Comment by jacquesm
10 years ago
> Also, tell your clients to back their stuff up with their own methods, too, just in case you come under heavy attack.
This goes for any 'in the cloud' data that you might have. In the end it's your data and your company that is at stake. Not all data wipe-outs are malicious, sometimes accidents do happen.
Banks are tripping over themselves to get out of the datacenter business and put all their files on Azure/Rackspace/AWS/what have you. It's embarrassing.
It really is. I'm hoping they're just offloading less consequential crap instead of core apps. Those are on mainframes in most banks I know. Maybe legacy lock-in will save customers' data and money from cost-cutting managers. Ya think? Would be ironic as hell haha.
Except that it seems when it comes to Azure everyone feels safe then also backing up to Azure (specifically talking about SQL database here). Sigh...
Every time I hear stuff like that I point people to this link:
http://www.theregister.co.uk/2014/06/18/code_spaces_destroye...
Damn, I feel for them. That said, I feel better about how I've incessantly posted Wheeler's page over the years whenever source control comes up. Despite many being annoyed, they have no idea how important it is to have great security, storage, and recovery on this stuff. Between Wheeler's page & Orange Book A1 stuff, the practices today look kind of abysmal and ripe for the taking.
http://www.dwheeler.com/essays/scm-security.html
Orange Book systems' (1980's to early 90's) used air gaps and/or paper backups in safes. OpenCM, a robust SCM by Shapiro et al, mentions that among other things:
https://web.archive.org/web/20060315100242/http://opencm.org...
1 reply →