* Posts by markheathcote

3 publicly visible posts • joined 7 Apr 2014

Smartwatches: I hate to say ‘I told you so’. But I told you so.


hey, lets down vote this guy just to be ironic.

Cloud computing is FAIL and here’s why


Perfect timing vs Microsoft statement at TechEd14

And timely too... just a short time after Brad Anderson of Microsoft said that cloud is now as stable, if not more stable, than anything inside the corporate datacentre and we should deploy to it as a primary platform. Funny. Here is a reference to it... http://www.smiile.biz/articles/2014/5/13/cloud-more-stable-than-your-own-datacentre-maybe-but

The cloud awaits... but is your enterprise ready for the jump?


Re: "Large cloud services are in secure data centres to which access is strictly controlled"

Also, the Patriot Act trumps everything, at least for now, and I believe applies to any US (Cloud) company and data they host anywhere. i.e. the US Gov can in theory gain access to confidential corporate data.

Regarding InfoSec trust - it is essential to ensure the vendor applies the same level of diligence that you apply to your own data (otherwise, why bother yourself?). I have worked across a multitude of enterprises, and have NEVER seen the correct diligence applied to vendors except where I have done it myself. Further, cloud vendors themselves are quite often guilty of misleading CIOs etc by stating things like 'our DCs have SAS70 certification' - no they don't, there is no such thing as SAS70 certification. "SAS70 is not intended to purport that a service organization has achieved an objectified defined standard for a system".

The only way to ensure such diligence is to get your requirements in the contract, audit them regularly, make them fill in a security questionnaire, and monitor them. Good luck trying to get a global Cloud provider to agree to this. The closest you might get is for them to show you an ISO:27001 certificate.

That said, most enterprises have many lower level services which don't process confidential data and therefore could be ripe for 'clouding'. Just be careful with your crown jewels.