Cloud computing continues to make the headlines. Unfortunately, the recent news hasn't been good. I've never been one to let lemons go to waste, so let's make some lemonade by using the recent PlayStation Network hacks as a starting-off point to explore the importance of knowing what information security your cloud provider has in place. After all, what good is bad news if you can't learn something good from it?
According to the PlayStation Network blog, "... between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network." It's been reported that those breaches resulted in the compromise of personal data belonging to nearly 100 million account holders.
The PlayStation Network hack demonstrates the risk common to any cloud service adoption: The cloud provider may not handle your information as securely as you would like. When you use any cloud computing service, you are trusting it with information, whether that be personal, regulated, proprietary or otherwise sensitive information. In doing so, you lose some of the control, or at least the perceived control, that you had when you did the same things in-house.