How Secure is the Cloud?

It should come as no surprise that security is the 800-pound gorilla in the room of cloud services for the larger companies. I wrote a few months ago (Cloud Computing: Taking an Holistic View)  that the only way I could see public cloud failing is if there was a big security scare.  True to form, at the recent Black Hat USA conference in Las Vegas, a number of security researchers demonstrated new ways of attacking cloud computing services. Claims were made about how to hack through Amazon's cloud infrastructure, Apple's MobileMe service, and Salesforce.com's cloud platform.

Of course external hacking is only one of the 'security' concerns.  Other concerns related to fears about

· all your eggs being in one basket and the provider internal processes being either inadequate or suffering a catastrophic failure which damages or loses your data irreparably

· Putting too much trust in the applications already created within existing cloud infrastructures – many of which have been created by unrelated third parties.

· Lack of encryption in some of the cloud environments.  Seemingly encryption in a virtual environment is somehow more difficult than encryption in a dedicated environment – I’ll leave that up to the mathematicians to explain!

Whether any of these concerns stand up to serious scrutiny is unknown, but the key point as far as I’m concerned is that perception is reality in this sort of new trust based industry.  If people believe public cloud to be insecure, then ..... watch this space !