IT execs at RSA extol virtues of cloud computing, with familiar caveats

By , Network World |  Security, cloud security, RSA

"The challenge is one of transparency," Kelly said, as well as being able to overcome "operational legal issues." The issue of intellectual property theft is a big worry. Kelly said GE has had some limited experience in cloud computing with vendors she preferred not to name, and is keeping up discussions with cloud-service providers to assess the possibilities. She said GE and eBay are insisting that the privacy rules they want must apply.

"Two to three years ago there weren't really mature offerings," she says, but she now senses a much better outlook in the cloud market. And the European Union has begun to re-think its data protection rules, which could lead to more flexibility on data-transfer restrictions, but that will probably take some time. But some types of data, such as national-security data that companies like GE have, simply aren't candidates for the public cloud, she adds.

It's clear many IT professionals looking into international cloud-computing options are getting the feeling, warranted for not, that countries apply restrictions on cross-border data flows simply for economic reasons to keep data-computing in their countries. But at any rate, Jim Reavis, co-founder and director of the Cloud Security Alliance, who also spoke at an RSA session, acknowledged that the legal concerns related to international cloud computing across country borders are substantial.

Sensitive data that falls under the Payment Card Industry (PCI) requirements are often debated due to worries about litigation, and many U.S. and European laws act to discourage data-sharing across country boundaries, he noted.

"The Patriot Act comes up over and over again," he said. "The long reach of Uncle Sam is giving a chilling effect on cloud from a legal perspective." This can apply just to the question of data backup. International restrictions applied under law about data transfer are slowing cloud adoption and leaving IT managers sometimes resigned to sticking to the traditional hosted model, he said.

But the appeal of the dual private cloud and public cloud combo is huge, said Dave Cullinane, chief information security officer at eBay, who joined Kelly on the panel at RSA.

Cullinane, a co-founder of the Cloud Security Alliance, says eBay has become an adopter of cloud-computing and uses the Microsoft Azure cloud operating system, which has been out for a year now.

EBay has taken the approach of building a private cloud based on Azure that can be extended when a burst of additional capacity is needed into Microsoft's Azure-based data centers. "It's a private cloud, but we can also run it at Microsoft," said Cullinane.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question