| By Craig Balding |
Article Rating: |
|
| September 17, 2008 07:30 AM EDT |
Reads: |
17,059 |
Craig Balding's Cloud Security Blog
What are the telltale signs that your company is already Computing in the Cloud? Is it when the CIO makes a big announcement at the monthly IT meeting? Is it when the IT newsletter drops a reference to pilot testing of some ‘web based’ software? Or, is it when the secretary whips out the boss’s Corporate Credit Card and signs up to a Cloud Service? Here are 12 indicators that your company is *already* part of the Cloud:
- Your internal helpdesk reports fewer password resets.
- Finance contacts you to confirm all the DVD readers are disabled - they are puzzled by the number of recurring credit card charges for Amazon (are the secretaries spreading out their orders for “Lost” DVDs again?).
- You are asked to authorise a network change ticket that modifies the LAN routing policy. All traffic will be sent directly to the Internet proxy (for performance reasons). From the accompanying diagram, the data center appears to have been cut and pasted on the wrong side of the firewall (idiots!).
- You walk into the Data Center and it feels cooler than usual.
- When the builders next door accidentally saw through the company Internet connection, people complain there must be a DoS attack going on as they can’t get to their files.
- During physical inspections, you notice unexplained gaps in server cabinets.
- Login failures go down, in fact login “attempts” in general go down but the company car park is full.
- As you walk through the office, you notice all the “Security Awareness” posters have been replaced with pictures of Jeff Bezos (!)
- You are asked to authorise a visit from the local environment group. Fearing protesters, you are surprised to learn that your company has won a prize for reducing its Carbon Footprint
- Your Intrusion Prevention System is preventing the call center from uploading contracts stored as GIF files.
- You detect the presence of ‘malware’ in the form of unexplained ‘Machine Images’ on IT’s desktops.
- You stop finding Windows passwords under keyboards, instead you find random hex digits next to the words ‘Access Key’ and ‘Secret Key’. You sigh, but at least they are setting difficult to guess passwords now!
If you are charged with IT security in your company, you may want to start checking your web proxy logs for telltale signs that people are talking to the Cloud…or just talk to finance.
[This post appeared originally here and is republished in full by kind permission of the author.]
—
If you are curious about Cloud Computing and security, don’t miss out on future posts: subscribe by RSS or subscribe by email.
Craig Balding is a Security Practitioner at a Fortune 500 where he leads a crack team of security SMEs. He has a decade of hands-on IT Security experience. His primary skill areas include UNIX security, ORACLE RDBMS security, Penetration Testing, Digital Forensics (offline, live and network), and Global Investigations. He co-authored Maximum Security and even has a CISSP.
Subscribe to Web 2.0 Journal Email News Alerts
Subscribe via RSS
