I got to attend the latest Cloud Camp in London last Thursday night (there has to be some advantages to working the less civilised parts of the UK :-)...
Highlights for me were the lightning talk from Mark Cusack from Rainstor outlining some very interesting ideas around storing data in the cloud for compliance purposes when retiring database applications and the Microsoft talk on Azure. In particular the .NET Service Service Bus demo was both pretty cool and pretty scary at the same time. I can certainly appreciate the benefits from being able to quickly and easily publish web services securely via the .NET Services Service Bus (c'mon Microsoft, call it Azure Service Bus and save our typing fingers!) however securing the services in transit is not the be all and end all. What scares me is the almost certain eventuality of employees deciding to write their own wrappers around internal services that should never be exposed outside of the organisation and using the Service Bus to make such services available over the Internet. But, hey, the network traffic's encrypted over an authenticated channel so everything's ok... no?
I've previously blogged about the need for organisations to start monitoring for potential unauthorised use of cloud services. I'd like to emphasis that need again - and organisations shoud also consider blocking access to the .NET Services service bus until they have a suitable policy in place regarding use of such services.
Subscribe to:
Post Comments (Atom)
1 comment:
Thanks for highlighting my lightning talk, the presentation is available at http://tinyurl.com/mrlgfc. There was also some lively debate about Azure in the various discussion groups and regardless of your view on MS’s offering it was good to see the debate moving from just IaaS and how to manage tin in the cloud, to PaaS/SaaS and how best to manage data and information in the cloud.
Post a Comment