Microsoft is very clear on their data center boundaries.
If you want the information to stay in the US - then it stays there. If in the EU, then it stays there too. Google and Amazon? I don't think you get the same SLAs - but you should confirm with those vendors. MS has made significant strides in cloud security. If you don't go with MS, then make sure that the non-MS vendors can match MS. From: Andrew S. Baker [mailto:[email protected]] Sent: Tuesday, November 17, 2009 6:03 PM To: NT System Admin Issues Subject: Re: Cloud computing... your opinions Excellent point, Ben, and most of the big players (who have datacenters in multiple countries), already have to deal with exactly this sort of thing. EU privacy laws expressly forbid certain geographic co-mingling. The problem becomes more difficult when you have a cloud vendor which is providing its services by way of a larger player, and doesn't make any provisions for where the services will be hosted. -ASB: http://XeeSM.com/AndrewBaker On Tue, Nov 17, 2009 at 1:27 PM, Ben Schorr <[email protected]> wrote: We've written quite a bit on the subject of Cloud Computing and potential issues on our blog: http://www.rolandschorr.com/blogs/index.php?blog=1 One of the big issues for me, that doesn't seem to get much play, is the issue of geolocation. When I control my data I control where on the planet my data is stored. I currently have data centers in Honolulu and Los Angeles. If I outsource my data storage to a Cloud provider how do I know where my data is being stored? If it's being stored in Iowa then I'm probably o.k. with that. But what if it's being stored in Thailand? Privacy laws vary greatly from country to country - here in the U.S. we have the 4th Amendment that "protects" us against unreasonable search and seizure. While there is a bit of debate about whether or not it protects data "in the Cloud" at least it's there. What does the 4th Amendment in Malaysia protect against? If my data is being stored in China and the Chinese government decides they want to read it...what's my recourse? Probably none. Storing any important data outside of the U.S. is a deal-breaker for me with a Cloud vendor. Heck, I'm not *THAT* comfortable with storing it on a multi-tenant server but at least if it's on U.S. soil I can know which laws I have to be aware of. Best wishes and aloha, Ben M. Schorr Chief Executive Officer ______________________________________________ Roland Schorr & Tower www.rolandschorr.com <http://www.rolandschorr.com/> [email protected] <mailto:[email protected]> Twitter: http://www.twitter.com/bschorr From: Alex Eckelberry [mailto:[email protected]] Sent: Tuesday, November 17, 2009 5:05 AM To: NT System Admin Issues Subject: Cloud computing... your opinions We're working on cloud computing initiatives (like everyone), and I'm also doing a fair amount of research into the area. (Of course, the whole idea of "cloud computing" is itself fairly silly, when it's just a renaming of the concept of a network-connected computer. But whatever, it's the hot topic.) There are areas where it makes sense, such as email filtering. Web filtering, well maybe not so much. CRM (like SalesForce.com), makes sense. I'm curious -- what are your thoughts on cloud computing? What might be the security questions you would ask your cloud computing vendors? What irks you about it? What is good about it? Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: [email protected] <mailto:[email protected]> MSN: [email protected] <mailto:[email protected]> w: www.sunbeltsoftware.com <http://www.sunbeltsoftware.com> b: www.sunbeltblog.com <http://www.sunbeltblog.com> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
