Apps

Video: Rushing into the cloud may create a security nightmare

Security-as-a-service was the big theme at the 2009 RSA Conference. But rushing into the cloud may create a security nightmare. What happens if the cloud gets hacked?

Security-as-a-service was the big theme at this year's RSA Conference in San Francisco. But companies rushing to cloud may be creating a security nightmare. ZDNet Editor in Chief Larry Dignan talks with Senior Editor Sam Diaz, and security blogger Ryan Naraine about how companies are securing the cloud and what happens if the cloud "gets hacked." They also discuss whether companies are spending on security in light of the current economic climate.

About

Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop supp...

3 comments
Deadly Ernest
Deadly Ernest

aspects of the cloud. We can make it safe to work in the cloud ONLY when we control all connections to the cloud. Thus a local cloud behind your corporate firewall does make sense, but not trying to do important business across the Internet cloud itself, that's deadly to your business in any time terms. Such a set is in violation of a number of legislated security and privacy requirements too. I'm concerned about Sam's comments on moving to a centralised common update centre. throw your mind back several years to what was being touted by Wintel when they wanted to push their Palladium Concept. One update centre that checked if ALL your software met the legit licence requirements before it gave you any updates. Any hiccup with one and you're screwed on all was the basic concept. One also wonders about the basic levels of security for any software that needs to be updated so frequently. I think all lot more needs to be done right across the board in the security arena before corporate cloud computing outside the corporate domain will be viable.

rayanch
rayanch

i believe because i was in wireless internet security process and have followed the same guidelines. This one really help.

eHC1019
eHC1019

This may be off-base for this post, but I had a thought the other day when watching the local news. The news report was about a local company being investigated for something and the FBI came in a took all the computer equipment out for evidence. This got me to thinking about something. Ok, your apps, your data, heck, even your virtual OS is on someones else units. And they get in some sort of situation with the law. Now all your stuff goes by-by with the law. And even though you have nothing to do with any of this, your data is pried into anyways. Not to mention all the other parts of the nightmare! Just a thought - and yes - maybe I am being too simplistic about it all.