LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Condense Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Sender:	Records Management Program <[log in to unmask]>
Date:	Fri, 22 Jul 2011 07:05:53 -0600
Reply-To:	Records Management Program <[log in to unmask]>
Subject:	Re: RAINdrip: Cloud is not ideal for every company...
MIME-Version:	1.0
Content-Transfer-Encoding:	8bit
In-Reply-To:	<[log in to unmask]>
Content-Type:	text/plain; charset="UTF-8"
From:	Jesse Wilkins <[log in to unmask]>
Parts/Attachments:	text/plain (29 lines)

Sorry, this is FUD masquerading as an article. Consider the following statement: "...it would be unwise for organizations with sensitive, financial or medical data to store it with offsite vendors due to the inherent security, transportation, and natural disaster risks giant warehouses present...."

Anyone here have records stored offsite? Yes, most of you can put your hands down now.

And this statement: "The problem with the cloud and with any online application is that online security is really pretty bad and I don't expect that to improve significantly. And the reason it is so bad is that information is sellable, so if someone steals it, they can sell it," Ms Trembly told the source.

Is simply indefensible. Again...."The problem with offsite storage is that inserting humans into security and transport processes is really bad and I don't expect that to improve significantly. And the reason it is so bad is that information is sellable, so if someone steals it, they can sell it."

I agree with Larry's point about evaluating risk, but everything has risk - including both offsite storage and onsite storage. If you think you have better network security than, oh, Google or Amazon, you either work for a three-letter agency (MAYBE!) or you're deluding yourself. The major SaaS/cloud/hosted providers have penetration testers whose pay is based on finding vulnerabilities, and the hacker who breaches Google will be rich and infamous beyond measure which is a powerful incentive. So when was the last time Google was hacked? Oh yeah...never. When Google and other large providers have had security breaches it's been due to social engineering of individuals' accounts or of network administrators' - which could happen to your offsite vendor's driver or accounts manager, or your network administrator, etc.

The reason so many gigantic, sensitive, and highly regulated organizations are going to the cloud is only partly because of cost - it's mostly to reduce complexity and operational uncertainty and the risks associated with providing and managing their own infrastructure.

So don't believe the cloud hype - but don't believe the cloud doom & gloom, either. Do your due diligence and make the choice based on your operational requirements and risk tolerance, and understand that cloud is not inherently any riskier than any other offsite or outsourcing.

Respectfully,

Jesse Wilkins, CRM
Director, Systems of Engagement
AIIM International
[log in to unmask]
http://www.aiim.org
(303) 574-0749 direct
Twitter: @jessewilkins

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US