as a consumer of the cloud, you absolutely have to know what is secure
SMH
Date July 26, 2012
Matthew Hall
Experts don't often agree, especially in IT, but when it comes to cloud security it appears some finally do.
Is cloud computing secure? It depends, is the answer.
It is also the reason why the Open Data Center Alliance (ODCA), an organisation that counts BMW, Deutsche Bank, Disney and National Australia Bank as members, is still attempting to end ambiguity and define cloud security stardards for businesses. An assurance model proposed by the ODCA a year ago, is still under revision, after a proof-of-concept threw up more questions than it answered.
The term cloud computing refers to computer resources that can be turned on or off and scaled up or down, depending on demand. It is increasingly used by businesses to supplement or replace their on-site computing facilities, but questions about who has access to data held in the cloud and how robust its protection mechanisms remain contested.
"The biggest problem with the cloud is that you cannot get a consistent definition of what is secure," said Matt Lowth, National Australia Bank's principal security architect. "And if I can't get the same answer from three different vendors, how do I know what secure is?"
Lowth, speaking at an ODCA panel on cloud security in New York last month, added that different industries had different expectations and definitions of security, complicating the issue.
"Security depends on what you are after," he said. "For an advertising site or a marketing site, cloud is perfectly secure. It does the job. On the flip side, if you are a military type of business it is probably not secure enough. There's lots of stuff out there that if you had it compromised, people's lives are at risk. I guess, 'it depends' is the answer to whether the cloud is secure."
Is cloud computing secure? It depends, is the answer.
It is also the reason why the Open Data Center Alliance (ODCA), an organisation that counts BMW, Deutsche Bank, Disney and National Australia Bank as members, is still attempting to end ambiguity and define cloud security stardards for businesses. An assurance model proposed by the ODCA a year ago, is still under revision, after a proof-of-concept threw up more questions than it answered.
The term cloud computing refers to computer resources that can be turned on or off and scaled up or down, depending on demand. It is increasingly used by businesses to supplement or replace their on-site computing facilities, but questions about who has access to data held in the cloud and how robust its protection mechanisms remain contested.
"The biggest problem with the cloud is that you cannot get a consistent definition of what is secure," said Matt Lowth, National Australia Bank's principal security architect. "And if I can't get the same answer from three different vendors, how do I know what secure is?"
Lowth, speaking at an ODCA panel on cloud security in New York last month, added that different industries had different expectations and definitions of security, complicating the issue.
"Security depends on what you are after," he said. "For an advertising site or a marketing site, cloud is perfectly secure. It does the job. On the flip side, if you are a military type of business it is probably not secure enough. There's lots of stuff out there that if you had it compromised, people's lives are at risk. I guess, 'it depends' is the answer to whether the cloud is secure."
Photo: Hector Casanova