How Cloud Computing is Forcing Us to Rethink Data Security
Traditional IT security models focus on building a secure perimeter around corporate infrastructure. This is akin to the classic fortress mentality of putting up walls and surrounding those walls with additional defenses. If anything gets inside the walls, all bets are off. HP Enterprise & Cloud Security Strategist, Rafal Los, argues that this model is flawed and should be changed with or without cloud computing. Cloud computing amplifies the issue, because the concept of boundraies has changed, necessitating the switch to role-based security. One key area where this change needs to happen is in rethinking application development with a focus on authorization to access data, rather than simply authenticating access to data. LockerGnome's Jake Ludington has an interesting coversation with Rafal about cloud security, what's the same, what's different, and what some best practice scenarios involve in planning for security in the cloud.