Providing Insight Into the Cloud Computing Security, Privacy and Related Threats

Cloud Security Journal

Subscribe to Cloud Security Journal : eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Cloud Security Journal : homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

Gartner says by 2020, a corporate "No-Cloud" Policy will be as rare as a "No-Internet" policy is today and specifically the Infrastructure as a Service (IaaS) market is projected to continue to grow more than 25 percent per year through 2019. This surge in cloud adoption also represents a huge shift in cloud spending by IT organizations, directly or indirectly affecting more than $1 trillion dollars in Cloud IT purchases by 2020, according to Gartner. Of course, not every enterprise app and data bit will move fully to the cloud. To quote yet another study - this one by North Bridge Venture Partners and GigaOM Research - many of these deployments will be hybrid in nature. For enterprises and smaller organizations alike, it's essential to build a cloud strategy that adopts public and private cloud resources, on-premise systems, containers, and more. Research confirms... (more)

Global Study: Cloud Computing Provides Real Business Benefits, but Fear of Security and Control is Slowing Adoption

Contrary to conventional wisdom, the vast majority of business and IT executives report that cloud computing is a viable technology option that can improve a company's bottom-line results according to a new global survey conducted by an independent market research firm. Proof positive of the growth in cloud are findings that show 37 per cent of Canadian companies currently use a combination of cloud computing and internally owned IT systems compared to only one-third of companies worldwide. However, despite growing evidence that cloud-based systems have the potential to lower costs, the majority of companies report no plans to integrate cloud computing in the next 12 months. The study, commissioned by Avanade, a global IT consultancy, surveying more than 500 global C-level executives and IT managers in 17 countries, comes at a crucial time for the technology indus... (more)

Nick Carr's Cloud-Network Disconnect

Virtualization and cloud computing are promising to change the way in which IT services are delivered and, in effect, transform computing as we know it today.  I think the promises are likely to come true, if and only if critical technology issues are addressed. Nicholas Carr told a recent audience at IDC Directions that "Cloud computing has become the center of investment and innovation."   While he is not a technologist, his sometimes shocking insight into the transformation of IT have been prescient, even if he doesn't sweat the details of how complex IT infrastructures can morph into the equivalent of today's public utilities. To his credit Carr has predicted the rise of the cloud computing press release, multiple cloud conferences and panels and even the SaaS repositioning exercise.  He also foresaw the rise in Amazon and Google cloud announcements, perhaps year... (more)

Security Looms Large as Major Cloud Computing Issue for Enterprise IT

With Sun's Open Cloud Platform announced today, the industry took one step closer toward virtual private data centers being a reality. But one key aspect that enterprises must quickly get up to speed on is not only how to protect clusters of servers to the cloud with a security perimeter. Anyone serious about deploying Enterprise IT to the cloud must understand the unique characteristics of cloud security and the challenges specific to compliance and governance. This is widely understood in the industry. Patrick Kerpan, for example, CTO of CohesiveFT, comments: "According to leading industry analysts, security is one of the gating factors preventing Enterprise adoption of cloud solutions. This session will outline key considerations when evaluating virtual cloud solutions and explore how companies can secure their assets in the cloud." And Omer Trajman, Director of F... (more)

Industry Leaders Form Cloud Security Alliance; Will Unveil Inaugural Findings at RSA Conference 2009

Key leaders within both the information security and cloud computing industries today announced the formation of the Cloud Security Alliance, to be formally launched at the RSA Conference 2009, in San Francisco on April 21, 2009. The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. "The very nature of how businesses use information technology is being transformed by the 'on-demand' cloud computing model," said Dave Cullinane, Chief Information Security Officer at eBay, Inc. "It is imperative that information security leaders are engaged at this early stage to help assure that the rapid adoption of cloud computing builds in information security best p... (more)

SYS-CON.TV: Cloud Computing Expo Power Panel

SYS-CON's 4th International Cloud Computing Conference & Expo takes place November 2-4, 2009, at the Santa Clara Convention Center in Santa Clara, CA. View the Conference Main Page Here ! With an ever-increasing number of companies now buying computing, storage, and networking power as they need it from the cloud, SYS-CON.TV recently invited four leading industry thought leaders to discuss how Cloud Computing brings the economics of the Web to Enterprise IT and where the move to the cloud will take the industry overall. The participants are Amazon.com VP & CTO, Werner Vogels; Rackspace CTO, John Engates; Booz Allen Hamilton Principal, Rod Fontecilla; and Sun's CTO of Global Sales & Services, Hal Stern. View SYS-CON.TV's Cloud Computing Power Panel Live from Times Square here. The participants were (left to right, after SYS-CON.TV Host Jeremy Geelan): WERNER VOGELS - VP &... (more)

Cloud Computing as a Zero Sum Game

From governments to the ordinary individual the Internet has become central to our personal technological identity. The term "cloud" has become an all encompassing buzz word open to interpretation meaning everything and nothing, meaningful and meaningless. Recently I have begun to hear a common quote propagate through the tech scene, the quote made famous by Nick Carr focuses on a supposed "big switch" that is occurring within the technology world. Although the quote is being thrown around frequently, one major issue remain -- the perception that cloud computing is an all or nothing option. The problem with this all or nothing mentality is it places cloud computing as a binary option, where the payoff is absolute or nothing at all. The answer isn't that simple. Like most emerging technologies cloud computing isn't a zero sum game that hinges on the notion that "there... (more)

Redux: The Rise of Dark Cloud Computing

Recently Andreas M. Antonopoulos wrote a story for Computer World / Network World titled "Dark cloud computing" which seems to borrow a key concept from a post I wrote almost a year ago. So I thought I'd go ahead and repost my original "The Rise of The Dark Cloud" from Saturday, July 26, 2008 ----------- The Rise of The Dark Cloud For nearly as long as the internet has been around there have been private subnetworks called the darknets. These private, covert and often secret networks were typically formed as decentralized groups of people engaged in the sharing of information, computing resources and communications typically for illegal activities. Recently there has been a resurgence in interest of the darknet ranging from the more unsavory such as P2P filesharing and botnets as well as more mainstream usages such as inter-government information sharing, bandwidth a... (more)

Federal Cloud Capability RFI Released by U.S. Government

I'm happy to be able to disclose today that the Federal Government of the United States released its cloud computing RFI earlier this afternoon. Enomaly was fortunate to have been included in recent consultations with the government, and we've been impressed by the vision of this administration and the speed with which they've taken action. What makes this RFI especially exciting is that for the first time things are really starting to move very quickly toward the creation of a federal cloud capability including an actual budget which has been included in the 2010 federal budget recommendation released earlier this week by the White House. In reviewing the Federal Cloud RFI it seems that a federal "elastic computing cloud" may soon be a reality. To give you some background, the RFI is provided by the GSA Office of the Chief Information Officer (OCIO), in concert with ... (more)

Cloud Computing and Per Usage Software Billing

The cloud hosting & service provider market seem to be becoming the key battle ground for cloud enablers formerly known as virtualization vendors. Following upon recent announcements from VMware and Cisco, Citrix has announced a Service Provider Program aimed squarely at service/hosting providers who deliver software services and hosted applications to end-user customers on a rental, subscription or services basis, A.K.A. Cloud Service Providers (CSP). The most interesting aspect of the new program has to do with Citrix's approach to billing. The program is designed with cloud business goals in mind with no up-front license fee commitments. Cloud hosters need only submit monthly usage reports and are invoiced accordingly. The program is being offered as part of Citrix Cloud Center (C3) which they describe as designed to give cloud providers a complete set of service... (more)

Cloud Computing's Watershed Week

As someone who has been following cloud computing since the start, there have been a few key moments in the progression of cloud computing from a fringe term to main stream concept. Among these include August 2006 with the private beta launch of Amazon EC2, June 2008 with what is now described as the "Week of Cloud" in San Francisco which included the launch of CloudCamp as well as several key cloud conferences. I believe this week is one of those times with the U.S Government's formal and vocal adoption of cloud computing. I'd like to recap a few of the important things have happened over the last week or so. The U.S Federal Government has indicated they have hired Patrick Stingley as federal cloud CTO (Federal Cloud Czar). The White House unveiled a Cross-Cutting Programs Document that outlines the administration's 2010 budget requests including pilot projects that i... (more)