Cloud Computing – Security Implications

6 October 2011, 10:51 pm

I’ve been working for a while on a policy and associated procedures for Trinity College Dublin to enable us to leverage various cloud technologies and services for the benefit of the college. What has struck me is the complexity of dealing with the topic in a large-scale environment.

As consumers, many of us use cloud services every day; examples are Gmail and Hotmail for email; Amazon Cloud Drive and Dropbox for file storage; Google Docs, Docs.com and Microsoft Skydrive for document processing; Twitter, Facebook, Google+ and LinkedIn for social networking, etc. Many of us tend to use these and other services with little thought being given to security, data protection, privacy, identity theft, ownership of data, etc. When considered from a corporate or business perspective, these issues are significantly more important and take on many complex legal aspects. Yet, in a corporate and, indeed, an educational environment, there is significant pressure to enable these services in the business context, since end users and familiar with them from personal use.

Pursuing another interest of mine this evening – Internet Radio – I came across C-SPAN Radio and just happened to stumble upon the live proceedings of the US Committee on Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies, on 6 October 2011, discussing the issue of the security implications of cloud computing. The Committee was addressed by very influential people in the area of information technology, information security, education and regulation:

The Honorable Richard Spires,  Chief Information Officer , U.S. Department of Homeland Security
Dr. David McClure, Ph.D.,  Associate Administrator , Office of Citizen Services and Innovative Technologies,  U.S. General Services Administration
Mr. Greg Wilshusen,  Director of Information Security Issues , Government Accountability Office
Mr. James W. Sheaffer,  President , North American Public Sector , Computer Sciences Corporation
Mr. Timothy Brown , Senior Vice President and Chief Architect for Security,  CA Technologies
Mr. James R. Bottum , Vice Provost for Computing & Information Technology  and Chief Information Officer , Clemson University
Mr. John Curran , Chief Executive Officer , American Registry of Internet Numbers

Each contributor submitted a paper to the Subcommittee and they are all available on the Subcommittee’s website. So if you are looking for what the current areas of concern are in relation to security and cloud computing, why not pick up the papers and listen back to the oral testimony.

Links to the papers (PDF)

What is your organisation doing about security and cloud computing? Do you have a cloud computing policy or are your end users simply using cloud services without regard to existing policy or legislation? Please leave a comment and let me know.

If you found this post interesting, you might also like:

Receive new articles from johnlawlor.ie by subscribing to my RSS Feed or by email subscription. You can also share this post by using one or more of the buttons at the top and bottom of the post. Thanks for visiting!

Filed under Technology Tagged Amazon, Amazon Cloud Drive, ARIN, C-SPAN, CA Technologies, Clemson University, Cloud Computing, Computer Sciences Corporation, CSC, data privacy, data protection, data security, Docs.com, Dropbox, facebook, Gmail, google, Google Docs, Government Accountability Office, Homeland Security, Hotmail, identity theft, Internet, Internet Radio, LinkedIn, Microsoft, privacy, security, Skydrive, Social Media, social networking, TCD, Trinity College Dublin, Twitter, USA

Comment (RSS) | Trackback | Permalink

John Lawlor

Leave a Reply

Upcoming Events

Categories

Archives

Connect with John

Subscribe to johnlawlor.ie

John Lawlor