LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Two Sessions posted on Trusting the Cloud
From:	Jesse Wilkins <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Wed, 13 May 2015 09:03:52 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (45 lines)

Of all the issues associated with cloud, I'd consider third-party hacking
to be the least likely, at least for the major cloud providers, for a
couple of reasons. First, most hacking isn't done by third parties, but
rather comes from disgruntled employees or former employees inside the
firewall. Having a cloud provider actually eliminates that to great extent
because it's not your employees, and the robust disaster recovery and
continuity measures present at most cloud providers' data centers would
cover a disgruntled cloud employee's attempts to sabotage.

Second, those providers are huge, gigantic, ginormous targets for everyone
from "script kiddies" to serious black-hat hackers to state entities. The
fact that Amazon, Microsoft, Google, etc. do *not* get hacked on a regular
basis is testament to the importance they assign to security. And in fact
most of them hire the best and brightest hackers they can find and
incentivize them to hack their security such that sophisticated penetration
testing happens on a very frequent if not ongoing basis.

I'd argue in fact that the large cloud providers have better security than
all but the largest and most sophisticated organizations. No matter how
good your IT team is, they are probably not equal to the resources a
Microsoft or Amazon or whomever can bring to bear in terms of security
design and testing.

There are other issues associated with cloud, some of which have already
been addressed in this thread. But to me, your primary concern with cloud
would be in doing due diligence. Just as you wouldn't hire Jesse's Bait
Shop & Records Storage for your physical records, you probably shouldn't
hire Jesse's Bait Shop & Cloud Storage for your cloud storage needs. But if
you go with a major provider, who does things the right way, you can have
every bit as much confidence in them as you would with onsite data centers
- and in fact more because if your data center goes down, you're out of
luck. The major cloud providers just don't go down.

Just my tuppence on a cloudy Colorado morning,

Jesse Wilkins, CIP, CRM, IGP
[log in to unmask]
blog: http://informata.blogspot.com
Twitter: http://www.twitter.com/jessewilkins

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US