Amazon AWS and Amazon EC2
One of the questions that is often raised on the Learning Tree’s Cloud Computing course is: “What is the difference between Amazon AWS and Amazon EC?” Both words are widely used when describing Amazons Cloud Computing offerings, but often the difference is not clear. The aim of this post is to explain the differences. Starting […]
For Compliance, Keep Control of Your Encryption and Don’t Lose Your Head (Or Your Header)!
Cloud providers tend to be quite good at data integrity and availability. For confidentiality, not so much. IaaS services may provide you with good tools, but you will need to take advantage of them to achieve confidentiality in ways that will satisfy compliance audits. As I mentioned recently, Google’s new “by default” storage encryption isn’t […]
Large and Small Clouds Close, Hang On To Your Data!
In Learning Tree’s Cloud Security Essentials course we caution that any move into the cloud needs to be preceded by careful consideration of how you will get your data and operation back out again. Availability is the leg of the CIA triad effected by business pressures. We just got another reminder of this. Nirvanix was […]
Google’s “By Default” Cloud Storage Encryption Means very Little
Last week I passed along Google’s announcement that they now encrypt all cloud storage by default. I mentioned how this was following Amazon’s offerings of encryption for their S3 storage service. We have been comparing Amazon’s client-side and server-side encryption in Learning Tree’s Cloud Security Essentials course for some time, and now Google’s new service […]
Google Announces “By Default” Cloud Storage Encryption, Following the Amazon Path
In Learning Tree’s Cloud Security Essentials course we have been discussing Amazon’s two offerings for storage encryption for some time. Amazon’s S3 or Simple Storage Service deals with somewhat vague blobs of storage. A stored object could hold a single file, a bunch of files, whatever you want. An S3 object doesn’t look like a […]