When you’re discussing technology, it’s easy to look at its merits based on an abstracted view. What I mean is, you can look at its features, costs, and architecture in isolation from the reality of your organization. When this process involves a lot of capital investment, it often requires further analysis that can put a damper on this more idealistic way of viewing it.
The problem we often see with the cloud is that because the barrier to entry is often so low, very often projects are begun with rose-colored glasses still intact. As Keith Townsend points out on this CTO Dose video, the reason we often see large insecurities around unencrypted S3 buckets isn’t due to technical deficiency (other than Amazon made them by default unencrypted for far too long).
Instead the security issue comes down to process and people. Bad security culture could be excused when IT lived within an on-site data center. But when that same culture goes to the cloud, the vulnerabilities seep into consciousness. That’s because technology as a platonic ideal isn’t very useful. It will inevitably go through the company cultural matrix, becoming a reflection of it in the process. Technology can enable better security, but without training to change corporate culture it cannot do so alone.
Keith Townsend comments:
Read more at: Why is public cloud security so hard?
- Kasten Brings Enterprise Storage Features to Cloud-Native Applications - March 23, 2018
- Router vs. Switch - March 22, 2018
- Technology is Not Platonic - February 19, 2018
- Cloudian Announces HyperStore 7 – Gets Super Cloudy - January 25, 2018
- Runecast Analyzer 1.6.5 detects MeltDown and Spectre chip issues - January 12, 2018
- A Docker and Iperf3 Tutorial - January 4, 2018
- Licensing – It never gets better, it just gets more awkward - December 15, 2017
- Commvault GO 2017 Keynote Live Blog! - November 7, 2017
- The History of Email - October 9, 2017
- HyTrust wings in to scoop up a fatally wounded Data Gravity - July 14, 2017