9 posts • joined 3 Nov 2010
Networks and Encryption
The key with Encryption is key management. You want to have a split key with multiple parties that are required to come together to decrypt the data. This is part of the Payment Card Industry/Data Security Standard.
e.g. In our case one key holder has been through the NHS vetting for controlling patent data, and the other key holders have been through the Developed Vetting process for Official Secrets.
The other part is understanding that if you connect to a network then the system is _NOT_ secure. No system that is connected to a network is secure, and you need to do a lot of work to provide a reasonable assurance of security.
There are some economies of scale that a cloud provider hosting an ecommerce application as core business is likely to have more security resources than a corporate office along with the network segmentation to protect against cleaners/temporary staff having access to the network.
If you want cheap security, stand alone PC's with removable hard drives that go into high quality safe, when not in use, is a cheap solution. You need to physically remove USB, floppy and other interfaces or solder them up (cheaper if destructive).
Fibre networks and 3 meter air gaps as firewalls works well, but is a bit more expensive.
Otherwise, a cloud is probably your next best bet if you are going to connect to the internet.
All the best - Ronald - @UK PLC
Cloud needs to host providers core application
If you want something that is secure, reliable and scalable, then you can SLA to death, but it is much better to have something where your interest and the providers interest is aligned.
e.g. @UK PLC provides ecommerce, and is one of the larger customers on its ecommerce engine.
Thus the @UK PLC cloud _MUST_ be Payment Card Industry/Data Security Standard compliant, and security is obviously important, so our system is audited on a daily basis vs the PCI requirement of quarterly audits.
If you are on a managed cloud by xyz hardware or hosting vendor, then clearly they want to ensure it is secure etc etc, but they are not in the same position as someone that is also running their business on the same cloud as you are.
There is also an interest in charging you to do security audits etc to meet your requirements, since this is where they get the nice consultancy revenues as opposed to just bundling in compliance.
Finally, the key part of security is application security, and if you are picking or writing the applications that run on the infrastructure, you have just taken responsibility for all the security holes or added a very nice consulting fee to verify all these applications security and configuration.
In our case we provide the application and manage its security, and you build using our platform if you want to sit under our PCI/DSS compliance. If you want VM/Bare metal hosting, then the costs of compliance go up spectacularly.
All the best - Ronald - @UK PLC
The key bit is being able to extract your data and migrate it somewhere else if you need to move.
E.G. We had a customer with a great ecommerce site, they tried to sell the business a couple of years ago, and the purchasers wanted to know who owned the IPR. It was running on our Cloud (before cloud hype arrived, today we could probably go on about it being on the UK's leading cloud etc etc and how sexy they were along with our migration guarantee).
Anyway, we helped them build a standalone site, and then replicated the data onto the site, and managed the switch over so there was no data loss and a clean migration to the new site.
It is no longer multi datacentre, load balanced always up etc, but the buyers lawyers are happy and they sold the company to the new owners. We may get them back at some point when they need to upgrade things, and find that this is a little more difficult.
All the best
Microsoft are meant to be switching to the cloud but are NOT yet eating their own dog food
I spoke with their UK CTO last year, and the plan then was that they were going to have 90% of their developers working on Cloud by this year, and that they would deploy 12,000 servers a month for the infrastructure ( the same no as Face book have).
That was the rhetoric.
I think the reality will be a bit more like when they said hotmail would move to Exchange (never happened because no matter how much hardware you have Exchange would not cope with that user base).
When Azure runs Bing, Hotmail and MSN then it will be tried and tested.
The same goes for Google Apps, when it runs google search it will be tried and tested.
In the meantime Saleforce and @UK PLC run their core applications on their clouds, and developed the clouds over the past 10 years to meet the demands of running the core applications.
* 100% uptime,
* No downtime for upgrades
* Scales to meet demand
* etc etc
Amazon EC2 is allowing people to share the infrastructure, rather than the software platform and infrastructure, but at least I assume that the core system is also running on this infrastructure.
It is a really good idea to put your infrastructure on a company that will give you a phone number in case it all goes hideously wrong.
At this years cloud summit all the panellists agreed that support from Google and Amazon was non-existant and it took months for Amazon to agree that part of the cluster was corrupt. Google was post into the forum and pray.
NO idea what support is like for Azure since there were no customers to talk to.
SalesForce are good at communicating - no idea on support
@UK PLC have a million users and we publish our phone number
So you can phone us up, and if you are local can visit and personally rant. However, we have learnt that it is much better if everything just works all the time.
All the best
Risk Assessment is straightforward
Use an appropriate standard that provides a higher level of assurance than your current processes.
It is highly unlikely that your current processes will pass PCI/DSS (Payment Card Industry Data security Standard), so if you out source your email scanning to someone that passes PCI/DSS you have given the job to some one that has passed a much higher level of vetting than your current operation and is thus lower risk...
PS If you look at most cloud systems they have all the usual stuff.
Data centres, firewalls , physical security etc. There is just a bit more investment in on demand flexibility and distributed storage which make sense for any one that wants 100% uptime.
You are just jumping on the back of someone else investment.
A more important issue is can you phone them up if it goes wrong.
E.g. At the cloud summit some one explained that support from Amazon and Google was similar (non existent) post in a forum and wait 3 months.
Thanks for some balance at last
We have over 1 million users on a PCI/DSS certified cloud platform based in the UK.
There are different sorts of cloud platforms, so a system that focuses on ecommerce and eprocurement is likely to be more secure than one that focuses on broad casting text messages.
There are different sorts of security standards.
Government standards e.g. Everything above impact level 3 is prohibited from connection to the internet. (If you are serious about security do not connect to the net).
PCI/DSS (Payment Card Industry Data Security Standard) PCI/DSS requires a good information security policy and has a large number of mandatory controls that go right down into how applications are coded, scans and penetration tests. (Best practical security we have come across).
ISO 27001 make up your asset list, think of the associated risks, evaluate the risks, and choose if you want to mitigate or not, then document all the above, and be audited on if you follow the documentation. (It works well with PCI/DSS which ensures that you have appropriate controls). Otherwise you have no idea if the controls are something that are acceptable to you as a customer.
The bottom line is that most cloud platforms have a much much better security record than any normal commercial company, since it is much more important to the cloud platform.
In terms of our user base, our customers accepted that we were secure about 5 years ago and it is only new customers that we have to explain how we keep their information secure, and it is a lot less of a concern to our customers.
Privacy - is straight forward, our customers information is private end of story, so we have not had any issues with privacy.
Carbon costs £ 12 per ton, this is a very small additional cost
We have now carbon footprinted over 3.6 million items, and we run 2 datacentres.
The carbon cost on our datacentres is very small, and is not going to affect us going carbon neutral as a business.
Findel Education used us to carbon footprint their catalogues and over 80% of the items had a carbon offset cost of less than 0.1p
Job losses in Datacentres is not an issue around CRC.
What is an issue is that most of the carbon in our country comes from unmeasured sources like goods and services and not from Electricity and travel, and we need to start looking at the carbon cost of the copier paper and the laptops and not just large energy bills.
The issue of exporting jobs to countries with cheaper power is an issue, and it would be better to measure the carbon content of all goods and services including imported goods and services to get a more balanced picture.
However, the carbon tax on electricity is very very small compared with the tax on petrol.
- Very fabric of space-time RIPPED apart in latest Hubble pic
- 10 years of Facebook Inside Facebook's engineering labs: Hardware heaven, HP hell – PICTURES
- Dell charges £16 TO INSTALL FIREFOX on PCs – Mozilla is miffed
- Google! and! Facebook! IDs! face! Yahoo! login! BAN!
- CIA snoops snooped on Senate to spy spy torture report – report