Comments on: Why Cloud Computing Needs Security http://gigaom.com/2008/06/10/the-amazon-outage-fortresses-in-the-clouds/ Trusted Insights and Conversations on the Next Wave of Technology Thu, 26 Nov 2009 02:03:27 +0000 http://wordpress.com/ hourly 1 By: Glum Economy Brings On Good Times for Joyent - GigaOM http://gigaom.com/2008/06/10/the-amazon-outage-fortresses-in-the-clouds/#comment-909412 Glum Economy Brings On Good Times for Joyent - GigaOM Fri, 31 Oct 2008 16:28:21 +0000 http://gigaom.com/?p=13736#comment-909412 <p>[...] about reliability, but such concerns are likely to persist, and vendors will be differentiated by how they handle data security. Want to know more about the rapidly changing Cloud Computing landscape? Preview our Cloud [...]</p> [...] about reliability, but such concerns are likely to persist, and vendors will be differentiated by how they handle data security. Want to know more about the rapidly changing Cloud Computing landscape? Preview our Cloud [...]

]]> By: Vectorpedia http://gigaom.com/2008/06/10/the-amazon-outage-fortresses-in-the-clouds/#comment-895401 Vectorpedia Sat, 23 Aug 2008 17:11:56 +0000 http://gigaom.com/?p=13736#comment-895401 <p>It seems like all websites now need some type of security...........interesting and informative article.</p> It seems like all websites now need some type of security………..interesting and informative article.

]]> By: The problem of monoculture | Bitcurrent http://gigaom.com/2008/06/10/the-amazon-outage-fortresses-in-the-clouds/#comment-886740 The problem of monoculture | Bitcurrent Wed, 02 Jul 2008 22:27:04 +0000 http://gigaom.com/?p=13736#comment-886740 <p>[...] wrote a piece a while back about how centralized computing makes a cloud a big target. I didn’t want to get into the biological origins of this stuff, but one commenter was right: [...]</p> [...] wrote a piece a while back about how centralized computing makes a cloud a big target. I didn’t want to get into the biological origins of this stuff, but one commenter was right: [...]

]]> By: Web Worker Daily » Archive Balsamiq Studios Makes a Case for Web Office Plugins « http://gigaom.com/2008/06/10/the-amazon-outage-fortresses-in-the-clouds/#comment-884443 Web Worker Daily » Archive Balsamiq Studios Makes a Case for Web Office Plugins « Thu, 19 Jun 2008 13:01:11 +0000 http://gigaom.com/?p=13736#comment-884443 <p>[...] what matters most to users? Their privacy, the security of their private information and the trust they have in the brand. Would you trust your private data with a company that might [...]</p> [...] what matters most to users? Their privacy, the security of their private information and the trust they have in the brand. Would you trust your private data with a company that might [...]

]]> By: Cory K. http://gigaom.com/2008/06/10/the-amazon-outage-fortresses-in-the-clouds/#comment-883358 Cory K. Thu, 12 Jun 2008 07:02:12 +0000 http://gigaom.com/?p=13736#comment-883358 <p>Heck right now we'd just settle for a the basics right now. Alister hits the nail on the head with a distributed cloud. We're on Mosso right now and the idea of Mosso's model is stellar. They make it easier for anyone to develop in the cloud. However, where the rubber meets the road, Mosso like all other cloud providers are stuck in a cruel irony. Unlike the cloud model the company itself can not throttle up as quickly as the cloud can. Right now their admin panel looks great to set up a new web site, and performed perfectly just a few months ago. As of the last 4-6 weeks, we're yet to get a web site provisioned without having to call Mosso. If it were a quick fix while in a chat session or phone call, I'd be happy to chalk that up to a bump in the road. But right now it takes a CSR to escalate the issue to an admin. That process takes no less than 24 hours. The last time I had to call, beg and plead to get moved up the que. Even though the CSR's are great that one web site took, over 72 hours to set up, then another 3-4 days to tweak it to work. We're not talking anything fancy here. It was a PHP/MySQl set up. As vanilla as it gets. They say that they are working on the problem, and hope to have it remedied soon, but the amount of time and money we have lost having development teams sitting and waiting because the clouds could clear at any second is not worth it for most smaller firms...the very ones that Mosso is targeting. Alister is right that we do need to distribute the cloud, and hopefully that the distribution will allow for the small guys to come out and enjoy the sun for a little while. But for us, those 72 hours cost us almost as much as it would have cost us to use Rackspace...Mosso's upstream. At least we'd have control over provisioning a simple web site.</p> Heck right now we’d just settle for a the basics right now. Alister hits the nail on the head with a distributed cloud. We’re on Mosso right now and the idea of Mosso’s model is stellar. They make it easier for anyone to develop in the cloud. However, where the rubber meets the road, Mosso like all other cloud providers are stuck in a cruel irony. Unlike the cloud model the company itself can not throttle up as quickly as the cloud can. Right now their admin panel looks great to set up a new web site, and performed perfectly just a few months ago. As of the last 4-6 weeks, we’re yet to get a web site provisioned without having to call Mosso. If it were a quick fix while in a chat session or phone call, I’d be happy to chalk that up to a bump in the road. But right now it takes a CSR to escalate the issue to an admin. That process takes no less than 24 hours. The last time I had to call, beg and plead to get moved up the que. Even though the CSR’s are great that one web site took, over 72 hours to set up, then another 3-4 days to tweak it to work. We’re not talking anything fancy here. It was a PHP/MySQl set up. As vanilla as it gets. They say that they are working on the problem, and hope to have it remedied soon, but the amount of time and money we have lost having development teams sitting and waiting because the clouds could clear at any second is not worth it for most smaller firms…the very ones that Mosso is targeting. Alister is right that we do need to distribute the cloud, and hopefully that the distribution will allow for the small guys to come out and enjoy the sun for a little while. But for us, those 72 hours cost us almost as much as it would have cost us to use Rackspace…Mosso’s upstream. At least we’d have control over provisioning a simple web site.

]]> By: WinExtra » From the Pipeline – 6.10.08 http://gigaom.com/2008/06/10/the-amazon-outage-fortresses-in-the-clouds/#comment-883249 WinExtra » From the Pipeline – 6.10.08 Wed, 11 Jun 2008 16:32:55 +0000 http://gigaom.com/?p=13736#comment-883249 <p>[...] Why Cloud Computing Needs Security :: GigaOM – while everyone seems to being all enthused over the idea of cloud computing no-one is talking seriously about the security implications of doing this. [...]</p> [...] Why Cloud Computing Needs Security :: GigaOM – while everyone seems to being all enthused over the idea of cloud computing no-one is talking seriously about the security implications of doing this. [...]

]]> By: Eric Novikoff http://gigaom.com/2008/06/10/the-amazon-outage-fortresses-in-the-clouds/#comment-883174 Eric Novikoff Wed, 11 Jun 2008 05:55:10 +0000 http://gigaom.com/?p=13736#comment-883174 <p>The combination of monoculture (literally planting only one kind of crop) in the cloud computing provider world with the faceless automated customer service of large corporations that think a self-service website can substitute for a real human answering the phone is a recipe for a security disaster. Cloud computing, with its low barriers to entry, attracts an increasing number of security-illiterate customers who depend on the cloud provider to provide security for them. However, not all providers offer such a plan, often assuming that the client has built security into their application, or thinking that the increased cost of security measures will make their cloud offering too expensive We have clients who have come to us after having their applications hacked inside Amazon EC2, with nobody to call for help and no internal expertise in security. If your provider has a detailed security plan in place, this can potentially improve your chances against hackers (especially the ones who just run bots to search for common exploits) but there's still nothing like designing your application from the ground up to be as secure as possible. We provide our clients with IDS/IPS hardware firewalls protecting their cloud-deployed applications, but the next exploit that the firewall vendor hasn't found yet is just around the corner waiting to take down applications written without consideration for security.</p> The combination of monoculture (literally planting only one kind of crop) in the cloud computing provider world with the faceless automated customer service of large corporations that think a self-service website can substitute for a real human answering the phone is a recipe for a security disaster. Cloud computing, with its low barriers to entry, attracts an increasing number of security-illiterate customers who depend on the cloud provider to provide security for them. However, not all providers offer such a plan, often assuming that the client has built security into their application, or thinking that the increased cost of security measures will make their cloud offering too expensive We have clients who have come to us after having their applications hacked inside Amazon EC2, with nobody to call for help and no internal expertise in security. If your provider has a detailed security plan in place, this can potentially improve your chances against hackers (especially the ones who just run bots to search for common exploits) but there’s still nothing like designing your application from the ground up to be as secure as possible. We provide our clients with IDS/IPS hardware firewalls protecting their cloud-deployed applications, but the next exploit that the firewall vendor hasn’t found yet is just around the corner waiting to take down applications written without consideration for security.

]]> By: friarminor http://gigaom.com/2008/06/10/the-amazon-outage-fortresses-in-the-clouds/#comment-883138 friarminor Wed, 11 Jun 2008 02:05:05 +0000 http://gigaom.com/?p=13736#comment-883138 <p>Definitely need a whole bunch of clouds to render such attacks less significant and non-appealing. Call it 'overcast', Alistair.</p> <p>Moat. I like as a form of delaying strategy and deterrent but as far as persistent hackers go, it will prove to be more of a challenge that it could still be breached.</p> <p>Best. alain mor.ph</p> Definitely need a whole bunch of clouds to render such attacks less significant and non-appealing. Call it ‘overcast’, Alistair.

Moat. I like as a form of delaying strategy and deterrent but as far as persistent hackers go, it will prove to be more of a challenge that it could still be breached.

Best. alain mor.ph

]]>