Security, cloud and concerns about our data
|
Categories
Enterprise Resource Planning (ERP) Archives
|
May 26, 2010 10:00 AM
One of the perceived weaknesses of cloud technologies is the area of security. I was just reviewing an HP viewpoint paper: Security and Cloud Services that looks at many of the aspects of Everything as a Service. Inside the document was a list of concerns and benefits that have been bandied about for a while in this blog and others:
|
Commonly cited benefits |
Rationale |
|
Simplify and optimize the IT environment |
Less to own and operate |
|
Avoid capital expenses |
Consumption-based pricing |
|
Faster ROI-less to build |
No building assumes faster delivery & ROI |
|
Better agility to meet business needs |
Composing external services allows for quicker reaction to business needs |
|
Low-cost disaster recovery |
Assumed cloud services already have some level of disaster recovery |
|
Commonly cited concerns |
Rationale |
|
Service level agreements |
Poor or nonexistent service level agreements on performance, availability, and support |
|
Data security, legal, and regulatory controls |
Immature controls, processes, and certifications in place to manage risk |
|
Vendor lock in |
Lack of interoperability between cloud services (Platform as a Service [PaaS], Infrastructure as a Service [IaaS]) |
|
IT management issues |
Services, data, and vendors still need to be managed; lack of adequate tools to manage and extract data |
|
Market flux/immaturity |
Concerns around vendor viability, service quality, and support |
Although it is hard to argue with a list like this, I am always a bit concerned that it is being viewed with today's limited resource perspective. When computing is more dynamically allocated, there are significantly broader possibilities with a related increase in value and concern. There are a number of approaches that should enable organizations to foresee and address these, before they become an issue.
Busibesses using Data abundance approaches all around us that can take better advantage of cloud resources. As municipalities, states and countries begin to open "our" data out to the world, cloud based approaches will be a natural consumer and the kinds of applications and benefits (as well as security issues) may be hard to imagine looking at the problem from a scarcity perspective. Most organizations are still on their own to a large extent, since the standards in this space are still developing at every level of cloud.
A resource that may be of interest is the Cloud Computing for Dummies book that HP can send you.
Originally posted on The Next Big Thing blog
| Blogger Profile: Charlie Bess | |
| Charles Bess has worked in the Information Technology industry for about 30 years supporting a variety of large organizations and industries. Charlie has performed a variety of formal and technical leadership roles throughout EDS and now HP. He is a licensed professional engineer and in 2002, a senior member of IEEE and was recognized as a Fellow within HP for his focus on value delivery and innovation. Currently he is focused on the Chief Technologist functional relationship between HP and its largest clients. In addition to these activities, Charlie has also worked as a public speaker, advisor to SMUs MBA program and supported engineering and computer science activities at Purdue University and University of North Texas. He’s been blogging on technology and business value related topics since early 2003. |  |
