Never have been a big fan of the cloud, to many eggs in one basket so to speak.
Who is to blame when your site gets hacked (and it will) the cloud provider our the developers who created it or some third party?
IMHO developers need to get out of the mind set of create it as fast as possible, as cheaply as possible not once stopping to think about the security implications of thier choices.
Call me old fashion but I like being in physical control of my machines, I don't like the idea of a cloud provider being able to turn my site off if I violate the cloud providers policies.
While I see your points I think you've got too much of a "Cloud is bad" rather than "Cloud has a different set of issues to be aware of"
In terms of "too many eggs in one basket" : Yes one of the major cloud providers has had multiple occurrences of "Single point of failure" taking down their entire cloud. You can diversify over cloud providers, You can also use cloud providers as burst capacity.
Who's to blame when the site gets hacked? Well who's to blame now? Specifically please provide details of when the compromise was due to the cloud provider rather than the customer. I'm talking hypervisors / API's weren't secured rather than customers didn't bother to secure their presence eg An open S3 bucket is the customers fault.
Developers need to get out of the mind set: Dev's are only in that mindset because they have been conditioned to it by senior management. It's senior management who want time to market to go through the floor, They want it for free and security costs money so sadly these days most senior management think the cost is greater than the risk.
I don't like the idea of a cloud provider: I've got news for you ANY provider will terminate if you breach contracts. The difference here is that many cloud providers have bigger PR departments who are more proactive and protective. Most come from the US where there is a greater tendency for people to seek redress via the courts and the courts are typically going to award higher settlement & costs. As such there are people watching for anything that might cause them problems. Most smaller providers simply cannot afford to have those sort of staff.
Don't get me wrong I think too many people / places have gone cloud crazy, but the reasons that you put forward are not confined to "the cloud"
You have a point there, and many thinks same way. But on the contrary I feel the security on cloud is pretty strong, I can be little worried of the hardware failures but have not heard much of security issues, unless we design it in a way that can be hacked.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Never have been a big fan of the cloud, to many eggs in one basket so to speak.
Who is to blame when your site gets hacked (and it will) the cloud provider our the developers who created it or some third party?
IMHO developers need to get out of the mind set of create it as fast as possible, as cheaply as possible not once stopping to think about the security implications of thier choices.
Call me old fashion but I like being in physical control of my machines, I don't like the idea of a cloud provider being able to turn my site off if I violate the cloud providers policies.
But anyways not a big fan of the cloud.
While I see your points I think you've got too much of a "Cloud is bad" rather than "Cloud has a different set of issues to be aware of"
In terms of "too many eggs in one basket" : Yes one of the major cloud providers has had multiple occurrences of "Single point of failure" taking down their entire cloud. You can diversify over cloud providers, You can also use cloud providers as burst capacity.
Who's to blame when the site gets hacked? Well who's to blame now? Specifically please provide details of when the compromise was due to the cloud provider rather than the customer. I'm talking hypervisors / API's weren't secured rather than customers didn't bother to secure their presence eg An open S3 bucket is the customers fault.
Developers need to get out of the mind set: Dev's are only in that mindset because they have been conditioned to it by senior management. It's senior management who want time to market to go through the floor, They want it for free and security costs money so sadly these days most senior management think the cost is greater than the risk.
I don't like the idea of a cloud provider: I've got news for you ANY provider will terminate if you breach contracts. The difference here is that many cloud providers have bigger PR departments who are more proactive and protective. Most come from the US where there is a greater tendency for people to seek redress via the courts and the courts are typically going to award higher settlement & costs. As such there are people watching for anything that might cause them problems. Most smaller providers simply cannot afford to have those sort of staff.
Don't get me wrong I think too many people / places have gone cloud crazy, but the reasons that you put forward are not confined to "the cloud"
You have a point there, and many thinks same way. But on the contrary I feel the security on cloud is pretty strong, I can be little worried of the hardware failures but have not heard much of security issues, unless we design it in a way that can be hacked.