I do find it amusing when I hear these stories though, where companies think the data is safer or more secure or more private on premises than somewhere like Azure.
On their worst day the Azure guys will do a better job of this stuff than any company I’ve walked in to, and I’ve been to a lot. I see what people do in the real world and it isn’t pretty. But even in terms of intrusion, does anyone really think the company that they work for will do a better job of detecting intrusion than one of these datacentres? Or alternately, they are assuming that their own datacentres will be more bullet-proof when it comes to intruders. Lots of luck with that. In the future, I suspect that the tables will turn completely. The required standards for privacy and security will likely be raised significantly, and these datacentres will be the first places to meet the requirements. Regards, Greg Dr Greg Low 1300SQLSQL (1300 775 775) office | +61 419201410 mobile│ +61 3 8676 4913 fax SQL Down Under | Web: www.sqldownunder.com<http://www.sqldownunder.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Andrew Tobin Sent: Wednesday, 25 February 2015 4:30 PM To: ozDotNet Subject: Re: Azure and security trust One alternative that I haven't looked into much at all, so take this with a grain of salt - is to have anything identifying on a local network, firewalled, and accessible via a site-to-site VPN connection to an Azure hosted server. Like I said, I haven't looked at what an implementation would take, but if you could create a firewalled, safe, tunnel to your data hosted on prem, and other data in the cloud - then it's an option? http://azure.microsoft.com/en-us/documentation/articles/virtual-networks-create-site-to-site-cross-premises-connectivity/ On Wed, Feb 25, 2015 at 2:28 PM, Greg Keogh <[email protected]<mailto:[email protected]>> wrote: Folks, I have a demo SQL database in Azure and it's working nicely, but now we have to consider how to get it into production use. My demo DB doesn't contain any real names and addresses, but the live DB will have information about hospital patients, and you can imagine how confidential that is! I'm told they will demand the DB be stored on hospital managed servers, which is a damn nuisance in reality as I'm sure many of you know how tedious it can be trying to break through walls of bureaucracy around IT departments in places like hospitals and the government. This opens up the whole issues of "trust and the cloud". Since the Snowden revelations, I don't know how anyone with confidential data can trust cloud storage. Even I don't trust it and all of my backups in Rackspace and Azure blobs are pkzipc AES encrypted. So how on earth could a hospital be convinced that cloud store is an attractive option? I just remembered that Amazon has a special area that is certified secure so they can get government contracts. I haven't seen anything like that in Azure. Despite that, it doesn't make me feel much better, as we now know the NSA was intercepting hardware and bugging it, and coercing huge telcos to put splitters in the backbones, and using secret FISA orders to threaten other even huger companies to secretly hand over their records. So who the hell can trust anyone in the cloud?! Is anyone dealing in this sort of cloud/trust business at the moment? What's the state of play? is there any hope? Am I just paranoid? (who's monitoring this email?) Greg K
