On Sat, Jul 18, 2015 at 01:39:45PM +0200, Florian Weimer wrote: > Well, for one thing, it removes physical access to machines from > insiders on your end, and in many cases, also direct access to data, > particularly in its bulk form. > > With conscious effort and the right resources, you might be able to > come with better security controls than the large service providers, > but right now, most organizations don't have much of an audit trail > for locally run services. I'm not sure if moving data off premises > actually results in a net loss of control over it. Note be cause the > service providers are so good at security, but because various factors > conspire to make almost everyone else so bad.
Well, I don't trust the cloud and don't use it. (I don't trust my boxen in a different way). The cloud owns the CPU and this is enough for me. You should be aware of the numerous virtualization sploits -- Xen, Qemu, possibly others. Exploiting a virtualization bug is just the fee "to be in cloud" and I _suspect_ more efforts are needed for my boxen.
