The recent breach of the Sony PlayStation Network calls into question the security and reporting practices of cloud vendors and suggests greater diligence in reviewing their service-level agreements.
Written by Carol Woodbury
Editor's Note: This article introduces the Webcast "Coffee with Carol: Security and the Cloud—Blue Skies or Major Storm" available for free download from the MC Webcast Center.
Is the cloud a security storm waiting to unleash its fury or sunny skies that will make you relax and relinquish all of your security cares? The recent breach of the Sony PlayStation Network created headlines, and when the dust settled, it turned out to be the second-largest online data breach in U.S. history. The fact that the attack on Sony was launched from a "public cloud" brings into question the security policies and reporting of cloud vendors.
The public cloud vendor in the Sony case is facing subpoenas and will likely have to produce records, including a history of transactions, and provide information to trace who had access to the specific Internet address at the time.
Cloud security comes down to understanding security configuration, policies, record keeping, and what service level your cloud vendor is providing with its cloud solution. Keep in mind this isn't just about technology. There are many aspects that must be included in the service-level agreement when you consider a cloud solution.
as/400, os/400, iseries, system i, i5/os, ibm i, power systems, 6.1, 7.1, V7, V6R1, SkyView Partners
Carol Woodbury is IBM i Security SME and Senior Advisor to Kisco Systems, a firm focused on providing IBM i security solutions. Carol has over 30 years’ experience with IBM i security, starting her career as Security Team Leader and Chief Engineering Manager for iSeries Security at IBM in Rochester, MN. Since leaving IBM, she has co-founded two companies: SkyView Partners and DXR Security. Her practical experience and her intimate knowledge of the system combine for a unique viewpoint and experience level that cannot be matched.
Carol is known worldwide as an author and award-winning speaker on security technology, specializing in IBM i security topics. She has written seven books on IBM i security, including her two current books, IBM i Security Administration and Compliance, 3rd Edition and Mastering IBM i Security, A Modern, Step-by-Step Approach. Carol has been named an IBM Champion since 2018 and holds her CISSP and CRISC security certifications.
MC Press books written by Carol Woodbury available now on the MC Press Bookstore.
 |
||
 |
|
IBM i Security Administration and Compliance: Third Edition Don't miss the newest edition by the industry’s #1 IBM i security expert. List Price $71.95 Now On Sale
|
 |
|
Mastering IBM i Security Get the must-have guide by the industry’s #1 security authority. List Price $49.95 Now On Sale
|
Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.
IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn:
LATEST COMMENTS
MC Press Online