• Steve Jones - SSC Editor (5/7/2013)


    FunkyDexter (5/7/2013)


    I think it's a "right tool for the right job" scenario. Most of the folks who object to putting data in the cloud are thinking about mission critical and highly private data and I'd definitely agree that nobody should be pushing that stuff up to the cloud.

    But there's alot of data that isn't described by that. I recently worked at a company that had a need to allow geographically diverse users to be able to scan documents in and have those documents easily visible to other users. Essentially they were building up a knowledge base based on a set of their business documents. The documents weren't in any way private and the paper copies were still being archived off to a physical warehouse so data loss wasn't a significant worry either. For that scenario the cloud provided a level of convenience that probably couldn't have been achieved with the in-house infrastructure.

    Very true. As much as people want to say the cloud isn't safe, it's hacked, it won't work, that's only partially true. For some things it won't. For some it will.

    Cringe!

    As much as people want to say the cloud isn't safe, it's hacked, ... that's only partially true.

    No, that part is 100% true. It is also true that non cloud storage isn't safe, it's hacked and has similar risks. Never as many, see my note below.

    As much as people want to say the cloud ... won't work, that's only partially true. For some things it won't. For some it will.

    Your statement is true.

    What it comes down to is this. If my environment has a security risk of any kind, and if I expect my users to access data in the cloud, then the cloud contains all of the risks of the environment of the cloud vendor, plus all the risks of my enviornment! It is NEVER more secure if anyone inside my enviornment accesses it. It MAY BE more secure if all access to the cloud comes from OUTSIDE my enviornment because then my environment's flaws are irrelevant. That simply isn't how we typically use "cloud" resources in most businesses.

    We can debate things all we want, but the simple fact is that if someone hacks my systems, they may gain access to data. The same is true in the cloud. When we add them together we do NOT get increased security, we get less security. No matter what the vendor does, they have to allow access to the company contracting them to provide cloud services. By definition, that means that any flaws the customer has is still there. Hack in to the customer environemnt, piggy back to their cloud provider, you now have access to the cloud provider's systems. Hopefully just the ones that the customer contracted for, but all too often, all the other cloud vendor's customer data as well.

    Dave