As the cloud buzz is getting louder with every passing day you are tempted to take the big leap into the cloud but may have restrained yourself paranoid by ad infinitum cloud security discussions floating on the web. No one can deny the fact that your data is the lifeblood your business. So, undoubtedly its security is of paramount importance for survival of your business.  As cloud computing is a paradigm shift from the traditional ways of using computing resources, you must understand its practical security aspects.

Is Cloud Computing Safe?

There can’t be a binary answer (Yes or No) to this question. But with my experience and as an authority on the subject I can tell you that technologies enabling Cloud services are not in any way less secure than the traditional or on-premise hosting model.  Also, with the evolution of technology, the cloud providers are getting matured and almost all the providers are offering built-in security, privacy, data backups and risk management as a part of their core service.If you are not a big IT company then you must ask yourself:

·         Can an on-premise solution or a traditional hosting provider match the same level of standard security and privacy requirement as provided by the specialist cloud provider whose core competency lies in providing state of the art security and privacy?

Millions of people experienced the frustration and failures of the Obamacare website when it first launched. Because the code for the back end is not open source, the exact technicalities of the initial failings are tricky to determine. Many curious programmers and web designers have had time to examine the open source coding on the front end, however, leading to reasonable conclusions about the nature of the overall difficulties.

Lack of End to End Collaboration
The website was developed with multiple contractors for the front-end and back-end functions. The site also needed to be integrated with insurance companies, IRS servers, Homeland Security servers, and the Department of Veterans Affairs, all of whom had their own legacy systems. The large number of parties involved and the complex nature of the various components naturally complicated the testing and integration of each portion of the project.

The errors displayed, and occasionally the lack thereof, indicated an absence of coordination between the parties developing the separate components. A failed sign up attempt, for instance, often resulted in a page that displayed the header but had no content or failure message. A look at end user requests revealed that the database was unavailable. Clearly, the coding for the front end did not include errors for failures on the back end.

Bloat and the Abundance of Minor Issues
Obviously, numerous bugs were also an issue. The system required users to create passwords that included numbers, for example, but failed to disclose that on the form and in subsequent failure messages, leaving users baffled. In another issue, one of the pages intended to ask users to please wait or call instead, but the message and the phone information were accidentally commented out in the code.

While the front-end design has been cleared of blame for the most serious failures, bloat in the code did contribute to the early difficulties users experienced. The site design was heavy with Javascript and CSS files, and it was peppered with small coding errors that became particularly troublesome when users faced bottlenecks in traffic. Frequent typos throughout the code proved to be an additional embarrassment and were another indication of a troubled development process.

NoSQL Database
The NoSQL database is intended to allow for scalability and flexibility in the architecture of projects that will use it. This made NoSQL a logical choice for the health insurance exchange website. The newness of the technology, however, means personnel with expertise can be elusive. Database-related missteps were more likely the result of a lack of experienced administrators than with the technology itself. The choice of the NoSQL database was thus another complication in the development, but did not itself cause the failures.

Another factor of consequence is that the website was built with both agile and waterfall methodology elements. With agile methods for the front end and the waterfall methodology for the back end, streamlining was naturally going to suffer further difficulties. The disparate contractors, varied methods of software development, and an unrealistically short project time line all contributed to the coding failures of the website.

I remember the day like it was yesterday. Pac Man had finally arrived on the Atari 2600.  It was a clear and sunny day, but it was slightly brisk. My dad drove us down to the video store about three miles from our Michigan house. If I remember correctly, the price for the game was $24.99.  It was quite expensive for the day, probably equaling a $70 game in today’s market, but it was mine. There *was* no question about it. If you purchase a game, it’s your game… right?

You couldn’t be more wrong.  With all the licensing agreements in games today, you only purchase the right to play it. You don’t actually “own” the game. 

Today, game designers want total control over the money that comes in for a game. They add in clauses that keep the game from being resold, rented, borrowed, copied, etc. All of the content in the game, including the items you find that are specifically for you, are owned by the software developer. Why, you ask, do they do this? It’s all about the money.

This need for greed started years ago, when people started modifying current games on the market. One of the first games like this was Doom. There were so many third part mods made, but because of licensing agreement, none of these versions were available for resale. The end user, or you, had to purchase Doom before they could even install the mod.  None of these “modders” were allowed to make any money off their creation.