[ngw] Cloud Mentality - I disagree

Richard Bliss rbliss at gwava.com
Fri Apr 23 06:34:11 UTC 2010 


Gregg, 

I disagree with your assessment of the cloud mentality. I have been working with company's supporting their move to the cloud for almost 13 years. I was one of the first organizations to begin to offer cloud services for email services like anti-spam, anti-virus, and content control, and that was in the late 90s.  

Your opinion that corporations or people can protect their data better than the cloud because they have skin in the game isn't a valid. 
 
Take for example the latest study by Forrester Research that identifies that 40 percent of business respondents said they had no interest in, no plans for, or no knowledge of emerging tools for information leak protection.  

The headline of the darkreading article says: 

Enterprises Still Don't Recognize Insider Threat. Small businesses are chief laggards in deploying data leakage protection technology. 

Most businesses don't have the time nor the resources to protect their data at the level they should. But when that data is moved to the cloud, the vendor can now deploy economies of scale, focusing on making sure the data is safe for everyone, thus allowing a small business to protect their data with minimal effort on their part. 

The full story can be read at  
http://www.darkreading.com/insiderthreat/security/management/showArticle.jhtml?articleID=216500173 

You second point talked about connection as another reason to avoid the cloud mentality. You ask if we have ever had Internet outages? The better questions is, how many times have you had system failures within your own organizations due to mechanical or human error compared to the number of times you haven't been able to get on the Internet when you needed to. 

Think about any massive disaster - 9/11 - Many of those businesses within the towers simply ceased to exist because all of their data was destroyed without the chance of getting it back. 

Katrina - Forcing an evacuation - Giving you a little time to grab your stuff, but not really conducive to setting up shop somewhere and keep working. 

With the cloud, your data is not limited to the physical location of your staff or equipment. With the cloud, you can gain access to your data easily if you are sitting in an airport somewhere in Europe waiting for a volcano to stop spewing a very different kind of cloud. 

The last item you point out is privacy. From your post you mentioned you are in beautiful Thailand. I imagine you arrived by plane and I'm guessing if you have been there before with  your family that you have frequent flyer miles. Those frequent flyer miles are a far greater loss of privacy than almost any data that is being stored on the cloud. 
It tells the company when you fly, where you fly, what credit card you use to fly. It knows who you fly with, and a wide range of other data. 

The privacy issue is not tied to the cloud but to our willingness to give up privacy for greater benefits. 

Richard Bliss 

Message: 10
Date: Wed, 21 Apr 2010 20:19:54 -0400
From: "Gregg A. Hinchman" <Gregg at HinchmanConsulting.com>
Subject: [ngw] Google and Mcafee
To: ngw at ngwlist.com
Message-ID: <4BCF5DEA.FDA7.003C.3 at HinchmanConsulting.com>
Content-Type: text/plain; charset="utf-8"

I thought these were both interesting.

First -Google and its continue non-protection of privacy.

http://www.telegraph.co.uk/technology/google/7612988/Google-not-interested-in-privacy.html

My opinion:
I am not a fan of the 'cloud' mentality because no one can protect a companies -let alone a persons data as well as the individual person or corporation -because they have 'skin' in the game.  And then there is the 'connection' issue.  When an organization jumps on the path to 'cloud' all data so they can eliminate IT -or much of it- they forget that in an outage of the Internet -they have lost all communication both to the outside world and between their own employees.  Now I know my opinion will sound like its old fashion but let me ask -have we ever had internet outages? Or, complete air traffic outages?  Thinking the unthinkable seems to be what takes place more often then not these days.  Consider back a few years when the Internet DNS servers had a 'hack' built into them that would have easily exposed us all. Or now - http://news.techworld.com/security/3218219/domain-registrars-lagging-behind-over-dnssec-security/?olo=rss .

Second -Mcafee -can you say 'Ooops!'

http://news.yahoo.com/s/ap/20100421/ap_on_hi_te/us_tec_mcafee_antivirus_flaw .

Limited Opinion here: You need AV but yet a company should do better testing before releasing.  You cannot tell me this could not have been caught in the lab long before release.

Just two interesting events.


Take Care.

Gregg A. Hinchman
Consultant
Gregg at HinchmanConsulting.com
www.HinchmanConsulting.com
A Novell Consulting Partner
317.329.0288 Office
413.254.2819 eFax

"Courage is doing what is right."

"Do not be bound to any doctrine, theory or ideology, even Buddhist ones. All systems of thought are guiding means, not absolute truth."  Thich Nhat Hanh, Vietnamese monk.

Book Travel @: www.booknewtravelnow.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://ngwlist.com/pipermail/ngw/attachments/20100421/6530d5b8/attachment-0001.html

------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://ngwlist.com/pipermail/ngw/attachments/20100423/cc3cbe54/attachment.html

More information about the ngw mailing list