+1 for Greg. This reminds me of a time we pranked the *head security guy* at a company I worked for and easily convinced him to give us some private details like his home address, car rego and so on.
On Wed, Feb 25, 2015 at 8:32 PM, Greg Low (博士低格雷格) <g...@greglow.com> wrote: > I do find it amusing when I hear these stories though, where companies > think the data is safer or more secure or more private on premises than > somewhere like Azure. > > > > On their worst day the Azure guys will do a better job of this stuff than > any company I’ve walked in to, and I’ve been to a lot. I see what people do > in the real world and it isn’t pretty. > > > > But even in terms of intrusion, does anyone really think the company that > they work for will do a better job of detecting intrusion than one of these > datacentres? > > > > Or alternately, they are assuming that their own datacentres will be more > bullet-proof when it comes to intruders. Lots of luck with that. > > > > In the future, I suspect that the tables will turn completely. The > required standards for privacy and security will likely be raised > significantly, and these datacentres will be the first places to meet the > requirements. > > > > Regards, > > > > Greg > > > > Dr Greg Low > > > > 1300SQLSQL (1300 775 775) office | +61 419201410 mobile│ +61 3 8676 4913 > fax > > SQL Down Under | Web: www.sqldownunder.com > > > > *From:* ozdotnet-boun...@ozdotnet.com [mailto: > ozdotnet-boun...@ozdotnet.com] *On Behalf Of *Andrew Tobin > *Sent:* Wednesday, 25 February 2015 4:30 PM > *To:* ozDotNet > *Subject:* Re: Azure and security trust > > > > One alternative that I haven't looked into much at all, so take this with > a grain of salt - is to have anything identifying on a local network, > firewalled, and accessible via a site-to-site VPN connection to an Azure > hosted server. Like I said, I haven't looked at what an implementation > would take, but if you could create a firewalled, safe, tunnel to your data > hosted on prem, and other data in the cloud - then it's an option? > > > > > http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-create-site-to-site-cross-premises-connectivity/ > > > > On Wed, Feb 25, 2015 at 2:28 PM, Greg Keogh <g...@mira.net> wrote: > > Folks, I have a demo SQL database in Azure and it's working nicely, but > now we have to consider how to get it into production use. My demo DB > doesn't contain any real names and addresses, but the live DB will have > information about hospital patients, and you can imagine how confidential > that is! I'm told they will demand the DB be stored on hospital managed > servers, which is a damn nuisance in reality as I'm sure many of you know > how tedious it can be trying to break through walls of bureaucracy around > IT departments in places like hospitals and the government. > > > > This opens up the whole issues of "trust and the cloud". Since the Snowden > revelations, I don't know how anyone with confidential data can trust cloud > storage. Even I don't trust it and all of my backups in Rackspace and Azure > blobs are pkzipc AES encrypted. So how on earth could a hospital be > convinced that cloud store is an attractive option? > > > > I just remembered that Amazon has a special area that is certified secure > so they can get government contracts. I haven't seen anything like that in > Azure. Despite that, it doesn't make me feel much better, as we now know > the NSA was intercepting hardware and bugging it, and coercing huge telcos > to put splitters in the backbones, and using secret FISA orders to threaten > other even huger companies to secretly hand over their records. So who the > hell can trust anyone in the cloud?! > > > > Is anyone dealing in this sort of cloud/trust business at the moment? > What's the state of play? is there any hope? Am I just paranoid? (who's > monitoring this email?) > > > > *Greg K* > > >
