Barney's Blog

Blog archive

Avoiding Cloud Pitfalls

Many IT pros are wary of the cloud because they can't control the data and must rely on the service provider to keep hackers at bay. But the cloud, in many cases, is financially and technically compelling. So if the economics lead you to a cloud solution, do your best to make sure your apps are secure. A report from the Cloud Security Alliance has some advice -- and a few warnings.

Here are some things for you to think about and to press your cloud provider on: How does the provider handle patching and, in general, administer your system? Because most clouds are virtualized, what specific steps have been taken to make sure cracking one VM doesn't lead to hacking all of them? How secure are the APIs? And finally, what measures are taken to make sure the service provider's own employees aren't a risk? IT people can be just as bad as any other, as I discovered in this report that was entirely based on Redmond Report readers' experiences.

Have you gone to the cloud? How do you handle security? Let me know at dbarney@redmondmag.com.

Posted by Doug Barney on 03/05/2010 at 1:17 PM


Featured

  • Microsoft Expands Azure AD Password Lengths, Adds Conditional Access Controls

    Microsoft announced a couple of Azure Active Directory enhancements this week regarding password lengths and new conditional access controls for IT pros.

  • Attack Surface Analyzer 2.0 Available for Checking Software Installs

    Microsoft this week described Attack Surface Analyzer 2.0, an updated tool for checking software installations that's now built using open source code.

  • What Causes Hyper-V Replication Failures?

    Hyper-V replication failures happen rarely, but their impact can be catastrophic when they do. Know the scenarios that are likely to trigger a replication failure.

  • Microsoft Touts Using HyperClear To Address Intel Processor Woes

    Microsoft is again promoting its HyperClear Hyper-V hypervisor technology as a potential balm for organizations trying to come to grips with Intel's latest speculative execution side-channel attack disclosures.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.