Wanna see something reallyscary*? Read NIST’s US Government Cloud Computing Technology Roadmap Volume I, an 86 page tome covering “High-Priority Requirements to Further USG Agency Cloud Computing Adoption” that misses the point on cloud safety. In fact, the word safety doesn’t appear anywhere in NIST’s proposed guidelines. What NIST does cover is the same tired discussion of cloud security.
The bad guys will get in. Then what? Not a word about how to stop them destroying all your data with a few mouse clicks. They even give classical business continuity short shrift. Section 5.3.8 on “Business Continuity and Disaster Recovery” is a few paragraphs. Seriously? The word “safeguard” appears once in the whole document.
Perhaps its because clouds are so fluffy that nobody seems to think they are dangerous. Cloud computing is a great brand name. When you are surrounded by clouds, it’s like being protected by a blanket. That’s the image, but the reality is that cloud computing is unsafe, and the industry hopes you won’t notice.
We need cloud providers to emphasize cloud safety: making sure that once the bad guys get in that they can’t destroy your business with a few mouse clicks. It happened on June 17, and it will happen again.
We need airbags for the cloud to secure our data. We need ways to assure that production data aren’t destroyed when someone makes a mistake.
You have a trash can on your desktop, and we need the same thing for cloud consoles. System admins need security codes to lockdown a business’s cloud when someone gets in, just like we have in schools. Bad guys can’t be stopped, but we can limit the damage they do with these simple methods.
Join our LinkedIn group to learn more how you can help raise awareness about cloud safety.