Several recent MFT Nation posts have explored factors to consider when deciding between deploying your IT infrastructure on-premise (“on-prem”) or moving some or all of it to “the cloud.” Our last post said we were sharing “one last bit of info” on the subject. That was a bit premature because a lot of info is being published and we want to continue sharing for the benefit of our readers.
For example, Forbes wrote a good article titled With Cloud Security, The Devil’s In The Details. The author, Ameesh Divatia, begins by highlighting the virtue of deploying some or all of your infrastructure in the cloud—it “simplifies IT and offers a lot of value for companies.” But he continues the thought process by asking the question: “Who’s responsible for cloud security?” Mr. Divatia’s answer to the question imparts some food for thought, so to speak:
You, and virtually everyone else, will likely answer that the cloud provider (Microsoft, Amazon, etc.) is responsible. After all, it’s their cloud, right? But wait — dig a little into the details, and you’ll find that’s not the case. In all major cloud provider contracts and agreements, there’s a little devil of a detail: The cloud provider is responsible only for infrastructure security of the cloud — not for safeguarding the security, privacy or appropriate use of the data or information stored within it. And therein lies the rub.
The article is a good read for those of you concerned about #cloudsecurity. The author offers some real-world, common-sense points to consider.
If you want to speak with bTrade’s data security experts about deployment models, please contact us at info@btrade.com. If you want to keep updated on developments in the world of secure file transfer and data security, follow us on Twitter, LinkedIn, and our blog MFT Nation.