Access your Pro+ Content below.
Lack of cloud computing definition adds confusion, risk
This article is part of the Information Security magazine issue of June 2009
WRITING IN HIS blog recently, Misha Govshteyn, co-founder and CTO of log management software-as-a-service vendor, AlertLogic, notes that some vendors at the RSA Conference 2009 were using the term cloud computing rather loosely. Govshteyn points out that Netgear uses "cloud" to describe its line of unified threat management (UTM) appliances. Netgear says it has a "hybrid-in-the-cloud security architecture." Endpoint security vendor Prevx uses "cloud" to describe its endpoint agents using the "power of the cloud." "Those are some of the more absurd examples," Govshteyn says. "Cloud is really about moving complex computing workloads off premise and delivering them as a service. At the end of the day, cloud at its core is cost effective and simple." Even IBM is coining the term for what it isn't. Big Blue describes its new WebSphere SOA appliance as the WebSphere CloudBurst Appliance. It's deployed in-house, but that doesn't stop IBM from calling it an SOA appliance, which deploys and manages SOA in a private cloud. Like Govshteyn,...
Features in this issue
One security professional describes a homegrown risk methodology currently being used by a large university and a private corporation.
Vendors loosely using the term cloud computing are causing confusion for users in the market for buying and securing these services.
They've come a long way from the early days of log aggregation and correlation; enterprises now glean value from SIMs for compliance, visualization, and even overall business intelligence.
Columns in this issue
Cloud computing carries risks that enterprises need to weigh before they forge ahead.
The economy is forcing organizations to be more resourceful and bury the hatchet. And that's a good thing.