According to the following article, the cloud is safer because the cloud data center is bigger than yours and has better fences. Oh, and passwords need to be hard to use so that others can’t use them.
Cloudburst
I haven’t blogged a Quote of the Weak (for more info, see About) for some time, but the article, 3 Tech Trends Advisors Need to Understand, indicates that it’s not only financial advisors that need to understand technology. But I’m getting ahead of myself. Here’s the first quote that set me off:
The fact remains that these [cloud] data centers, while bigger targets, have bigger defenses.
Right before this quote the author (Rachel F. Elson) mentions that the cloud needs to change the way financial advisors think about data security. That’s true, but to reduce the discussion to the bigger the data center, the better the security, is distressing. Huge companies have been hacked. Every person can name at least two because they received the “Sorry, we were hacked” emails themselves.
Also, the cloud data center also has more virtualization than your data center and serves more companies than your data center. And I’ll bet they even have more administrators that can view or capture your data than you do.
Which all add up to more risk than YOUR data center. Result? A stalemate at best.
Also notice that the person quoted is the “managing director of technology consulting for Schwab Advisor Services.” More on that later.
Password Irritation
According to the article, because applications and financial data are moving to the cloud, we need to:
“Be thoughtful about your passwords,” he cautioned. “They should be inconvenient.”
This quote has some truth to it, but it still bothers me. I think what the person meant was that passwords need to be strong.
However, you can have strong passwords without them being inconvenient. If your definition of inconvenient means it can’t be your name, phone number, birth date, or ‘12345’, then I agree, but this should be common sense by now, not inconvenience.
Strong passwords are the price of using computers and networks, just like the price of using a smart phone is the cost of the data plan. Is the data plan cost inconvenient? Or do you trade one for the other?
What really bothers me is that the statement appears to say is that security has to be hard and bothersome to be any help. You can use a variety of methods to pick easy to remember passwords. The problem becomes remembering which goes where, hence the inconvenience. So again, that quote contains truth.
Am I reading too much into it?
Bottom Line
I don’t think the Schwab director is a yahoo; I think the author took some interesting quotes, plopped them into an article, and posted it without providing the proper context.
What do you think?
ITauditSecurity 