Skip to content

Management

Technology

Toolbox

Training

Books

White Papers

Webcast

Resource Centre


ComputerworldUK CommunIT

Want to join the UK’s fastest growing dedicated IT community? Enter here to browse the UK’s top usergroups, societies and associations.

community > blogs > open enterprise

Is Cloud Computing Safe for Business? Yes and No...

November 02, 2009

Posted by: Glyn Moody

Google wants us to think it is, but chooses a slightly unfortunate metaphor:

Cloud computing, when IT software and services are delivered over the web and through a browser, is a paradigm shift, similar to taking your jewellery out of your sock drawer and placing it in the bank. The bank has the economies of scale. It has guards, robust safes, video surveillance — much more than any security investment you can deploy yourself. The same is true with data. Cloud providers such as Google are equipped to protect millions of users' data every day. As a customer you get to enjoy these economies of scale at minimal expense. We have over 1000 people dedicated to Google Enterprise, including some of the world's best security experts who are helping to make sure that your data stays safe.

Safe as banks? - I don't think so. Rather more compelling is the following argument:

Most organizations take 30-60 days to install security patches on their systems which is a major concern in its own right. In fact, many companies I talk to admit it's closer to 3-6 months to install a security patch. This means that traditional IT systems and applications are open to known security vulnerabilities for a very long time. By contrast, we run a very homogeneous computing environment, so when it is time to patch we can do it in a rapid and uniform manner to all of our systems.

It's not only “homogeneous”, it's based almost entirely on open source software (as far as we can tell), with all that this implies for robustness. So, to that extent, it's probably true that for many companies, the server side of cloud computing is indeed relatively safe. But if they're still using Windows with all its vulnerabilities to access those servers, much of that security is squandered. Perhaps that's why Google is coming out with its Linux-based Chrome operating system...

Follow me @glynmoody on Twitter or identi.ca.

Follow highlights from ComputerworldUK on Twitter
Sign up for our Daily Newsletter
The UK IT News widget Get it for your site!

<<newer entry | back to blogs indexolder entry>>

Advert

close

Email this article to a friend or colleague:




PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

close
  • This article is now being printed.
close

What are your views on this subject? Use the form below to post a comment on this article up to 1000 characters.


Characters remaining:

close

Click below to add 'Is Cloud Computing Safe for Business? Yes and No...' to your blog.



If you do not have a ComputerworldUK Account and would like to use this feature, please Register.

If you are a registered, logged-in user, this will post the title and first paragraph of this story to your blog to share with your readers.

What is this?

Comments received

zaine_ridling said on Monday, 02 November 2009

Wow, I too had to laugh at the banking metaphor, since in the US, banks *still* have a license to steal from taxpayers. Implicit in your suggestion of the Chrome OS is one of control. Google simply wants to control for security, for cost, for standards, and for better delivery (what user wouldn't want their data trusted to a Linux server over a Windows one?).

And then there's that whole open source thing the kids talk about. I hear it has advantages!

Advert

WHITE PAPERS

  • Legal risks: Employee use of the internet and email
    Exploring the challenges facing IT Mangers today and vital steps to ensure safe internet an email use by employees.
  • Phishing for victims
    This White Paper examines the phenomenon of phishing. It explains the potentially catastrophic threat it presents to all kinds of organisation. Exploding some widespread myths, it lights up the murky waters where phishing first emerged and where it continues to evolve. But it also highlights what your business can do to blunt the threat.
  • Challenges and opportunities of PCI
    The control framework implicit in the Payment Card Industry Data Security Standard (PCI DSS) provides an enterprise structure for improving operational, security, and audit performance.
  • Social CRM comes of age
    Who is this “social customer”? What strategies and tools does the new breed of CRM provide to do something about this?
  • Risk Management: Protect and Maximize Stakeholder Value
    What has held organisations back from a broader adoption of risk management programs?
*