Feeds

How can the storage industry prevent cloud bursts?

Out of sight, out of mind - but not out of harm's way

Internet Security Threat Report 2014

Unsuitable for mass market

Dan Conlon, MD of UK cloud storage provider CSP Humyo, had this to say about branding or badging of CSPs:

We find that our customers feel secure knowing that their data is stored in a bullion vault but don't feel any affinity with the technological aspects of our service in terms of resilience, security, redundancy and controls. A stamp or badge if communicated directly might wrap all those techy aspects up in a package which the mass market understands, but there's always a risk with these things that they never really guarantee to the end user what they claim to.

Could the SNIA (Storage Networking Industry Association) be the body we need to certify, regulate and police cloud storage service providers?

What does the SNIA think?

We went and talked to the vice chairman of the SNIA, Vincent Franceschini. He doesn’t think the SNIA, a standards-encouraging and education body, is right for the job: "[The] SNIA does have a passionate interest in having users trust storage service providers but it is not the vehicle to drive the industry and represent it."

The SNIA would clearly want to talk to any industry body, much as it talks to the US EPA today. But it is not the EPA and shouldn't be, and the same goes for any cloud storage provider body. The SNIA is a source of industry expertise for it to use but it is not the driver for the body to form or the body itself.

Franceschini is not keen on the threat model - the idea of a trade body policing its members: "The individual professional can be policed and certified and ejected. The big company cannot. No trade bodies exist which can police, certify and regulate big companies providing a service. It takes a Nellie Kroes to take on Microsoft."

The threat model doesn't work unless the State or the EU is involved: "You need to have the big hammer."

There will be some level of public sector oversight: "The public sector will have something to say about it, if it becomes as widespread as we hope it will. The EU (European Union) will want service providers to the public sector to be properly organised; maybe regulated is too strong a word."

Internet Security Threat Report 2014

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
'Urika': Cray unveils new 1,500-core big data crunching monster
6TB of DRAM, 38TB of SSD flash and 120TB of disk storage
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
SDI wars: WTF is software defined infrastructure?
This time we play for ALL the marbles
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.