Throughout this workshop, we’ve been looking at resiliency and security for hosted applications. The feedback we’ve had back from you is that a track record of security and privacy are at the heart of creating a feeling of trust towards a service provider. What’s also plain is many of you feel that these issues are not at all …
security policies and procedures
Hosted apps, a solution in search of a problem. Once you download and run someone elses code on your machine, then security is out the window. How about implimenting single-sign-on and locking down the database to authorized users, eg, staff, accounts, warehouse etc ...?
Convenience vs Security, IT staff made obsolete by SaaS/Cloud
I will be the first one to say it: Many people that work on only ONE aspect of IT that maybe covers development of portals, etc. are worried that they'll be out of a job, so we'll say anything to keep management from making the decision to go that way. Though, there is much truth to the defensive stance against the cloud, as it has yet to prove itself.
Now, on the other hand, security is not an issue for management/"decision makers" because it's "not their problem". Well, until all that medical data that was stored in some unstable country gets out....
The "cloud/SaaS" technology has come and gone in many different forms, First, the Terminal, then to personal computers, then to thin clients, then back to full workstations, now "THE CLOUD" etc. etc. There's also an option to run your own cloud, as many "cloud people" say. How is this different from thin clients, or roaming profiles? Not very.
It is a cycle, and as soon as "everyone" has gone to the elusive "cloud" they will want their data (and privacy) back on their own servers/machines.
It is cyclical, and is annoying to many extents.