CloudNod

In a previous post I discussed my opinion on why SaaS is the most secure option right now, better than PaaS and IaaS.  The short version is that because security is forced on you at all layers, and that super smart security people are responsible for that security, so the security you get with SaaS is “best” right now.

So why is cluelessness the biggest threat for cloud?  Because the tens of thousands of IT workers who bear some kind of security responsibility inside of IT shops around the world are now fiddling with cloud computing.  If not already, then “soon”, many of these orgs will start asking those IT workers to move data, applications and systems out to the cloud.  Bottom line is that these people are clueless about what it takes to secure IaaS or PaaS environments.  Sure, you can do a lot of reading and follow excellent guidance like what the CSA put out… but best case is that you do a decent job.  Most likely you do a less than decent job, and that is the problem.

That problem for your organization is really a much larger problem for the cloud industry.  The media jumps any time there is even a tiny problem or issue that involves cloud computing right now, and the C-level folks that are writing checks for cloud migration projects jump even higher.

My advice?  If you don’t feel good about your cloud security “skillz”, stick with SaaS or hire someone that knows what they are doing to help you.  There is too much benefit from cloud to let a few bad headlines slow us down.  Don’t be a statistic, mannnnn…..  :)

Follow Scott Sanchez on twitter for more ramblings: @scottsanchez