Are there any Implementations of Secure Indexes?

What is the definition of "100% secure" when speaking of cloud applications that store proprietary business data?

Lately, in response to media articles about Amazon, Citibank, Sony, and US government sites being hacked into, i'm confronted by concerned business executives that don't feel proprietary business data is "100% secure" or "secure enough" in the cloud. So I'm asking the question. What is 100% secure? What is secure enough? And, if 100% secure is unobtainable in the cloud, what IS 100% secure outside of it?
Answer:

There's no reason that a server in the "cloud" (presumably we're talking about "in a remote data center") would be any less secure than a server not in the "cloud" (one not "in a remote data center"). "100% secure" is a lie, unless the server is unusable by any human. If you're talking about data security (meaning that we're not talking about stopping DDOS attacks, just about protecting things like credit cards), Generally speaking, the best security you're going to have is to run on a stable operating system and server software with the latest patches (monitoring security lists routinely so that you have fix when issues are found), on a system protected by a hardware firewall that sits outside of your actual servers and only allows traffic on the minimum number of ports. You need to encrypt any sensitive data (like credit cards) using a PCI-approved scheme, and you should hire penetration test experts to test routinely. The only thing that I would expect that would be different "in the cloud" is that if you're hosting servers in your own data center, they're a lot more likely to be physically breached, because companies rarely put as much money and effort into physically securing servers as hosting providers.

Was this solution helpful to you?

Other answers

I'm taking this question from a general security angle. Security is a trade-off not a feature. There is no 100% secure anything so anytime you see someone saying such nonsense you know that they are either trying to manipulate you or just innocently don't understand security. (Look at their motivations to determine which) If the data exists then it is accessible by someone, sometime whether it's over the wire, by burrowing through a wall or by impersonating you the one person with the key. Also it's important not to confuse certifications, like PCI, with security. You can easily implement a PCI compliant system that is highly insecure. However, more fundamentally the entire line of thinking the question points out it is flawed. Namely a thought pattern like the following: Oh we can't implement X because it's not secure enough. The right way to approach the question is to determine how much it takes to secure option A, B, C etc and then compare the benefits of A, B, C as a business and pick the one that make sense. In the cloud specifically you would need to compare the cost of developing a secure application to the benefits of operating in the cloud. Then you would compare that to a private or leased data center. (Note I'm not arguing the cloud is more/less secure, but this is the right way to approach the problem) Another thing to keep in mind is that if you are spending all your security effort and attention trying to defeat known or understood threats you are in trouble. This is why TSA is totally ineffective, they just react to the last plot. Instead you need to assess your vulnerabilities and either harden them or make the business resilient to attacks that exploit them.

Ian Withrow

Related Q & A:

What Is The Definition Of The J-invariant Of An Elliptic Curve?Best solution by Mathematics
How to store large ordered data?Best solution by Stack Overflow
What is the definition of true friendship?Best solution by Yahoo! Answers
What do French people think of other French speaking countries?Best solution by au.answers.yahoo.com
What jobs are more stable and secure?Best solution by Yahoo! Answers

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.