Sign in / up

back to article Getting comfortable with cloud-based security: Whom to trust to do what

There are some bits of computing that you just don’t want to trust other people with. They’re just too sensitive. But at the same time, there are some things that people can do as well or better than you, for a lower cost. Finding a balance between the two can be tricky, but useful. Take cybersecurity as an example. It’s …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Hmmm..

    Depending on your risk tolerance, you can move more advanced cyber security functions into the cloud, such as identity management

    Since that tends to be hooked into access credential management I'd say that is really the one thing you do NOT want to hand off to a third party..

    7 0 Reply
    1. Sir Sham Cad
      Reply Icon

      Re: credential management

      Absolutely. Federated Active Directory scares me and I've had cloud hosting providers request the ability to connect to my domain controllers from the cloud and slurp my user credential data. Nope.

      6 0 Reply
  2. captain_solo

    Almost every customer I deal with has been told by the big cloud providers that "AD and Identity management are some of the first things our customers move to the cloud, it's easy!" while nearly every customer tell me "that is the last thing we are going to put in the cloud" so I don't think that is actually happening, its just the largest security barrier to cloud adoption so of course the big providers are pretending its no big deal.

    AD, LDAP, Access/Identity Management are very basic parts of the protection of any company's intellectual property, Defense of those systems and the networks that house them is critical, and so far, many of the cloud providers have somewhat less sophisticated and flexible options from a network isolation standpoint than you can custom build in house, plus multi-tenancy gives some security teams a bit of heartburn and that is probably completely sensible. Especially non-cloud-native applications and services sometimes were built with assumptions of security and isolation that don't exist in cloud environments in the same form. The transition can be a difficult one because many people don't understand requirements or limitations and instead are led to believe the slides and pretend that the money savings justifies drastic and risky migrations and buy into the magical thinking that "its the cloud, these guys know what they are doing and we do not"

    3 0 Reply
  3. Alistair
    Coat

    Key phrase :

    .....and buy into the magical thinking that "its the cloud, these guys know what they are doing and we do not"

    Sums it *all* up.

    5 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon