484
Microsoft leaks 38TB of private data via unsecured Azure storage
(www.bleepingcomputer.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 18 Sep 2023
484 points (99.2% liked)
Sysadmin
7545 readers
33 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]
founded 1 year ago
MODERATORS
Gotta love these kind of news. There's always these hypothetical discussions of clouds being insecure and companies generally just ignore that, because clouds are theoretically, sometimes cheaper.
And then every now and then, half the internet leaks out of one of these clouds and everyone's like, holy crap, and then companies go back to generally just ignoring that, because clouds are theoretically, sometimes cheaper.
Unfortunately nobody in charge has seen consequences for their decision to save a few theoretical nickels, so far. But then again, a lot of software/IT related stuff would look completely different, if anybody did.
Yeah, with the GDPR, you could theoretically get sued for using inappropriate technologies, but unless a proper expert committee officially declares Azure et al unsalvagable, you can always say, you thought you were using safe technologies.
I do not think anyone belive clouds are cheaper. For a stable workload probably 2x as expecive. Especially when you also count the new finops department you need to know what you are actually paying for in the cloud.
What cloud do give is virtualy infinite capacity, infinite scale out performance, instant availabillity and scaleabillity up to a global presence, no up-front cost, no tear down cost, bragging rights, no long running contracts and api's for EVERYTHING.
Edit: I did see you write theoretically ;)
Let me add another important point: outsourcing responsibility. In case of a data breach, you have someone to sue and you don't need a whole internal team to be up to date on the latest security topics. Instead, they just have to be able to manage the web interface (not saying that is easy, just less subject to changes)
Ding ding ding. It's all about outsourcing accountability as much as possible. Always need a finger to point at if things go wrong.
Given the average company I believe the cloud being more secure, of course they can shoot themselves d in the foot in the cloud as well but that wouldn't be the cloud being insecure. The cheaper part.... not sure if I would agree, it is more simple and easier to manage than your own physical hardware and all that entails, unless you require very little, that's for sure.