it seems as though we are going backwards. In addition to criminals and hackers using bugs to attack us, we potentially have law enforcement, or even border guards that may look through our devices. I certainly hope this is struck down, though even if it isn't legal, that might not help you when you cross a border or are stopped in front of an office. It makes me think we more and more need a way to wipe our devices quickly and easily, but then reload them from backups. I'd love to see someone provide a way to do this that might not allow immediate restores in sticky situations. Maybe the iTunes, "connect to a computer" isn't such a bad idea.

Cloud computing security also had a bit of a setback when a judge ordered Microsoft to comply with a subpoena. A US judge is asking a US company to comply with US law about data stored overseas. This is disconcerting, though to be clear, this is a potential discovery action from US plaintiffs and defendents. It is disconcerting, however, for companies that are looking to some sort of cloud service. I'm glad to see Microsoft isn't just letting this go and is looking to appeal this and seek higher courts that can make rulings about digital information and having any handling of this data be consistent with analog data.

This is even more disconcerting as a survey about encryption use in the cloud found many people expecting the cloud provider to manage encryption. No, no, no, no, this isn't what we want. Companies need to manage and secure their own data, including their own encryption keys.

Perhaps it doesn't matter if you're in the cloud or not. After all, most employees think their employers do a poor job of securing their own systems. Could the cloud be that much worse?

Total article views: 94 | Views in the last 30 days: 1
Related Articles

Cloud Safety

Is the cloud secure? How can you be sure? Steve Jones talks a little about some ways you can try to ...


Cloud Security

In case you hadn’t noticed I’ve recently started looking at the cloud and what it entails. Well one...


Cloud Security Issues

The cloud is always going to be a challenge for security, but is it harder or easier than on premise...


Cloud Storage Security: Are You Doing Your Part?

If the level cloud storage encryption are so high, then why is the cloud security industry experienc...


Cloud Concerns

Security is a concern in the cloud, but should it be your number one concern? Steve Jones notes that...