On Wed, Nov 18, 2009 at 9:55 AM, John Hornbuckle <john.hornbuc...@taylor.k12.fl.us> wrote: > There's no reason it has to be undefined and > unverifiable, though. A good cloud service provider > can provide this.
They should be able to; they rarely do, IME. Most businesses have a general mentality of not exposing information about their own operations. Some of that is fear of making it easier for copy-cats; some of it is a desire to sweep dirt under the rug. At the same time, in order for an outside contractor[1] to be as defined and verifiable as doing it in-house, they have to be *completely* transparent. So there's an inherent conflict. [1] = In most use cases[2], "cloud computing" is just the latest euphemism for "outside contractor". We've also seen this called "SaaS", "ASP", "outsourcing", etc. [2] = There are exceptions. They are a small minority. > As someone else mentioned, reputable service providers > are just as concerned about the protection of their > customers' data as their customers are. I highly doubt this. For a contractor, a single-customer data breach means you loose a customer. For the business, that same data breach can mean anything up to going-out-of-business. Sure, the provider has a motivation to do well, but not the same motivation. It's like the joke about bacon and eggs. The chicken is not as invested as the pig. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
