Since 1986 - Covering the Fastest Computers in the World and the People Who Run Them

Language Flags
August 9, 2010

Are Private Clouds Truly More Secure Than Public?

Nicole Hemsoth

Almost anything one reads about the private versus public cloud debate contends that for enterprises with large amounts of data that requires strict security, the private cloud option is the way to go—that public clouds cannot and do not offer the protections that a private cloud enables. Then again, if one looks closer at who is making the statement about private clouds and their tighter security, it’s often from the vendors who are advocating private cloud solutions—and from the end users who believe in the idea because that is how it has been presented. But to what degree are private clouds more secure than public if one takes a general “one size fits all” approach to the question—if there can be such a thing?

The vast majority of writing on the public versus private debate contends that private clouds provide more control over access and data protection but as George Reese noted, this is a “myth” is “complete nonsense.” Reese argues that “some private clouds are more secure than some public clouds some public clouds are more secure than some private clouds. In some cases, no one really knows.”

Reese puts forth the argument that the key to security is transparency and suggests that if we operate under the false assumption that a private cloud provides complete transparency (which as he notes, private clouds still have some opacity) we are overlooking the nuanced nature of private and public clouds. He states, “total knowledge about a private cloud guarantees neither that it is secure nor that we are even competent to judge that knowledge with respect to security”

Many will defend the private cloud until the end, especially with the growing body of literature supporting their status as the more secure option. After all, when it comes to having less control over the location and infrastructure (at least theoretically) that shouldn’t have been a tough sell to companies who were well aware of potential security issues when they made the decision to deploy a cloud model for some or all of their operations. Reese argues that CloudAudit and other related services are the best way to get a direct view into the questions between public versus private on a more specific level but in the meantime, there should be more consideration offered to the actual improved security of the private cloud versus public in more forums and debates.

 

Full story at O'Reilly

SC14 Virtual Booth Tours

AMD SC14 video AMD Virtual Booth Tour @ SC14
Click to Play Video
Cray SC14 video Cray Virtual Booth Tour @ SC14
Click to Play Video
Datasite SC14 video DataSite and RedLine @ SC14
Click to Play Video
HP SC14 video HP Virtual Booth Tour @ SC14
Click to Play Video
IBM DCS3860 and Elastic Storage @ SC14 video IBM DCS3860 and Elastic Storage @ SC14
Click to Play Video
IBM Flash Storage
@ SC14 video IBM Flash Storage @ SC14  
Click to Play Video
IBM Platform @ SC14 video IBM Platform @ SC14
Click to Play Video
IBM Power Big Data SC14 video IBM Power Big Data @ SC14
Click to Play Video
Intel SC14 video Intel Virtual Booth Tour @ SC14
Click to Play Video
Lenovo SC14 video Lenovo Virtual Booth Tour @ SC14
Click to Play Video
Mellanox SC14 video Mellanox Virtual Booth Tour @ SC14
Click to Play Video
Panasas SC14 video Panasas Virtual Booth Tour @ SC14
Click to Play Video
Quanta SC14 video Quanta Virtual Booth Tour @ SC14
Click to Play Video
Seagate SC14 video Seagate Virtual Booth Tour @ SC14
Click to Play Video
Supermicro SC14 video Supermicro Virtual Booth Tour @ SC14
Click to Play Video