Tag Archives: Security

More on Amazon’s SAS70 Type II

November 20, 2009 – 18:59

Amazon hasn’t been forthcoming since my last post on their control and control objectives, which is disappointing, but expected.  I still believe that transparency here is more important than security through obscurity.  Hiding the controls and control objectives doesn’t provide much in the way of particular security benefits, although I’m certain some will argue that [...]

By randybias | Posted in Cloud Computing | Also tagged , , , , , | Comments

Why is Amazon’s SAS70 Audit Bogus?

November 16, 2009 – 07:39

At first glance it seems like Amazon’s recent announcement of a successful SAS70 audit is grounds for celebration[1]. Certainly it has met with fanfare on Twitter and blogs.
Unfortunately, a SAS70 audit isn’t what most people think it is. Worse yet, Amazon’s reluctance to provide details of the audit provides a false sense of security [...]

By randybias | Posted in Cloud Computing | Also tagged , , , , | Comments

‘Operators’ and ‘Administrators’

November 29, 2008 – 19:44

Operating and administrating Internet infrastructure is not the same. For the uninitiated it may seem that ‘operators’ and ‘administrators’ (systems or network) are not different, but there is one important distinction: The primary job of an operator is “risk aversion”, while that of an administrator is to “control, manage, or maintain.” Given [...]

By randybias | Posted in Cloud Computing, Technology | Also tagged , | Comments

Can You Trust Cloud Computing?

October 17, 2008 – 06:24

A thoughtful blog posting from Khoi Vinh asks whether we can trust clouds given the current financial climate.
It’s good to be cautious about trusting all of your data to ‘the cloud’, but you should already be evaluating your cloud providers based on their ability to give you a backup option. Most providers already have [...]

By randybias | Posted in Cloud Computing, Technology | Comments

CIO Concerns about Cloud Security

June 23, 2008 – 18:29

There is a little here on CIOupdate about CIO concerns with cloud security. The article is short and a little overblown in how both sides are represented.
I’m currently talking to CIOs and CISOs at large enterprises and I’m not hearing any ‘panic’ so much as pragmatic concerns about securing cloud usage. The folks [...]

By randybias | Posted in Cloud Computing, Technology | Comments

Twitter links powered by Tweet This v1.7.1, a WordPress plugin for Twitter.