Cloud Security is not an Oxymoron

Cloud Security is not an OxymoronA few interesting news items made me think about security and cloud computing.  There are many naysayers who state “I would never put anything important in the cloud.  It’s not secure.”  Yet they have no problem putting important, mission critical data in on-premise systems, which as we see from the constant data breach headlines are not very secure.  There are a number of governments who have major cloud initiatives and somehow think it’s secure enough for them.

In his presentation this week at the RSA Conference in San Francisco Amazon Web Services (AWS) evangelist Steve Riley asked what people would think of an encryption service in the cloud.  This managed encryption service, he called it Simple Encryption Service, would encrypt all data going into or out of Amazon’s cloud.  Riley was proposing a standard of encryption that would make it easier to securely move data around the Internet and between clouds.

The other interesting story this week was Microsoft CEO Steve Ballmer announcing that he is betting the business on the cloud.  This is an astonishing statement from the king of desktop software.  Ballmer is a smart man and sees where the winds are blowing (finally).  Just like in the 1990s, Microsoft was a little late to the Internet party, but they put their massive talent and cash to work and owned the computing experience.  Given Microsoft’s focus on security as of late, I would expect their cloud offerings to follow suit; I can hear the snickering when I say Microsoft and security in the same breath.

Which brings me to a simple conclusion that with Amazon and Microsoft putting a lot of effort into it, we will quickly see cloud computing become far more secure than on-premise systems.  Some would argue it already is, since the cloud providers sole job is to give customers a robust and secure platform.  I know that the recent Google hacks make people think that cloud computing isn’t secure, but I still see far fewer of these than breaches of on-premise systems.  I think we will see more cloud and SaaS offerings with encryption built into them.  It’s good to see that a lot of smart people are trying to move security and encryption to the next level.

Photo credit span

Leave a Reply

Your email address will not be published. Required fields are marked *