How secure would the cloud services be?

Hi all
From what I heard, some organizations would use cloud services for non-sensitive data to shared across office to reduce operational cost.
However even with TLS, file encryption and other security technologies, some government sector or organizations would still host their own file server / VPN for top secret or confidential information. Why is that so?
Would there possibly be data leaked out from cloud services? (e.g. cloud vendor's employee sabotage or attacked) I am interested to know about your opinion about this.
Have a nice day! 
Peter
W520 (4284-A99)
Does someone’s post help you? Give them kudos as a reward, as they will do better to improve | Mark it as solved if the solution works for you, so it could be reference for others in the future
=====================================
Sound Enthusiast and Enhancement (Post comments, share mixes, etc.)
Dolby Home Theater v4 ; IdeaPad Slate Tablet
Solved!
Go to Solution.

Remember too the requirements for data security that are implied by securities laws in many countries. The accidental release of, say, financial data prior to any public release creates a disclosure requirement with, in the US, the SEC. That could be extremely embarrassing and even create abnormal stock tradeing in a company's stock. I recall an incident some 10 or 15 years ago where the CEO of a major publically traded company had his laptop stolen from his hotel room. That mandated public disclosure and SEC filings, and made the front page of the Wall Street Journal. Embarrassing indeed, and potentially dangerous as well.
Consider the increased public relations implications if that type of data were stored on a public cloud service rather than on a private server, either using a private cloud, VPN or both.  You might expect significant questions to be raised if the compromised data were stored on a public cloud.
Don't Read? Can't Learn!
Administrator, SpywareHammer.com

Similar Messages

  • How to monitor the cloud service without visiting management portal

    Hi,
    I have few very important cloud services which needs to be monitored and report immediately by mail when the service state becomes unhealthy. Is there any tool from Microsoft (not any third party) which helps me do this? Is there any tools from Microsoft
    System Center?
    Thanks in advance.

    Hi,
    You can receive an alert based on monitoring metrics for your Azure services. An
    alert rule enables you to monitor a Azure service based on a metric value. When the value of a specified metric violates the threshold assigned for a rule, the alert rule becomes active and registers an alert
    Refer to the Following Article :
    How to: Receive Alert Notifications and Manage Alert Rules in Azure
    https://msdn.microsoft.com/en-us/library/azure/dn306638.aspx
    Regards,
    Nithin Rathnakar

  • I'm looking into how apps use the cloud. Would you consider any app with social media access as uploading information to the cloud? e.g. being able to tweet through an app is the same as uploading data to the cloud

    I'm looking into how apps use the cloud. Would you consider any app with social media access as uploading information to the cloud? e.g. being able to tweet through an app is the same as uploading data to the cloud

    Most of us in this forum are users who volunteer on technical issues, and not Adobe employees although they do drop in from time to time. As users we simply have no control over activation and that's why you are not getting responses.
    If you havn't done so,you might try the Muse forums and see if you can get a staff member to look into it. Have your case numbers and phone transcripts handy.
    Last option is to keep calling customer service until you get someone who will help or ask for a supervisor.
    Hope this get resolved,
    Gene

  • How to add security for Azure Cloud Service?

    Hi,
    We have build some API's in azure cloud service.
    We want to add security for Azure Cloud Service.
    How to add security for Azure Cloud Service?

    Hi Santhosh,
    You may add security for your API's by using:
    Mutual certificate authentication
    Using OAuth 2.0
    Manage developer accounts
    Regards,
    Manu Rekhar

  • How will my data Secure in the cloud

    how will my data Secure in the cloud when i take the membership with them

    Please read the Data security section of the Creative Cloud FAQ here http://www.adobe.com/products/creativecloud/faq.html#data-security.

  • Does VZ still have a back up to the cloud service? and if so How can I find out if I am enrolled? And if I am, what all is backed up?

    my phone is acting hinky. and thinking of a "master reset" but don't want to loose contacts, pictures and music.

    Verizon still has a backup to the Cloud service.  Its included in the more everything plan and most other plans have at least 5GB of storage.  You could find out what features you have on your account in My Verizon.  Log in and look at apps and features and programs.  Alternatively, if you are using an Android phone and some others, you can use Google Gmail to backup contacts and Google Drive to backup all other files pics music and videos.  You can also back up your content to your PC.  DropBox and OneDrive are other alternatives with storage space.  Gmail gives you 15GB and OneDrive 15-30GB.

  • IPhone Security: How secure is the iPhone?

    We just purchased iPhones for our family. However, I have a question regarding cyber security on these devices.
    Specifically, we have the phones set up to access our MobileMe accounts, and thus the MobileMe password is part of our iPhones. This leads to two questions:
    1) If someone acquires our phones, can they easily reverse engineer the phone to determine our MobileMe passwords?
    2) When we use various free wireless services (for example, while travelling at airports), how secure is the password data as it is passed from our iPhones to MobileMe over the RF spectrum? Could someone easily “listen in” to the communication and sniff out the passwords?
    It’s not that crucial now since it is just our MobileMe account, but I would like to use my iPhone for work e-mail and am not sure if this is safe or not.
    In addition to these questions, any advice, comments, or other sources on iPhone security would be greatly appreciated.
    Thank you very much for sharing your expertise!!!

    CharPatton wrote:
    2) When we use various free wireless services (for example, while travelling at airports), how secure is the password data as it is passed from our iPhones to MobileMe over the RF spectrum? Could someone easily “listen in” to the communication and sniff out the passwords?
    It depends on what the website does, and the rules are the same as using a wifi laptop:
    A) If a site uses regular HTTP with no encryption, any text data can be intercepted.
    B) Using HTTPS encryption like banks do, data can be sniffed but cannot be read unless a sophisticated hacker can unencrypt the sniffed data.
    C) Using a secure VPN for your iPhone (like HotSpot Shield), you can encrypt traffic between the iPhone and the VPN service so that all your communications are secured regardless of what the website does.
    I don't have a MobileMe account, so I don't know whether they layer any encryption over the login, but if they're like many sites, they probably do. As for what happens after login, this article is not very encouraging if the info is still current. That is why I use a VPN.

  • Question about Network In/Out in the Monitor of the Cloud Service

    Hi there
    My question is that what kind of data is the monitor monitoring? The monitor is in the cloud service.
    And what are network in/out  in the monitor stand for? The network in/out are in the monitor.
    The monitor had monitored a huge amount of data in my cloud, but I have no ides what are they.
    Thanks a lot!

    hi Tianchi,
    Thanks for your posting!
    >>what kind of data is the monitor monitoring? The monitor is in the cloud service
    From the concepts side, By default, minimal monitoring is provided for a new cloud service using performance counters gathered from the host operating system for the roles instances (virtual machines). The minimal metrics are limited to
    CPU Percentage, Data In, Data Out, Disk Read Throughput, and Disk Write Throughput.
    If you want to monitor other metrics, you could use the azure Diagnostic to custom
    performance counter in your cloud service or set
    Verbose setting on the azure portal. For this issue, I suggest you could refer to the concepts part of this page (http://azure.microsoft.com/en-us/documentation/articles/cloud-services-how-to-monitor/
    >>And what are network in/out  in the monitor stand for? The network in/out are in the monitor.
    Base on my understanding, Network in/out include the
    performance counter "Bytes receive" and "Bytes send". Maybe it seems that your data size of network in/out is huge amount. But only your outbound data
    can be charged. Of course, if you have some doubt about data or data billing, you could contact Azure Billing support for more details.
    Regards,
    Will
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

  • How secure is adobe cloud?

    how secure is adobe cloud?

    Hi chandimau,
    Please see this document for information about the security practices used by the Acrobat.com online services: https://www.acrobat.com/en_gb/security.html.
    Best,
    Sara

  • User does not have access to the Cloud Service Type

    Where do it edit the access the the user? How do i fix this problem?
    "messages" :
    "hint" : "User 'DBAAS' does not have access to the Cloud Service Type 'dbaas' resource interaction with method 'POST' on accept type 'application/oracle.com.cloud.common.DbPlatformInstance' and content type 'text/plain'" ,
    "stack_trace" : "oracle.sysman.emInternalSDK.ssa.cloudapi.CloudSecurityException: User 'DBAAS' does not have access to the Cloud Service Type 'dbaas' resource interaction with method 'POST' on accept type 'application/oracle.com.cloud.common.DbPlatformInstance' and content type 'text/plain'\n\tat oracle.sysman.emInternalSDK.ssa.cloudapi.EMCloudServlet.routeToServiceType(EMCloudServlet.java:180)\n\tat oracle.sysman.emInternalSDK.ssa.cloudapi.EMCloudServlet.perform(EMCloudServlet.java:235)\n\tat oracle.sysman.emInternalSDK.ssa.cloudapi.EMCloudServlet.performPost(EMCloudServlet.java:385)\n\tat oracle.sysman.emInternalSDK.ssa.cloudapi.rest.AbstractRestServlet.doPost(AbstractRestServlet.java:137)\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:727)\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:820)\n\tat weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)\n\tat weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)" ,
    "text" : "Could not route to the Cloud Service Type 'dbaas'. The exception stack trace should provide some information about the reason of the failure" ,
    "date" : "2012-12-04T12:27:11+0000"
    }

    I'm trying to create a new DbPlatformInstance using the EM12c Cloud API but i keep getting an error "User 'DBAAS' does not have access to the Cloud Service Type 'dbaas' resource interaction with method 'POST' on accept type 'application/oracle.com.cloud.common.DbPlatformInstance'
    Below are the request and response.
    REQUEST:
    POST /em/cloud/dbzone/D7EEE339C1249F83FC4587C722EB20B5
    Authorization: Basic xxxxxxxxxx
    Content-Type: application/oracle.com.cloud.common.DbPlatformInstance+json
    Accept: application/oracle.com.cloud.common.DbPlatformInstance +json
         "name" : "Database 11.2.0.3.0 Instance for SSA_USER_1",
         "description" : "Instance 2 of Oracle Database 11.2.0.1.0" ,
         "based_on" : "/em/cloud/dbplatformtemplate/B59EDC65951039E8E040E50A8F5B0435",
         "params" : { "username": "xxx", "password" : "yyy" }
    RESPONSE:
    Response Headers:
    Status Code: 403 Forbidden
    Connection: Keep-Alive
    Content-Language: en,en-us
    Content-Type: application/oracle.com.cloud.common.Messages+json; charset=ISO-8859-1
    Date: Tue, 04 Dec 2012 14:38:08 GMT
    Keep-Alive: timeout=5, max=100
    Server: Oracle-Application-Server-11g
    Set-Cookie: ORA_SMP_EM_AUTH_-4568676491231894381=52W7Q2KQ5w5FTn8MQYrZ3Hqp5QnqBLkNwVKvHSS728pMzyQpxJpd!352643837; path=/em; secure; H ttpOnly
    Transfer-Encoding: chunked
    X-ORCL-EMOA: true
    X-Oracle-DMS-ECID: 004o0VGXIE08XrqpKK4Eye0001P_00009q
    X-Powered-By: Servlet/2.5 JSP/2.1
    x-specification-version
    Response Body:
    "messages" :
    "hint" : "User 'DBAAS' does not have access to the Cloud Service Type 'dbaas' resource interaction with method 'POST' on accept type 'application/oracle.com.cloud.common.DbPlatformInstance' and content type 'text/plain'" ,
    "stack_trace" : "oracle.sysman.emInternalSDK.ssa.cloudapi.CloudSecurityException: User 'DBAAS' does not have access to the Cloud Service Type 'dbaas' resource interaction with method 'POST' on accept type 'application/oracle.com.cloud.common.DbPlatformInstance' and content type 'text/plain'\n\tat oracle.sysman.emInternalSDK.ssa.cloudapi.EMCloudServlet.routeToServiceType(EMCloudServlet.java:180)\n\tat oracle.sysman.emInternalSDK.ssa.cloudapi.EMCloudServlet.perform(EMCloudServlet.java:235)\n\tat oracle.sysman.emInternalSDK.ssa.cloudapi.EMCloudServlet.performPost(EMCloudServlet.java:385)\n\tat oracle.sysman.emInternalSDK.ssa.cloudapi.rest.AbstractRestServlet.doPost(AbstractRestServlet.java:137)\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:727)\n\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:820)\n\tat weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)\n\tat weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)" ,
    "text" : "Could not route to the Cloud Service Type 'dbaas'. The exception stack trace should provide some information about the reason of the failure" ,
    "date" : "2012-12-04T14:38:09+0000"
    }

  • How to install the SAPRouter service on a Windows 2003 Server?

    Hi, can someone please either provide me with the instructions or point me to a URL or a SAP note that describes how to install the SAPRouter service on a Windows 2003 32-bit server?
    This is fairly urgent so your assistance here would be much appreciated.
    Many thanks
    Sharon

    I tried this and I get the following error...
    'ntscmgr' is not recognized as an internal or external command, operable program or batch file.
    Any further suggestions?
    S

  • WHY ARE THE UK USERS PAYING MORE FOR THE CLOUD SERVICES????

    WHY ARE THE UK USERS PAYING MORE FOR THE CLOUD SERVICES????
    OR IS IT JUST LAZYINESS THAT YOU CHANGE THE DOLLAR SIGN FOR THE POUND?

    it obviously doesn't, but then again some people or organisation only care about price when it comes to purchasing their laptops, and it is hard to justify making a special model for a selected few.
    Sure everything can be done if there is a market for it, but Lenovo won't know how large the market is before hand, as such they are hedging a bet by not moving with the market (which Lenovo have done on many occasions). I guess the finanical return is not the worth the risk for Lenovo to keep the 4:3 or 16:10 screens.
    But this debate has been going back and forth for a long time, so no point bringing it up again and again.
    Regards,
    Jin Li
    May this year, be the year of 'DO'!
    I am a volunteer, and not a paid staff of Lenovo or Microsoft

  • How secure is the DocumentRevisions-V100 data for versions?

    How secure is the DocumentRevisions-V100 data for versions? Im concerned that if I open and work on a Numbers or Pages document from an encrypted disk image, Versions would save an unencrypted version within the database, making the encryption useless. Does anyone know if this is a problem or not? If so, is it fixed with Mountain Lion?

    hnanji wrote:
    I do not need the precise location or address, but a general description of how the data is maintained would be helpful. Security is absolutely essential, hence the reason why I am asking. To assume it is simply secure because it's a product by Apple, is not only only ignorant but foolish. If you do not know the answer then no need to reply.
    Your question is just as foolish as your request to know details. You will not get them and that is the answer that I do know. You will not get ANY details, ever. When somebody says that "Apple knows details" -kind of funny to me, cause Apple does not exist in that sense - Apple is corporation and corporation uses people, so there are people who know answer to any question, they just will not disclose secure information. So anybody, even me or pvonk, for expample, can know, But people who does, will not release that info. My answer is not intended to help you, just to let you know that you will not get any info. Not foolish person would take a hint, you didn't.

  • How much is the cloud going to cost a individual who only uses the Lightroom module?

    How much is the cloud going to cost a individual who only uses the Lightroom module?

    When you subscribe to the cloud you get ALL of the offered applications and services whether you choose to use them or not. There is no individual module plan.
    http://www.adobe.com/products/creativecloud/faq.html#

  • How to use the same services-config for the local and remote servers.

    My flex project works fine using the below but when I upload my flash file to the server I doesn't work, all the relative paths and files are the same execpt the remote one is a linux server.
    <?xml version="1.0" encoding="UTF-8"?>
    <services-config>
        <services>
            <service id="amfphp-flashremoting-service"
                class="flex.messaging.services.RemotingService"
                messageTypes="flex.messaging.messages.RemotingMessage">
                <destination id="amfphp">
                    <channels>
                        <channel ref="my-amfphp"/>
                    </channels>
                    <properties>
                        <source>*</source>
                    </properties>
                </destination>
            </service>
        </services>
        <channels>
        <channel-definition id="my-amfphp" class="mx.messaging.channels.AMFChannel">
            <endpoint uri="http://localhost/domainn.org/amfphp/gateway.php" class="flex.messaging.endpoints.AMFEndpoint"/>
        </channel-definition>
        </channels>
    </services-config>
    I think the problem  is the line
            <endpoint uri="http://localhost/domainn.org/amfphp/gateway.php" class="flex.messaging.endpoints.AMFEndpoint"/>
    but I'm not sure how to use the same services-config for the local and remote servers.

    paul.williams wrote:
    You are confusing "served from a web-server" with "compiled on a web-server". Served from a web-server means you are downloading a file from the web-server, it does not necessarily mean that the files has been generated / compiled on the server.
    The server.name and server.port tokens are replaced at runtime (ie. on the client when the swf has been downloaded and is running) not compile time (ie. while mxmlc / ant / wet-tier compiler is running). You do not need to compile on the server to take advantage of this.
    Hi Paul,
    In Flex, there is feature that lets developer to put all service-config.xml file configuration information into swf file. with
    -services=path/to/services-config.xml
    IF
    services-config.xml
    have tokens in it and user have not specified additional
    -context-root
    and this swf file is not served from web-app-server (like tomcat for example) than it will not work,
    Flash player have no possible way to replace token values of service-config.xml file durring runtime if that service-config.xml file have been baked into swf file during compilation,
    for example during development you can launch your swf file from your browser with file// protocol and still be able to access blazeDS services if
    -services=path/to/services-config.xml
    have been specified durring compilation.
    I dont know any better way to exmplain this, but in summary there is two places that you can tell swf  about service confogiration,
    1) pass -services=path/to/services-config.xml  parameter to compiler this way you tell swf file up front about all that good stuff,
    or 2) you put that file on the webserver( in this case, yes you should have replacement tokens in that file) and they will be repaced at runtime .

Maybe you are looking for

  • Error 9006 while updating to ios 6.1

    I am having problem in Updating my Ipad 3 to IOS 6.1 Error no : 9006 i started to  update my ipad without connecting it to itunes and left it to update alone then after couple of hours i went back to see what happend i found that my ipad not working

  • New to Cisco Lobby Ambassador

    I want to be able to tie the registering users into the visitor registration section of a segregated guest network. I want to have a link that would appear in the front end after you register a visitor which would direct you to this program which is

  • Where is this actionscript code?

    Dear All, I am getting the message below which does make sense but I cannot find any actionscript on Scene 1, layer=Layer 1, frame=1:Line 2. I get the ststement on three different frames. None of them have actionscript. I believe the fla file was pre

  • Oracle 9i installation arabic to english

    HI I have windows xp in my computer. Yesterday I installed oracle 9i in my computer. By mistake I installed arabic version. Now I want to change this arabic to english without deleting the existing installtion. Any suggestion how to change arabic to

  • Secure Wireless Design Guide 1.0

    Has there been any update to this document?  This document is dated July 11, 2007. http://www.cisco.com/application/pdf/en/us/guest/netsol/ns386/c649/ccmigration_09186a0080871da5.pdf Does anyone have a link to other reference material for designing W