Friday 8 October 2010

To Cloud or Not to Cloud

I've been asked quite a few times, "when will it be a good time to get into cloud computing?" by potential clients. My answer is typically it depends... I know, I know.... not much direction there, but really it all depends. Why ?

Well, some may state, "we all know of the much beaten security concerns, and we will ensure that systems on our end are secured and synced to work in tandem with the vendors' security."
Can one ensure some degree of monitoring by the implementation of an Intrusion Detection System (IDS) residing within the system hosting the gateway into the cloud?

The intent of such an implementation can be to monitor the cloud gateway system's software for anomalies, variances from expected traffic and quantity of access into an enterprise's cloud service.But will it be effective enough?


We all remember the buzz and the alarm over adopting the cloud that the occurred from the Bitbucket-EC2 debacle last year and the stories about the back and forth that left Bitbucket's services unavailable for an "eternity" in "internet time" until the EC2 team acknowledged an issue.

Were they hacked? They were DDoSed as most of you already know. Hacking as we know it today, is a for profit enterprise. But can hacking in the cloud become a common instance considering the large enterprises that are vendors, the clients they can or are providing services for, and the levels of security, disaster recovery and back up plans that these vendors claim are in place?

Maybe, but I believe that there is a good chance that any such instance can be caught and dealt with in a manner more expeditious due to the processes in place at these larger vendor facilities than it would at a smaller enterprise. I am not saying that a smaller enterprise can not mitigate an attack, just that the larger cloud vendor will have more resources to act with.

According to some, the cloud is a hackers trove of resources to say launch a DDoS attack. My question is then, to date how many such attacks have occurred with regard to a cloud deployment? Less than a dozen I believe in the last nine months, this simply because there is no real profit in a DDoS within this environment. Unless of course the aim for whatever reason is to stop traffic to a site and disrupt operations as in the case of Bitbucket.

http://cloudcomputing.sys-con.com/node/1539306


Join Us: http://bit.ly/joincloud
Posted by Scott Dobson at 14:00
Labels:

1 comment:

jodie said...

You might find that Cloud Computing is not right for your company and maybe not one Cloud solution - some companies might be best suited entirely in the Cloud and some might be better off with a hybrid solution. When determining your needs for Cloud or on-premise solutions, don’t forget to check out Microsoft’s offerings: http://smb.ms/OutreachcyOXfC

Regards,
Jodi E.
Microsoft SMB Outreach Team
msftoft@microsoft.com

8 October 2010 at 17:34

Post a Comment

Subscribe to: Post Comments (Atom)