Thursday, August 20, 2009

Cloudy weather

There’s been a lot of talk in the industry recently about software-as-a-service, hosted services and cloud computing. Getting rid of the burden of managing servers and messing around with hardware seem charming, and has a lot of financial and administrative advantages, but is it SAFE?

Well, most of the stuff I write about here warns people that this or that is more dangerous than it appears, but this time, it’s quite the opposite. Cloud technology is actually is safer than the alternative in most configurations.

The thing about hosting services is that it takes away the hardest thing to control – physical security. I discussed this in my blog about thin clients – a physical computer or storage container is a sensitive thing. Cell phones and laptop theft is pretty obvious, but standard servers are also sensitive to some abuse. Even though most companies keep the servers in a secure room, not everyone can afford proper security, and even when a company can, the design is often imperfect because IT personnel are rarely trained in physical security. They might think a cardkey lock is secure, forgetting that the glass door or windows can be easily broken. They might setup alarms, but not be able to afford an onsite guard that can react fast enough in case of burglary. They might install smoke detectors, but miss out on proper fire extinguishers or water drainage infrastructure.

Also, having your own servers require some serious maintenance. AV updates need to be monitored, software updates installed, and security hardening needs to be done, and kept up regularly. Even though technologies like SMS are easily available, many companies don’t get them because of costs, and even with them, the massive resources on servers are a major honey pot. Many sysadmins are tempted to put some of their MP3s or movies “temporarily” on the file server, simply because it’s an easy plug until they come up with the cash to expand their own HD. Having this type of data would often be overlooked, but it may also expose the company to legal challenges or a virus infection.

While cloud technology is not yet perfect, and certainly does not fit every client or every scenario, it can have an important boost for the company’s security. Naturally, attention has to be given here as well, as a small or Startup Company that delivers hosted solutions might be riddled with the same problems, but with some major players entering the market in recent months, this is a great opportunity to get secure while reducing costs.

1 comment:

John Columbus said...

I love rain and drencing under it but I never like thunderstorms. It scares me. Thunderstorms also can take life. father has suggested me to use Weather measuring instruments for weather report for safety before enjoying the rain outside.