As this short article on ReadWriteWeb puts it: “It’s Hard to Steal A Cloud”. The US National Archives has lost some hard drives and would like them back. It’s important to remember a couple of things: a) lost != stolen and b) stolen usually == copied.
Sure the Cloud takes away the need for worrying about a lot of physical devices (physical security, transport, power, storage conditions etc). However it does place additional focus on Authorization to the Cloud Data. This set of apocryphal credentials are now the ‘keys to the kingdom’ – as opposed to root domain access and/or physical data center access. At lot of organizations as they move to the Cloud and going to have to get very serious about how they store and distribute these credentials.
It’s important for enterprises to look at the Cloud from an ‘emotionless’ position. The ridiculous superstition of ‘on premise is more secure’ needs to be replaced with more mature analysis of short, medium and long term threats (and cost modelling).
