Archive
IT Security: Still Hot & Cloudy!
This a refresh of an older, but still relevant, post I did last year about security and cloud which remains mostly true even today. The origin and subject of the post was from an event on IT security at the BCS Chartered institute for IT which featured 3 speakers on IT Security and Cloud.
I said back then that if I was a betting man, I’d wager the IT security industry was on the brink of a major revolution on the back of the Cloud, and indeed that still appears to be the case today. In fact, the question asked then of how many people in the audience actively used the cloud will have many more hands raised in response, if asked today, mainly because people are much more aware of the cloud then before. Which is not to say that the cloud has completely become front and centre; it still exists rightfully behind the scenes, powering various services that may still be taken for granted by the consumer, however some more recent services are also leveraging increased awareness of cloud by consumers and positioning themselves directly as cloud services. E.g. think Apple’s iCloud or Amazon’s Cloud drive for instance.
But I digress, what’s this got to do with IT Security you ask? The answer is very simple, if the cloud is really a behind-the-scenes enabler, then cloud security should also be behind the scenes right? But I still have this uneasy feeling, that we’ll yet see someone get sued over security breaches emanating from the Cloud. How long will it be before we get cloud compliance and cloud security risk assessment models, regulations and perhaps even exotic insurance policy for Cloud based services? Furthermore, the Internet (and consequently the cloud) is essentially borderless technology, which means that various national and international data governance regimes may have a thing or two to say about where data is stored – assuming it can be found in one place! This could well be a nightmare in the making for eDisclosure and/or eDiscovery.
Finally, apparently some clever Silicon Valley types are actively seeking ways to commoditize the cloud, and cloud based services, such that it can be traded as a financial instrument. Hmmm, now where did we see that one before (does Collateralized Debt Obligation ring a bell)? Suffice it to say there’s a lot of food for thought when it comes to Cloud Security, and far better qualified people than I have pondered, spoken and written about it (e.g. see my review of an excellent book about Cloud Security), so I shall just leave well enough alone.
To conclude, I dare say that cloud has come a long way since last year, especially in the minds of consumers, and it is looking likely to stay that way for a while yet, or at least until the next big hot topic strikes the zeitgeist. We can only wait and see.
Note: This post is brought to you in partnership with Intel(R) as part of the “Technology in tomorrow’s cloud & virtual desktop” series. For more information please click – HERE
Digital Content and the Cloud
This is first in a series of posts about cloud computing and digital content which will look at some of the immediate impact, as well as emerging and potential future trends of digital content in the context of cloud computing.
Digital Content in Cloud
Once upon a time, it was normal expectation and practice to run a decent-sized content business entirely from your own servers, storage and website. Nowadays this is not necessarily part of the conversation, even for small content businesses, as a result of the pervasive awareness of this thing called cloud and all the benefits it can deliver to the bottom line. The obvious advantages (e.g. scale, flexibility and reach) far outweigh most of the real and perceived disadvantages, but for content businesses, and I mean those businesses that rely on digital assets for their livelihood, this is a critical step with an intolerably high cost of failure.
In order to play in this field, content businesses must make it a point to ensure they are well placed and able to handle challenges posed by certain key aspects of doing business in the clouds, so to speak. These include:
- Storage – Along with the vast compute power, virtually unlimited storage is one of the key calling cards of the cloud optimist or evangelist. It is a compelling argument but there are still some key operational challenges to be faced in dealing with the vast amount of content stored in the cloud.
- Security – Cloud security is a staple topic of criticism by those I would refer to as cloud pessimists, but even now it is still way too early to tell which way the dice will fall on this one
- Collaboration – the ability to collaborate over space and time is another key attraction of cloud for content creators, business users and the even consumers (e.g. for User Generated Content)
- Intellectual property – The ability to monitor and enforce IP rights is a slow burner of an issue which will only get hotter as the more immediate challenges get resolved
- Emerging Usage models – The content industries face a major challenge dealing with constantly changing user needs and behaviours, (e.g. in the social context) resulting in the need for a highly flexible business model to cope with the onslaught; and this in my opinion, is where cloud technologies can really help enable the businesses of tomorrow
These and other related topics will form the main subjects for discussion in my subsequent posts for this series. In the meantime, I’d like to reiterate that the opinions expressed in this post and in the subsequent series of posts (and indeed my entire blog), are strictly mine and do not in anyway reflect the views of my employer, Capgemini, or the BCS Chartered Institute for IT.
DISCLAIMER: This post is brought to you in partnership with Intel(R) as part of the “Technology in tomorrow’s cloud & virtual desktop” series.
IT Security is Hot & Cloudy!
Wednesday’s BCS event on IT security certainly made that point on many different levels. If I was a betting man, I’d wager that the IT security industry is on the brink of a major revolution, on the back of that vague and fluffy thing called the Cloud.
Case in point, my question of how many people in the audience actively use the Cloud saw only a pitiful couple of hands raised. However when put in another way, by one of the presenters, i.e. how many people used Android phones for example; a few other hands went up along with looks of dawning comprehension. The Cloud rightfully exists behind the scenes, powering various services that are often taken for granted by the consumer, and the Android example simply confirms that in spite of all the buzz, your common, garden variety, consumer has little understanding or interest in this techie catnip known as cloud computing. And who can blame her, after all was it not the same geeky fads that brought us other similar buzzwords as: Application Service Provider (or ASP), Grid computing, and heck even Web 2.0?
But I digress, what’s this got to do with IT Security you ask? The answer is very simple, if the Cloud is really a behind-the-scenes enabler, then Cloud security should also be behind the scenes; but I get this uneasy feeling in the pit of my stomach (no, not from eating too many nibbles after the event), that it won’t be long before someone gets sued over some security breach emanating from the Cloud. How long before we get Cloud Compliance and Cloud Security Risk Assessment models, regulations and perhaps even some exotic insurance policy for Cloud based services? Furthermore, the Internet (and consequently the Cloud) is essentially borderless technology, which means that various national and international data governance regimes may have a thing or two to say about where data is stored – assuming it can be found in one place!
Finally, we also learnt that some clever Silicon Valley types are actively seeking ways to commoditize The Cloud, and Cloud based services, such that it can be traded as a financial instrument. Now where have we seen that one before – does Collateralized Debt Obligation ring a bell? Suffice it to say there’s a lot of food for thought when it comes to Cloud Security, and far better qualified people than I have pondered, spoken and written about it (e.g. see my review of an excellent book about Cloud Security), so I shall just leave well enough alone.
Aside from the cloudy issue of cloud security (sic), the event provided many opportunities for attendees to hear and debate other key topics of interest in IT Security, and our four speakers did a great job of keeping people engaged throughout. More information, including presentation slides, can be found on the BCS NLB website.
Judeumeh's Blog 