Cloud Roundup: Security, Stability At Issue
December 19th, 2008 By: Rich Miller
Are cloud providers responsive enough to security vulnerabilities? Are cloud computing platforms reliable enough for critical infrastructure? Is confusion about the difference between grid computing and cloud computing slowing cloud adoption? For perspectives on these questions, check out today’s cloud computing links:
- Amazon Web Services took more than seven months to address a potentially serious security vulnerability, according to Craig Balding at Cloud Security. A cryptographic weakness in request signing code for EC2, SimpleDB and SQS created the potential for data to be intercepted via a “man in the middle attack,” writes Balding, who suggests that Amazon should have closed the hole more quickly and done a better job notifying customers. “The geek in me loves Amazon AWS and the promise that it holds, but the Security Professional rooted in the ‘here and now’ is seeing too many red flags (the issues are wider than the handling of this one bug).”
- UK analyst firm Ovum is warning companies to avoid using the cloud for critical infrastructure, arguing that cloud platforms’ reliability has not kept pace with the hype. “Enterprises are right to be cautious about relying on such consumer/SME-oriented suppliers for anything resembling a mission-critical application or service,” said research firm Ovum in a report, saying a “spate of service outages” on the Amazon and Google platforms provides ample reason for caution.
- At Elastic Vapor, Reuven Cohen says resisetance by grid computing professionals may be slowing adoption of cloud computing by Wall Street. ”In a conversation yesterday with prominent wall street grid advocate, he bluntly said that no bank would use external (cloud) resources anytime in the near future and that a uniform cloud interface was a hopeless cause,” Reuven writes. “This is pretty much exactly the opposite from what I’m hearing from several high level IT folks within the banking industry.”