Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

The Biggest Cloud Computing Security Risk Is Impossible to Eliminate

Even pieces written well before the Honan attack pointed out that Apple had made iCloud "reasonably" secure but built in security flaws to keep control of the network itself and help return access or data to clueless end users.

Every other public cloud service did the same thing, for the same reasons. One person's security flaw is another person's fail-safe mechanism. Every cloud needs a back door for end users who can't get in; the problem is that locks on the back door are just as flimsy as those on the front. No matter how secure it's possible to make cloud services, it will never be possible to make them secure enough that clueless users won't lock themselves out and unscrupulous hackers won't be able to weasel their way in.

More Insights

Webcasts

More >>

White Papers

More >>

Reports

More >>

Honan isn't a clueless user; he didn't use stupidly simple passwords or his Social Security number as a username. He just failed to turn on every single security feature available on every Web service he used.

Is it fair to expect end users to make up for gaps in the security of major services? No. Woz is right that cloud is a horrendous risk, but it's only marginally more risky than more traditional IT.

An iCloud or Twitter account may be easier to see, and therefore easier to target. That doesn't mean the risk of losing data from iCloud is greater than losing it to thieves who swipe your end users' iPads, iPhones. No matter what Apple, Amazon, Twitter or Google do, cloud computing security risks will never go away.

The answer isn't total security; the answer is balanced risk. Backing up data into comparatively safe harbors (cloud storage, enterprise backup or external hard drive) drastically cuts the risk of catastrophic data loss. It also adds the risk that your backup could be hacked, but there's no benefit without concomitant risk.

The trick is picking the security measures that work for you but don't make your tech so inconvenient you avoid it completely.

Security is inconvenient. It's expensive. It's impossible to cost-justify unless you actually see it stamping out a threat. It's also inconvenient to lock your front door and carry keys with you everywhere you go. There's no better chance of stamping out insecurity online than there is in real life.

Don't assume because some people get hacked that it's necessary to make your cloud or your users' laptops or smartphones invulnerable. It's not. It is necessary to take precautions appropriate to the situation, whether you're using the cloud or the Web or an internal glass-house, ultra-secure data center.

Forgetting where your data is, or what precautions are appropriate for each of the places in which it's stored, is a quick way to find out what real threats surround you.

Cloud security is as simple as that--though in IT, simple is relative. Simple security still means you have to pay attention, keep your backups complete and hope your service provider's customer service isn't quite as forgiving or naively helpful as Mat Honan's.

Kevin Fogarty is a freelance writer covering networking, security, virtualization, cloud computing, big data and IT innovation. He blogs daily at ITWorld.com; his byline has appeared in The New York Times, The Boston Globe, CNN.com, CIO, Computerworld, Network World and other leading IT publications. Write to him at kfogarty@technologyreporting.com or on Twitter at @kevinfogarty.


Page: « Previous Page | 12 3 | 4  | Next Page »


Related Reading


Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Research and Reports

Network Computing: April 2013



TechWeb Careers