Wednesday, January 20, 2010

Lessons from The Google Incident

Last week, Google threatened to shutter operations in China over an alleged attack. The attack was aimed at "exfiltrating" Google's IP and compromising the email accounts of Chinese human rights activists. Based on Google's inherited role as the global representative of the Cloud, the incident generated renewed discussion on "Cloud" security and its potential hindrance to Cloud services adoption.

Whit Andrews, vice president at leading analyst firm Gartner, stated "This is a pretty public blow against the security of the Cloud." He went on to claim that this could "affect the uptake of Google applications."

However, there’s another way to look at the situation. For starters, let's consider Google's response. By moving to close operations in China, Google shone a bright light on the activities of sophisticated cybercriminals. (The Chinese government denies involvement.) How many corporations on the planet have leverage with the People's Republic of China? A few, perhaps, but what about yours?

Google can't avoid being the poster child for the Cloud vulnerabilities that will undoubtedly emerge over the coming years. Yet the company has also proven itself a defender of security—not only from the point of view of technology but also from the broader perspective of ethics. Regardless of the compromise, perhaps you are, in the end, actually better putting your eggs in that basket rather than taking on the security yourself.

The lesson to learn from this might be that it’s wiser and, in the long run, cheaper to accept some of the risk involved in trusting a Cloud provider than to take on international cybercriminals yourself.

0 comments:

Post a Comment