I just read an interesting and frightening blog entry by Pete Malcom:
http://wp.me/p1yZe9-78
in which he talked about how systems (and therefore your apps and data) can be taken from a service provider premises by the FBI under the Patriot Act.
In November, this occured within a data center in Virginia where the FBI went in and took 59 servers after making queries about a specific range of IP addresses. All 59 servers were returned but it took the provider, DigitalOne, 3 days to get most of the servers/apps back up and running. In some cases, they were unsuccessful.
So although there may have only been one “bad guy” it seems clear that there were apps (VMs) from multiple customers across those servers.
As Malcolm writes, the lesson to be learned here is that you should assume that if you’re using computing facilities that you don’t own (in the public cloud) you should assume that you’re sharing those systems with others. He also writes that this can have serious consequences for your systems, apps and your data.
Once again, this speaks to the concerns that organizations have about moving to the public cloud. You need to retain some level of control - if you move sensitive data to the cloud, make sure it’s encrypted in transit, at rest and make sure that any backups are also encrypted. Further, if you can control the encryption keys, you could avoid losing data to whoever takes any servers (or storage).
No comments:
Post a Comment