Sidekick meltdown is a cloud security issue

Anyone considering cloud computing and data security has to take pause at the colossal mistake at Microsoft/Danger over the weekend.

There’s no getting around that customer data was being stored in the cloud and it has disappeared, likely forever, so this is a cloud security issue.

While this is not the type service that businesses are likely to use, it still offers a lesson for businesses attracted to cloud services. That lesson is this: investigate the provider’s infrastructure.

The problem with the backup served by Danger to users of Sidekick phones has led to a big black eye for both Sidekick and T-Mobile, which provided the Danger service. Certainly they didn’t want their reputations undermined this way, and neither do the cloud providers businesses are likely to engage. But it happened.

If cloud storage is being used by a business, that business has to treat it as if it is its own, with concern about its architecture and how that architecture will insure availability and data integrity.

The Cloud Security Alliance has a working group looking into the security issues with cloud storage, and here is a list of questions it poses and that businesses should answer before signing with a provider.

= Do you know how your storage provider plans to ensure that your data is still reliable and available when your business needs it?

= Will you and your customers be able to trust the promises that all stored private and confidential information is protected?

= Does the geographical location of where the data being processed and stored matter?

= Is your data being securely stored and kept separate from the other residents in the data storage farm?

All the answers should be yes.

Learn more about this topic

From Sidekick to Gmail: A short history of cloud computing outages

Vendor group forms cloud storage initiative

Researchers advise cyber self defense in the cloud

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)