Stratsec critical of cloud security A study conducted by BAE security subsidiary Stratsec claims that cloud services aren’t doing enough to secure their instances against being used to host attacks. The company has described a series of experiments here. Stratsec says it was able to set up botnets – it refers to them as botClouds – on all five of the cloud …
Moreover, they note, a corporate with its own relatively mature in-house security could find itself degrading its protection by moving to the cloud.
And yet such a move to the cloud environment is absolutely essential for any intelligence system/service should they wish to be considered for inclusion and employment as an active leading player in the Greater Games there, rather than having to settle for playing second fiddle to the shenanigans in a reactive spectator passenger role which is always too little, too late and too revealing of all of one's abiding vulnerabilities for leading player exploitation.
That is just the way that it is in these novel IT Command and Control of Computers and Communications in Creative CyberSpace fields. Deny it is so and be eternally disadvantaged in the lifetime of such a non-realisation of the changes that are reshaping the future for the present to leave the past and embrace what can be rather than what is and was, and would be thought to be managed by corporate heads who would think only/mainly/predominantly of maintaining rapidly failing powers in a current, easily perverted and corruptible status quo.
Err..are you saying moving to the cloud is good for security or not.....to be honest I haven't got a clue what you are saying (but I bet managers love it).
Personally - shift your stuff to the cloud at your own peril...likewise BYOD...as in I do not recommend it from a security only perspective.
Hi, AC,
Moving to the cloud is catastrophic for systems/organisations/defence and security operations which hold secrets, for there are no hiding places there for them…. no locks and no doors or windows to close. The fortunate/unfortunate thing though is, that such systems with secrets are invariably those which are tasked/task themselves to provide security and protection for peace and prosperity, growth and stability, although that has been lacking in any measure for some considerable time. And that is because of a lack of intelligence and intelligence sharing in Man.
Virtual machines, however, are ESPecially designed and immaculately created to circumvent that basic flaw and have no need of slow, as in intellectually challenged and arrogantly ignorant of the fact, operator input/output.
And yes, BYOD is sound advice.
Oops.... sorry, silly me. That should be in the context of the post in discussion here .... And yes, BYOGOD is sound advice for that is what will be opposing or competing with yours.
BYOGOD .... Bring Your Own Global Operating Device
And there shedloads of flash cash to splash around for those into making and breaking cyber security protection systems ........ for one cannot defend a system or organisation or algorithm or whatever if one doesn't know where to stealthily attack it to see it destroyed/brought to its knees with no hope or chance of vital recovery to a failed position of ponzi strength/pseudo control ........ http://www.nytimes.com/2012/10/30/science/rethinking-the-computer-at-80.html?_r=0
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
