[Info-vax] The new world that VMS will be living in

Bill Gunshannon bill.gunshannon at gmail.com
Mon Dec 7 21:24:38 EST 2020 

On 12/7/20 8:30 PM, Arne Vajhøj wrote:
> On 12/7/2020 8:12 PM, Bill Gunshannon wrote:
>> On 12/7/20 2:44 PM, Arne Vajhøj wrote:
>>> On 12/7/2020 2:35 PM, Bill Gunshannon wrote:
>>>> On 12/7/20 2:10 PM, Arne Vajhøj wrote:
>>>>> Deutsche Bank just announced that they have signed with
>>>>> Google to move most of their IT To Google cloud.
>>>>>
>>>>>  From the press:
>>>>>
>>>>> <quote>
>>>>> The two companies on Friday finalized a cloud computing agreement 
>>>>> under which the German lender plans to shift most of its data onto 
>>>>> Google servers, technology head Bernd Leukert said in a phone 
>>>>> interview.
>>>>> ...
>>>>> The deal will include “applications at the heart of our IT,” 
>>>>> Leukert said in an interview,
>>>>> </quote>
>>>>>
>>>>> This follow that Capital One closed down their last data center
>>>>> a month ago after migrating everything to Amazon cloud.
>>>>>
>>>>> VMS will need to function - and function well - in such new
>>>>> environments.
>>>>
>>>> Once you move your data to The Cloud it ceases to be your
>>>> data.
>>>
>>> I do not see that.
>>>
>>> It is legally still your data.
>>
>> And when your customer list hits the dark web?
> 
> And how should that happen?
> 
> You think Amazon/Microsoft/Google has broken AES so their
> employees can decrypt the content?
> 
> Or?

Do you even follow the numerous news reports on data breasches?
The data is almost never encrypted.  Moving it to The Cloud is
not going to magically encrypt it.

> 
>>>
>>> And assuming proper encryption is used, then you have access
>>> to data while the cloud provider does not have access to data.
>>
>> Once you put it on someone else's machine they have possession of
>> that data and you are trusting them to keep it safe.  Within your
>> own organization one of the biggest dangers is the insider threat
>> (at least according to a lot of published papers lately).  But you
>> no longer have control over the insiders.
> 
> They have possession of a disk with some AES encrypted data.
> 
> The owner have possession of the key and therefore the data.

That is an assumption I am not prepared to make.  And I would
hope no one else would either.

bill

More information about the Info-vax mailing list