Back From Prague…
I was at the Cloud Computing Conference in Prague earlier this week and there were a lot of great sessions – along with some very interesting new perspectives. Stephen Foskett has done a great report and rather than repeat that, here are my main discussion points.
1) Is the lack of ‘true’ European cloud providers preventing adoption of the cloud in Europe? It’s an interesting question and one I had never thought about. Having worked for American companies for nearly two decades, I have never been concerned by the control they may have. It is true that various EU countries have very strict privacy laws and so they may be restricted from using global public clouds – but for the rest… this is something that needs to be looked at further. The cloud is going to offer competitive advantage to those that use it effectively – the EU mustn’t be left behind.
2) Cloud capacity. Cloud service providers often tout ‘infinite’ capacity – but in reality they do have physical machines (virtualized up to the hilt) which have limitations. When looking to deploy to a cloud, the customer should be able to see what the capacity of the service provider is, what it is currently running at and what the peak demand was. For customers requiring a single instance it is slightly different from those who want elastic demand and who may be caught short. After all, when it’s gone, it’s gone – and adding more capacity to a data centre, cloudy or not, will take time…
3) Computational integrity. This came up at the FORWARDmeeting as well – in essence how do you know that the calculations going on in the cloud are correct. What would happen if someone interfered with the data or the calculation – would you be able to spot it. As a simple example, what if someone changed one digit in every telephone number in your CRM data, or map data was shifted by half a kilometre? This is a theoretical problem at this point, but it is a potential weakness that needs to be addressed. Encrypting data and hashing it means you can check on the data integrity – the data is how you left it, but how about the calculations? Curiously, I discussed this in the Data Leaks book – and one approach is to use well known data / transactions for which the outcome is known and then to periodically throw this at the service and check the result is what was expected. If not… well, there’s another piece of your disaster recovery / business continuity strategy you need to cover.
Here is a picture of the expert panel, including your’s truly, Guy Bunker. For more pictures take a look here.
comments
2 Responses to “Back From Prague…”
Leave a Reply
-
Connect with us
-
Get Email Updates
-
Recently Posts
- Spam is decreasing. Is it the beginning of the end for e-mail?
- Taming the tablet
- Free Wifi: Why do we trust it?
- The true cost of a data breach (Part Two)
- The true cost of a data breach
- The Ultimate Combination – Information Protection with Visibility and Audit
- Gaining Access Control
- O3 –Control in the cloud
- Mobile adoption has reached the tipping point, but businesses accept it’s time for a security reality check
- The internet explodes with gTLDs
-
Pages
- announcements
- Application
- Availability
- backup
- botnet
- Cloud computing
- Complexity
- Compliance
- Consumerization
- cyber-crime
- data centre
- data-loss
- Denial of service
- disaster recovery
- Education
- Green IT
- impersonation
- Information Policy
- Insider
- IT equipment
- Miscellaneous
- misleading applications
- Patching
- Phishing
- Regulation
- Reputation
- SaaS
- security
- small business
- Social Media
- Spam
- Speaking
- Storage
- trojan
- Uncategorized
- Virtualization
- Virus
-
Blogroll
- Ask Marian Consumer Security Blog
- Bruce Schneier’s Blog
- Con Mallon’s Symantec Consumer Blog
- Gareth’s BE Blog
- Get Safe Online (The Blog)
- Gizmodo Gadget Blog
- Jonathan Schwartz’s Blog
- Phil Windley’s Technometria
- Security Bloggers Network
- Symantec French contributor - A blog from the French pen of Laurent Heslault
- Symantec Guide to Scary Internet Stuff – Botnets
- Symantec Guide to Scary Internet Stuff – Drive-by downloads - Video explaining the latest security threats in simple terms, on drive-by downloads
- Symantec Guide to Scary Internet Stuff – No 5 Rogue AV
- Symantec Guide to Scary Internet Stuff – No 6 Denial of Service Attacks
- Symantec Guide to Scary Internet Stuff – No7 Pests on your PC
- Symantec Guide to Scary Internet Stuff – No8 Losing your Data
- Symantec Guide to Scary Internet Stuff – Phishing
- Symantec Guide to Scary Internet Stuff – Underground Economy
- Symantec podcast channel - A channel of podcasts on current security and availability topics from the experts at Symantec
- Toby Stevens’ Data Trust Blog
[...] in Prague last week at the Sys-Con Cloud Expo. While there, I met up with a few others, including Guy Bunker, Sam Johnston, Roman Stanek, and others. See Time for a debrief!, Review of the Reviews, and [...]
The point about infinite capacity is interesting, recently I was provisioning a handfull of small instances on Amazon AWS EU West 1A only to find that it was unable to provide the capacity. I was able to provision the capacity on EU West 1B but it does make you question the available resources.