Am 22.03.2013 10:30, schrieb Gilboa Davara:
You cannot simply sniff SSL traffic and man in the middle attack on
a
large scale are *very* complex.
The idea behind moving to a cloud provider (Again, I'm not in favor of
moving world+dog to clouds) is many (if not more) of the companies
simply lack the technical skills required to secure their sensitive
information (very true), and that this jobs should be left to the
experts at the cloud provider (which remains to be seen)
and it is proven over years that all this "experts" are making
HORRIBLE mistakes, no week where you will not find one of this
"big experts" in a security newsticker
so, no, outsourcing is not a holy cow which makes all better
the opposite is the truth
over the long it would be cheaper to invest in get the experts
inhouse instead pay a rent for maybe-experts and leads to
operational independence instead vendor-lockins and contracts
you never get rid easily in the future if you find out it
was a mistake or only get rid of it with burn down a lot
of money which you liked to saved by starting the mistakes