The cloud computing security conundrum

What happens when two technology executives disagree on cloud computing security? A very interesting discussion but no conclusions about what to do.

Scot Petersen
Scot Petersen

I am sworn to the Chatham House Rule on this, so the names, titles and place of the following dialog about cloud...

computing security must remain a secret. The only thing I can say is that it occurred at a recent gathering of local IT executives.

Both gentlemen work in the high-tech space. The discussion begins when the first executive (let's call him "the first guy") starts talking about his company's use of cloud computing

The second executive (let's call him "the second guy") stops him and says he's not sure what a private cloud is, compared with a public cloud. In my mind I am thinking:

Validation No. 1: The hype coming from technology vendors about this or that type of cloud computing can be confusing to more than just the average journalist.

The first guy neatly breaks down the distinctions between a public and a private cloud -- firewalled-off sections of a data center, and in some cases, separate server boxes -- but offers that public cloud security concerns are overblown and that his company has been using Amazon.com's Elastic Compute Cloud Web services for several years. He goes on to describe how his company's use of the cloud involves its independent software vendors testing applications. This is one of the first uses of cloud and is still the most common, he says.

Yes, says the second guy, (and now I'm paraphrasing) but isn't there value in the intellectual property of the application software assets in the cloud that's being put at risk? The second guy goes on to discuss the recently discovered Flame malware, whose sophistication points to state-sponsored terrorism or corporate espionage; he concludes that nothing is really secure.

True, the first guy agrees, and he recounts a story from earlier in his career at a company where he was in charge of IT security. At one point, he brought several serious issues before the chief executive, who shrugged them off.

Validations No. 2 and No. 3: Despite the trend where IT executives' efforts lean more toward the business, innovation, transformation and the like, their first and last worry will always be about security. And despite being under constant threat from cybercriminals, chief executives don't care enough about security. The costs of security will always outweigh the cost of the breach.

Yes, says the second guy, but what if you are a software company whose value is tied up in the intellectual property of the software assets situated in the cloud? How much would you say is the value of those assets? Probably the market capitalization of the company, right?

Right, says the first guy, and shrugs.

Right, says the second guy, and shrugs.

We sip coffee.

Validation No. 4: IT executives know a lot more about business and finance than most people give them credit for.

Let us know what you think about the story; email Scot Petersen, Editorial Director.

Dig Deeper on Cloud computing for business

PRO+

Content

Find more PRO+ content and other member only offers, here.

Join the conversation

4 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I love the argument on cloud security! "Well, nothing is ever 100% safe". True, but there is a HUGE difference between your on-site servers and leased servers (the Cloud) sitting in some other country.

That is like saying, "Why spend money on door locks and alarm systems, those houses get robbed too?"

Because houses with locks and alarm systems would get robbed MUCH less often than a house with no doors and windows, located in a bad, bad neighborhood. Derp.

The calculation that lawsuits after a data breach are cheaper than securing OUR data makes me sick! We need much, MUCH stronger privacy rules. Fine and incarcerate the fools making the decisions that lead to breaches and I believe 'The Cloud' would be a VERY dead technology.

I'm beginning to believe 'business and finance savvy' actually means 'willing to cause harm to anyone/everyone without any impact to their moral framework'. Or 'Sociopath', that fits. Why are these people held in any sort of esteem?
Cancel
Are security concerns holding you back on cloud adoption?
Cancel
corporate security vs. the cloud
Cancel
Wanted to know more about cloud security.Why most secured firm like banks should adopt cloud?
Cancel

-ADS BY GOOGLE

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close