Google FAIL and the Fog Over Cloud Security
Late last year, when I interviewed Google Apps senior security manager Eran Feigenbaum and his marketing partner, Adam Swidler, they talked up Google's place in cloud computing and how it was in a prime position to make a difference with cloud security. [ Four Questions On Google App Security]
But when Google suffers a massive outage as it did last week -- followed by another one Monday -- people can't help but have their doubts.
Google content accounts for about 5 percent of all Internet traffic, so when it went down, many who have come to rely on its myriad applications to conduct business were dead in the water.
Meanwhile, attackers have been adding insult to injury by flooding Google search results with a fire hose full of malicious links, prompting the U.S. Computer Emergence Response Team (US CERT) to raise the red flag [ Attack That Poisons Google Results Worsens].
These are troubling events that illustrate just how perilous the cloud can be. But don't believe those who suggest this is a new threat. It merely validates the security concerns smart people have been raising for a very long time.
One of the people I trust on this issue is Chris Hoff, whose recent cloud security talk at SOURCE Boston attracted a crowd that included security luminaries like Dan Geer [ CSO podcast interview with Geer] and Marcus Ranum.
Hoff has warned repeatedly that companies are moving too fast on cloud computing without truly understanding what it's about first. ["This love affair with abusing the amorphous thing called 'THE Cloud' is rapidly approaching meteoric levels of asininity," he told me in one interview.]
Another voice I trust on the issue is Ariel Silverstone, a veteran of the Israeli Defense Forces with experience in physical and information security who regularly contributes to information technology certification exams and to newspapers, magazines and online publications like CSOonline.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
cloud computing
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
