Interop: Cloud services take a beating in debate over security

By , Network World |  Cloud Computing, cloud security, interop

Cloud services are not secure enough for businesses to use, or at least that was the conclusion drawn by attendees of an Interop debate, although all of the participants acknowledged the real answer was more subtle.

Under the rules of the Oxford-style debate, the side that swayed more audience members to its position won, and in this case eight who initially said they thought clouds were secure changed their minds after hearing the arguments.

BACKGROUND: Road map to the public cloud 

Allen Allison, the CSO of cloud provider Navisite, not surprisingly took the side that the cloud is secure. His argument was that security on par with what a business can provide itself is a necessity if providers want to survive. "Cloud providers have to incorporate the same type of security," he says. "If we couldn't do that, we couldn't have a cloud industry."

Also arguing for the safety of the cloud was Frank Kenney, vice president of global strategy for IPswitch FT, a managed file-transfer service. Cloud customers have the obligation to assess the risk of allowing data to be stored in a cloud based on how valuable it is to the customers. "Think of the business ramifications for your business if you believe there may be a problem," he says. "The cloud is as secure as you want it to be."

Hot products at Interop

Ravi Rajogopal, vice president of cloud strategy for CA, cited the growing number of records compromised by data breaches over the past six years as a demonstration that risk is just too high to trust data to a provider.

Also speaking against clouds being secure was a John Pironti, president of IPArchitects security consultancy, who says customers can't get enough information out of cloud providers to make informed decisions about risk. "Clouds won't give you transparency," he says. "You don't get to see the controls."

He says 90% of breaches that disrupt businesses involve insiders, and that should be extrapolated to cloud providers. "If the cloud's so secure, why can't we verify?" he says.

Cloud services also expand risk to a customer's data, he says. If someone is angry with another customer who uses the same service and attacks the network to get at that one customer, all the customers are taken down as a result, Pironti says.


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question
randomness