Tag Archives: cloud security

Cloud of Suspicion

I know everyone is sick of hearing about the cloud or anything cloud including myself. Now that this has become primary in standards circles it is getting personal. I believe, and can prove, that the term is a new marketing buzz word for outsourcing around SaaS, PaaS, and IaaS. In this context, I have been in the “cloud” business for over 15 years. My career began working as a developer for security code on a IBM 370. The mainframe was the first cloud solution and provided large companies the ability to provide a “private” cloud service with great security controls. At the same time most carrier networks have been offering “cloud” solutions since the 50’s/60’s.

Fast forward 15 years, companies large and small are now claiming to invent the cloud; it is almost laughable. What is scary is number of new standards in this area that completely disregard the many great standards that addressĀ  operation of these environments that have been created, adopted, and implemented. I do agree that they need refreshing to reflect the implementation of the new technologies but these are amendments not new standards.

Now we are spending lots of time, money and super human effort to redesign the wheel…….why?

I love when a rep from a cloud vendor states how new and revolutionary cloud technology is. Many of the management and deployment tool have become highly specialized, however they are not new. After designing and building a MSSP offering for 5 years, we had to create our own custom tools and techniques to accomplish this. We still used VM’s, shared HW and SW, it was a cloud service but without the hype.

Hopefully, over time tech folks are going to see through the mist and realize they are only staring face-to-face with an outsource solution provider. The concepts for selecting one have not changed but regulations for privacy and auditing have.