Re: One More Holey Bucket
The cloud provider may have better SecOps, but they aren't paid to look at the doors customers accidentally leave open. If they did, they would spend all their time liaising with end-users instead of doing the work that underpins their KPIs.
Besides, customer's don't like to be told they are stoopid. SecOps would very quicky tread on the Sales team's toes, and even end up getting fired. So that won't happen.
At the end of the day someone's else's security interests don't ensure your own security. Outsourcing that does not make it any less of a responsibility, except in the mind of hapless management. However until they are made responsible for the customer and corporate data they 'own' as a matter of routine, nothing will change...
Biting the hand that feeds IT
