Network World
Saturday, November 22, 2008
DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Mitchell Ashley: Converging on Microsoft

Microsoft Subnet
NetworkWorld.com > Community > Mitchell Ashley: Converging on Microsoft

Navigation

Do You Trust The Cloud?

By Mitchell Ashley on Thu, 07/31/2008 - 7:20am.

SaaS, PaaS, Software+Services, and now Microsoft's Midori (next gen OS) all spark the debate of whether our data is secure in the cloud. In a Slashdot discussion, debate quickly switched from discussing Midori into the distrust of storing personal data in the cloud. A Business Week article sited security of your data #4 on its list of myths about SaaS. At some point, and some point soon, we're going to have to address the security concerns of cloud services, cloud storage and how customers know their data is secure.

Will we see a major security breach of a cloud service, such as Amazon EC2/S3, Salesforce, Google Web Engine Services or other cloud service? As critical mass builds in cloud services, those looking to exploit security weaknesses for financial gain will also shift their focus to weak points and weak services who haven't properly protected against vulnerabilities and exploits. Look at the recent DNS flaw and how much attention its garnered by vendors encouraging admins to upgrade for a fix. How many attacks have been launched during that window of confusion about which DNS systems needed fixing and whether they actually were patched or not?

There are many security impacting regulations and audits (SOX, HIPAA, SAS70) but in my view VISA's PCI is one of the most practical and thorough as it gets down to brass tacks about access control, and securing networks and servers. But unless you are processing or retaining credit card data, PCI isn't required. Do we need a national Cloud PCI type security standard? With more access, e.g. cloud, mobility, and SaaS, we'll need better, tighter and rigidly applied security standards in order to both secure data and maintain the trust of users.

It's time to begin addressing security of the cloud before the bad guys force us to do so.

Like this? Here are some of Mitchell's recent posts.

Symantec & McAfee Finally Get Run For Money

SaaS, If It Was Easy, Everybody Would Be Doing It

Another Cuil Search Engine On The Block

Microsoft Cloud Initiative Announcement Looming

Podcast/Video: Xobni & Co-Founder Matt Brezina

Is Live Search Making Headway Against Google?

Product Reviews:
Microsoft Live Mesh Google App Engine
LiveNewsCameras.com Xobni Outlook plugin

Recent Converging Network Blog Posts:
Get Ready For XaaS Everywhere
Unbelievably Bad Web Password Security
Back From Hiatus, Saved by Web 2.0 Technology
It Takes a Village.. ah, actually, being there first and tons of hard work

Favorite Book Recommendations:
The Big Switch
Zero Day Attack
Clear Blogging

Check out Mitchell's
Converging On Microsoft Podcast. Current Podcast Episode: Security Mike Gets Serious About Security

Also visit Mitchell's personal blog The Converging Network, his new blog Breast Cancer For Husbands.com, and SSAATY Security Podcast.

Visit Microsoft Subnet for more news, blogs, opinion from around the Web.

Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)

Permalink
Tags:

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <i> <b> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote> <br /> <br> <p>
  • Lines and paragraphs break automatically.
  • You can use BBCode tags in the text.
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

About Mitchell Ashley

Mitchell Ashley is principal consultant at Converging Network LLC where he provides product, technology and social media consulting to emerging technology companies. A successful CTO and product innovator, Mitchell has created many successful, award winning products in the networking, security, convergence, Internet and IT industries. In addition to blogging for NetworkWorld, Mitchell regularly blogs at TheConvergingNetwork and co-hosts the widely popular StillSecure After All These Years podcast.

RSS feed Subscribe to Mitchell Ashley's Converging on Microsoft feed

Mitchell Ashley's archive.

Microsoft Subnet

RSS feed Microsoft news RSS feed

The opinions expressed in this Weblog are those of the writer and may not represent the opinions of Network World.

Advertisement: