Twitter breach revives cloud security fears.
Last month's breach of a hosted Google Apps A collection of Google applications and utilities that is offered as a package either free or paid. In 2007, Google combined its e-mail, instant messaging, calendar, word processing, spreadsheet and Web authoring applications along with administration utilities into Standard and Premier implementation used by Twitter A Web site and service that lets users send short text messages from their cellphones to a group of friends. Launched in 2006, Twitter (www.twitter.com) was designed for people to broadcast their current activities and thoughts. Inc. has heightened fears in some quarters that cloud computing (1) Running applications in or from network servers. Computing "in the cloud" may refer to a company's own network, but often refers to the Internet and the use of Web browser-based or rich client applications. could pose significant security and privacy risks to users. <p>The Twitter breach gave a hacker access to confidential company documents via an employee's work Gmail account that had been hijacked through the password reset feature. <p>Shortly after the breach, some public interest groups and local law enforcement officials cited potential security concerns in calling on the city of Los Angeles
- For the city, see Los Angeles, California.
GroupWise can operate on a number of server and workstation platforms. e-mail and Microsoft Office Microsoft's primary desktop applications for Windows and Mac. Depending on the package, it includes some combination of Word, Excel, PowerPoint, Access and Outlook along with various Internet and other utilities. software with Google Inc.'s hosted e-mail and office productivity applications. <p>The $7.25 million migration project is set to begin later this year after its expected approval by the Los Angeles City Council The Los Angeles City Council is the governing body of the City of Los Angeles, California, United States. . City officials have projected that the move to Google Apps will save about $13 million in software licensing and personnel costs over a five-year period. <p>Consumer Watchdog, an advocacy group based in Santa Monica, Calif., said the Twitter incident raises questions about whether "Google's cloud as offered provides adequate safeguards." In a letter to several Los Angeles city councilors, the group urged that city IT personnel first test Google Apps with a small group of users, rather than following the current plan of implementing it for 30,000 users by the end of this year. <p>"Before jumping into the Google deal, [the city council] needs to insist on appropriate guarantees -- for instance, substantial financial penalties in the event of any security breach," John Simpson, a Consumer Watchdog project manager, wrote in a blog post. <p>In a letter sent to Los Angeles Mayor Antonio Villaraigosa on July 16, the World Privacy Forum encouraged the city to move "slowly and cautiously" in implementing Google Apps, citing "considerable legal uncertainty about the status of data in a cloud computing environment." <p>Matt Glotzbach, director of product management for Google Enterprise, said the angst voiced about Google Apps and the Los Angeles project is based on incomplete information. "From what I know of the city's operation, this is a security upgrade," Glotzbach said. "Those who may be unfamiliar with cloud computing see this as a security risk simply because it is new and because it is something different." <p>Randi Levin, the city's chief technology officer and general manager of the Los Angeles Information Technology Agency, noted that the California State Department of Justice has reviewed the security and privacy plans and tentatively approved the project. <p>Nonetheless, IT managers suggest that large technology users should tread carefully and conduct comprehensive risk assessment studies when deciding whether to migrate to cloud-based products. <p>For example, Matt Kesner, chief technology officer at Fenwick & West LLP LLP - Lower Layer Protocol , a San Francisco-based law firm, said that IT managers need to consider the security and privacy implications of using applications hosted by other companies at off-site locations. <p>"It's one thing if you could be sabotaged by five people or even 500 people working with you in your company," he said. "It's another thing if the people stealing your information could be any other person on the planet." <p>Christopher Pierson, chief privacy officer at a large financial institution he asked not be identified, said that companies considering hosted products should also look at the potential for data commingling Combining things into one body.
The term commingling is most often applied to funds or assets. When a fiduciary, a person entrusted with the management of funds other than his or her own in trust, mixes trust money with that of others, the fiduciary is commingling if their potential cloud provider hosts multiple customers on the same systems in a single data center. <p>Pierson also said that IT's concerns about cloud computing "are very similar to the concerns and risks associated with traditional data storage outsourcing, offshoring
- Offshore may refer to oil and natural gas production at sea; see oil platform.
Offshoring describes the relocation of business processes from one country to another. or other forms of remote data access." <p>Copyright 2009 IDG IDG International Data Group
IDG Integrated Drive Generator
IDG Installation Design Guide
IDG Internet Discussion Group
IDG Inset Dielectric Guide
IDG International Dangerous Goods (mail, shipping) Middle East. All rights reserved.
Provided by Syndigate.info an Albawaba.com company
|Printer friendly Cite/link Email Feedback|
|Publication:||Network World Middle East|
|Date:||Aug 11, 2009|
|Previous Article:||Microsoft drops plans for Windows 7E in Europe.|
|Next Article:||Unified communications without tears.|