Friday, February 4, 2011

Fog Security

For full disclosure, this humorous term was "invented" at my local ISSA chapter meeting last night.

If you pay attention to the computing world, you are already aware of Cloud Computing. This is the nebulous term (pun intended) referring to the practice of storing and using data on-line outside of one's normal network, out in some service provider's network. The beauty of this process is that you can reach your data from any Internet-connected system, typically from any browser. The horror of this process is securing it.

Integrity: Is your cloud data being backed-up? Probably, as your provider would lose a lot of face if they failed to keep the data intact.

Confidentiality: Is it inside your hardened network perimeter? No, attacks against your Cloud data never trip any of your firewalls, IDS, or anything.

Availability: Can you halt all communication to the data if needed in an emergency? Probably not.

While the cloud concept provides great value for business, it fails two of the three commonly accepted tenants for security. Is it secure? Outlook is foggy. Will business continue to move towards the cloud? Yes. And as with all business advancements, security trails (but is working hard to keep up!).

Don't talk to me about Cloud Security, it is Fog Security for the foreseeable future.

~~ Habeas Data

No comments:

Post a Comment