Say that again and I’ll kick your SaaS
Software as a service (SaaS) and cloud computing and cloud storage and
other “aaSes” are all the rage these days. The cloud is going to force
security pros to revisit policy and value. We have to make the case of
why we have specific policies and why those policies apply to certain
data and applications. Otherwise biz units will throw apps and data up
to the cloud willy-nilly to grab the cost savings.
My buddy Kevin Richards at Crowe Horwath said, "Nobody really cares about “securing the cloud” – outside of the security industry anyway. In that way, it’s the same as security in general. Security is not the point. It’s not our job to secure the cloud. We have data and applications all over the place. Some are running on this network segment, some on that. Some are in this data center, some in that one. Some are outsourced, or off shore, or cloud based like SaaS."