Something is going on. I don’t know exactly what it is, but all the sudden I’m hearing more of this buzzword. “Cloud Computing” may be the buzzword for 2008. There are even blogs that dedicate content to it.

It sure seems to be thrown around a lot… especially in the economic hiccup we are experiencing right now.

Should we blame Gartner for its use? Only for using cloud computing and $3.4 trillion in the same article. I bet that’s the root of the problem.

So what is cloud computing? Well, according to IEEE, “Cloud Computing is a paradigm in which information is permanently stored in servers on the Internet and cached temporarily on clients that include desktops, entertainment centers, tablet computers, notebooks, wall computers, handhelds, sensors, monitors, etc.” Essentially, a mashup of Software as a Service (SaaS), virtualization, and potentially even Service Oriented Architecture (SOA). I suggest that it is destined to become a generalization that has no real meaning on the surface, but requires detailed questions and answers before its true meaning is known.

That’s where security comes in. When looking at doing anything with cloud computing, security professionals must understand exactly what is going on. The leveraged resources used to allow for cloud computing to work means that you have a lot of co-mingling of things. Data and systems that need to be kept secure will mingle with data and systems that don’t. The whole strategy of using segmentation as a scope reduction technique (or just good practice) goes out the window with this type of infrastructure. Unless, of course, you create multiple clouds, but then that kind of ruins the whole paradigm, doesn’t it?

As with most technology, there is a place for cloud computing in our infrastructure. It should neither be immediately shunned or lauded. Instead, do the due diligence required to get a clear picture of how it may impact your enterprise.

This post originally appeared on

Possibly Related Posts: