IBM's Ban on Dropbox and iCloud Highlights Cloud Security Issues

IBM has forbidden its employees from using cloud-based services such as Siri, Dropbox and iCloud, according to reports. These products (along with many others) are presenting a challenge to IT administrators who want to keep their organizations secure, as well as to consumer-software developers who suddenly need to build features with both consumers and businesses in mind.

Unrealistic

We have a similar ban in my company (Alcatel-Lucent). Of course, I can carry out gigabytes of information on a thumb drive or the laptop I take home every night, but while I'm at work I can't connect to DropBox. I hope IBM also jams cell signals because all someone has to do is plug an LTE dongle into their laptop and they are outside the corporate firewall. This is the Maginot Line of security.

Re:Self-Serving?

[NeutronCowboy]

Yes, of course. At the same time, what would have them do? Not ever mention anything about potential security holes, because it could be construed as a conflict interest?

Here's the real question you need to ask yourself before putting anything in the cloud: do you trust them to be more competent than yourself at backing things up, providing uptime and securing the data? If you answer no to any of these questions, you have a reason to keep stuff in-house. Note: beware of Dunning-Kruger effect. If you answer yes to all three, you have no reason to keep things in-house.

What IBM has done is to say that they can do a better job securing their data than Dropbox and iCloud. Considering the rather significant breaches that have occurred at Dropbox, and the completely unknown state of data security in iCloud, IBM is spot on with their assessment. I would only put encrypted stuff on either, or stuff where I have no problem if people are snooping through it. Want to take a gander at my weekend pictures? Knock yourself out. Want to find out what my truecrypt file is about? Good luck with that.