Not sure how this plays into the scheme of things, but I deal with offsite data backup ( for exchange, ad, file servers etc...) except someone gives the authorities the encryption key, they will spend decades trying to decrypt the data).
From: [email protected] To: [email protected] Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers Date: Wed, 5 Jun 2013 01:40:24 +0000 Governments that “don’t play by the rules” aren’t going to be stopped on your company’s doorstop by some lawyers either. Governments like Russia’s can find ways to throw you in jail for decades and steal your multi-billion dollar company (Khordorkovsky and Yukos) without too much trouble. Or assassinate you if you’re not quite as high profile. And Russia’s government isn’t even particularly nasty in the global scheme of things. In fact, the only way I can see your method working is for each organisation to have their own data centres, with their own security guards and so on. Each time you contract someone else for data centre facilities you run the risk that they might let some “authority” in to take away your hardware or data. Organisations with plenty of legal firepower have been using 3rd party data centres for a long time, so there must be ways to manage this risk. I don’t know what they are, but I can assure you that most major banks do not own their own DC facilities in every country that they’re in. Cheers Ken From: [email protected] [mailto:[email protected]] On Behalf Of Jon Harris Sent: Wednesday, 5 June 2013 11:06 AM To: [email protected] Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers I am trying to point out that not all governments will play totally by the rules. A search warrant, at least in the states, requires some proof of wrong doing along with a judges blessing. The warrant I am referring to is just a government letter saying we want access, and would potentially specify that the cloud vendor not tell their client that this is happening the agency does not even have to get a judges blessing on the search. I believe there have been a number of instances where this has happened already but I can't site any specifically. On premise data would at least be safer from that kind of thing happening. It is harder to have government agents walk up to a door of a company and tell them 'hey we demand access to all of your servers so that we can snoop around and see what you are doing' and not have a bunch of lawyers demanding to see the proof of wrong doing. A cloud vendor would not be in a position until all the legal challenges are done to tell those same government agents 'no' without incurring some liability. Once all the legal challenges are done and the cloud vendors have all the legal contracts in place and some sort of protection from the potential criminal liability then the cloud would be to some degree safer for companies to move to it. I am not condemning it's use just handing out an opinion as to this movement with less than critical thinking by SMB's. Jon From: [email protected] To: [email protected] Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers Date: Wed, 5 Jun 2013 00:41:35 +0000 I hate to say it but I see a lot of companies regretting the decision to jump to the web when some gov decides it can just issue a warrant and start searching that businesses digital material. What does “jumping to the web” have to do with cloud? If the authorities can get a warrant, they can just turn up at your door and seize your paper files if you insist on not having anything digital. Perhaps I’m a bit confused as to whether you’re condemning (1) the use of digital media, (2) putting things onto the WWW, or (3) using a cloud provider. If it’s either (1) or (2) I think you’d have a hard time convincing anyone that the risks and costs outweigh the benefits. Cheers Ken From: [email protected] [mailto:[email protected]] On Behalf Of Jon Harris Sent: Wednesday, 5 June 2013 10:17 AM To: [email protected] Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers I hate to say it but I see a lot of companies regretting the decision to jump to the web when some gov decides it can just issue a warrant and start searching that businesses digital material. The IRS has been doing it with emails claiming they have the right to do it. It may not be the American gov that does this first (but I would not bet against it) and it will cost some company big time. I seem to also remember someone on the list a few months ago posting an article about a hack that allowed for cloud machines to be compromised if where were on the same hypervisor. Jon From: [email protected] To: [email protected] Subject: RE: [NTSysADM] RE: Microsoft's 'Blue' servers Date: Wed, 5 Jun 2013 00:05:46 +0000 It won’t happen overnight. But my prediction is that eventually the providers will, after grabbing the non-complex mass market, start going after industry verticals. They’ll start with the low-hanging fruit (i.e. smaller firms that exist in just one jurisdiction). They’ll get a bunch of lawyers, talk to regulators and so on, and start marketing a ‘certified’ solution for that industry – possibly with some level of indemnification. It’s definitely customers who are pushing the “cloud” thing – even in some large FSI corps that I’ve colleagues in are pushing this. They’re turning to their current outsourcers and asking “why can’t I get the same flexibility/pricing/etc from you that I can get from Amazon?” “Why does it take you 6 weeks to give me a server whereas Amazon can give me one in 2 hours?” and so on. It’s going to be a huge issue for HP/CSC/IBM, which is why they’re scrambling to put together their own cloud offerings. VMWare’s also sniffing around – touting their services business as a replacement for incumbent outsourcers. Cheers Ken From: [email protected] [mailto:[email protected]] On Behalf Of James Rankin Sent: Wednesday, 5 June 2013 1:07 AM To: [email protected] Subject: Re: [NTSysADM] RE: Microsoft's 'Blue' servers Hmmm, sounds like MS' approach is that they've decided that The Cloud is unavoidable, or will at least represent the "sensible choice" in future For dev and test environments, sure, and maybe smaller enterprises without regulatory requirements and/or no budget to spare for private infrastructure, but throw in any kind of data security and integrity - particularly anything that has implications related to storing information in other global jurisdictions - and I just get the feeling that it won't take off as much as everyone would have us believe. I'm also becoming less convinced of Microsoft's capability to respond to customer requirements, although to be honest that's exhibiting more in the consumer end at the moment than business. I'm not known as any kind of trend-predictor or tech commentator, though, so I'm just stating my gut feelings :-) On 4 June 2013 15:52, <[email protected]> wrote: They will never position it as something you HAVE to do or else (like Google). They are developing the technology so that when you’re ready, it will be ready for your needs. The Cloud leader will be the one that can show “why” it makes sense to move, not that moving is the only choice. Sent from Microsoft Surface Pro From: James Rankin Sent: Tuesday, June 4, 2013 9:33 AM To: [email protected] But the expectation is that "years later" everyone will go cloud-based of some sort? I can see that not flying for a lot of orgs - if MS take the "shove it down your throat regardless" option they did with some of the Win8 features, it might change the landscape somewhat Just my ill-informed and quickly-formulated opinion :-) On 4 June 2013 15:27, Michael B. Smith <[email protected]> wrote: Microsoft wants to drive you to the cloud. Some people will settle on a single version of the software and then move years later. There is no ostensible requirement to keep pace with Microsoft.
