Over time, organizations have grappled with shifts in security resulting from changes in where and how data is stored. As PCs entered the workplace, we changed from storing data in a monitored and managed data center to a distributed, networked environment. We are still dealing with effects of this change as we implement policy and controls to identify, manage/protect, and monitor data stored on workstations and servers.
In an interesting perspective, Alan Shimel reported on an idea that General Alexander has proposed to use cloud computing to re-take control of U.S. military data by centralizing it in a well-managed cloud. The essence of the approach is to store data in the cloud and use thin clients to access the data. By implementing strong monitoring and controls in the cloud, data can be protected yet accessed wherever and whenever needed.
One of my concerns with cloud computing has been that users can sign up for cloud services and store confidential data anywhere in the world without having gone through the vetting necessary for corporate services (legal, governance & compliance, data lifecycle management, loss protection, etc). If it is conceivable for an organization (especially the size of the U.S. military) to create a single, central cloud environment and manage access & data to that cloud, then that turns my perspective of cloud computing from being fraught with dangers of data loss into one where the cloud can enable strong data security.
No comments:
Post a Comment