mar 20 2010

SecureCloud 2010: day 2 and conclusion

Tag: (i)realidad,Informática Legal,SystemsJoaquim Anguas @ 7:38 pm

SecureCloud 2010, second day:

Keynote

First session was an excellent keynote by Mrs. Pamela Jones Harbour, Commissioner at US Federal Trade Commission. She “asked the tough questions” and pointed to some “storm clouds”.

First “storm cloud” she talked about was asymmetry between users and companies: consumers may not understand when they are using cloud computing and it is hard for them to delimitate what data they are willing to share. In the offer side, providers do not offer consumers minimum choices, they present “incomprehensive privacy clauses”, they don’t “adequately disclose the scope” and hide behind “click wrapped agreements”.

Second “storm cloud” was (in)security. Cloud services are potentially unsecure and there’s a potential opportunity for providers to avoid responsibility and accountability.

Third “storm cloud” was competition. There’s a great range of choices and if the consumer’s side does not request accurate information and an adequate level of security in the competitive process, government may have to make an intervention on the market. Turbulent times are forcing companies to low cost, so they are forced by the market to lower best practices.

Fourth “storm cloud” was Incompatible jurisdiction. There is an uncertain state of the law in the USA and there’s being some lobbying at federal legislation on cloud computing. There’s a need to identify challenges and develop good practices. In any case, rules have to be process oriented, not technology oriented, not specific on technology requirements.

Final message was: ask the tough questions but don’t fear the challenge of the cloud.

Continue reading “SecureCloud 2010: day 2 and conclusion”


mar 16 2010

SecureCloud 2010: day 1

Tag: (i)realidad,Informática Legal,SystemsJoaquim Anguas @ 11:36 pm

Today I attended the first day at SecureCloud 2010, a two days event organized by ISACA, ENISA, CSA and IEEE centered on security on “The Cloud”.

In this first day I had the opportunity to attend to nine talks, all of them very focused and well presented.

Here’s a very concise summary of the sessions:

Continue reading “SecureCloud 2010: day 1″