IT Security: Still Hot & Cloudy!
This a refresh of an older, but still relevant, post I did last year about security and cloud which remains mostly true even today. The origin and subject of the post was from an event on IT security at the BCS Chartered institute for IT which featured 3 speakers on IT Security and Cloud.
I said back then that if I was a betting man, I’d wager the IT security industry was on the brink of a major revolution on the back of the Cloud, and indeed that still appears to be the case today. In fact, the question asked then of how many people in the audience actively used the cloud will have many more hands raised in response, if asked today, mainly because people are much more aware of the cloud then before. Which is not to say that the cloud has completely become front and centre; it still exists rightfully behind the scenes, powering various services that may still be taken for granted by the consumer, however some more recent services are also leveraging increased awareness of cloud by consumers and positioning themselves directly as cloud services. E.g. think Apple’s iCloud or Amazon’s Cloud drive for instance.
But I digress, what’s this got to do with IT Security you ask? The answer is very simple, if the cloud is really a behind-the-scenes enabler, then cloud security should also be behind the scenes right? But I still have this uneasy feeling, that we’ll yet see someone get sued over security breaches emanating from the Cloud. How long will it be before we get cloud compliance and cloud security risk assessment models, regulations and perhaps even exotic insurance policy for Cloud based services? Furthermore, the Internet (and consequently the cloud) is essentially borderless technology, which means that various national and international data governance regimes may have a thing or two to say about where data is stored – assuming it can be found in one place! This could well be a nightmare in the making for eDisclosure and/or eDiscovery.
Finally, apparently some clever Silicon Valley types are actively seeking ways to commoditize the cloud, and cloud based services, such that it can be traded as a financial instrument. Hmmm, now where did we see that one before (does Collateralized Debt Obligation ring a bell)? Suffice it to say there’s a lot of food for thought when it comes to Cloud Security, and far better qualified people than I have pondered, spoken and written about it (e.g. see my review of an excellent book about Cloud Security), so I shall just leave well enough alone.
To conclude, I dare say that cloud has come a long way since last year, especially in the minds of consumers, and it is looking likely to stay that way for a while yet, or at least until the next big hot topic strikes the zeitgeist. We can only wait and see.
Note: This post is brought to you in partnership with Intel(R) as part of the “Technology in tomorrow’s cloud & virtual desktop” series. For more information please click – HERE