David Kirkpatrick

October 1, 2009

Cloud computing and security

Filed under: Business, Technology — Tags: , , , , — David Kirkpatrick @ 4:16 pm

An interesting overview from Bill Brenner at CIO.com.

From the link, the conclusion:

Having said that, I also agree with Mike Versace that we should offer some basic approaches that ease the learning curve and ask some basic questions. The approach that I’ve been using is what I coined RAIN, which is just a plain old tried-and-true planning and analysis approach with emphasis on interfacing.

  • (R)equirement: understand your business requirements, and derive technical, non-technical, regulatory and security requirements.
  • (A)nalysis: from your requirements, analyze what tasks or services you want to or can outsource, and clearly define which party is responsible for which tasks, to reduce confusion and conflict later; perform risk analysis, especially with respect to cloud connectivity, mutli-tenancy, local data privacy regulations (of your providers), and business continuity.
  • (I)nterface: clearly define system and human interfaces. Who and how to contact providers for services or problems? What API or webpages to use and how, what the returned result should look like? The more interfaces/touch points, the higher the risk for breakages or problems.
  • e(N)sure – verify and ensure services are performed according to agreements. (Validate and boundary) Test the results sent from providers to ensure that they are in the correct formats and are what you expected; audit or pen test services; perform practice runs with your providers.

This is nothing new or fancy, but I’ve witnessed light-bulb moments without glassy eyes when I explained cloud computing challenges with this approach.

In more cloud computing news today, here’s Technology Review and CIO.com on Amazon’s cloud services.

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: