Public vs Private clouds

Next week (the 15th December), I’m going to give a talk about cloud security on the “Public, Private & Hybrid Clouds” BrightTalk Summit. There are surprisingly many talks that focus on cloud (in)security – although after all it isn’t too surprising given the fact that security is the key issue when comparing public against private cloud infrastructures.

Guy Churchward, LogLogic CEO did an interesting post on this subject and Gartner defends that private is the way to go. I am wondering if this opinion has become a consensus or if there are still public (sic!) defenders of the  public cloud? I hope that the users of Amazon EC2 and Salesforce  raise their voice and that we find more use cases than the usual ones like testing, not sensitive data, marketing campaigns, non-critical business processes and so on.

I think we can associate the threats and risks of cloud computing with the following root causes (admittedly this is a simplification):

  1. outsourcing
  2. resource sharing
  3. virtualization
  4. infrastructure volatility

Private clouds solve the first two: (1) they increase trust and allow full visibility and control over the infrastructure and (2) they are not exposed to  side channel attacks. Hope to interact with you at the summit and if you already have a favorite topic or questions on the subject do not hesitate to drop a comment. I might include it in the presentation.

One thought on “Public vs Private clouds

  1. Pingback: Global Security Challenge at Tel-Aviv and THE 2 cloud security questions « Elastic Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s