Cloud Computing and Security For The Masses: Interview on NPR
Cloud Computing is starting to escape the technical and business press.
The proof?
I was invited to talk about Cloud Computing and Security on NPR “Morning Edition”.
NPR - National Public Radio - is a US based, non-commercial radio station covering news, talk and current affairs. British readers may find it similar to BBC Radio 4.
Every Monday, the “Morning Edition” has a technology theme. The Cloud Computing segment was high level and aimed primarily at a non-tech audience. I always find it hard to answer the question ‘what is Cloud Computing?’ as there are so many different definitions. Regardless, it was a great chance to talk about an exciting technology and highlight the need for a real security conversation between the providers and people interested in IT security - the primary reason why I created cloudsecurity.org.
The show boasts a very impressive audience - around 13 million! I’ve never before had the opportunity to confuse that many people in one shot ;-).
If you would like to listen (its short - 3.5 mins), click here.
I’d like to publicly thank Nina at NPR for reaching out and extend a warm ‘Welcome’ to any NPR listeners who have dropped by. Feel free to leave a message below or email me if you have any comments or questions.
Craig,
I just heard the segment on NPR and typed in http://www.cloudsecurity.org to find this site, and failed. You might want to set up a .htaccess rule to redirect those using the www to http://cloudsecurity.org to avoid a “not found” error. I had to use google to find the site, and not everyone will be as persistent.
Regards,
Andy Mason
I am an NPR listener in Dallas, Georgia, USA and just listened to your brief feature regarding Cloud Computing. It was interesting as I don’t think I know many IT professionals with humor and wit as quick as your own. It made learning and understanding the tech quite easy. I don’t do alcohol or wine, but your synonymic “pay-by-the-drink” expression drove the point home. Well done.
@Ralston:
Thanks for the compliments - I’m truly flattered. I was pretty nervous! I can’t claim fame to the ‘pay by the drink’ expression - but I agree its really apt. Appreciate you dropping by!
Good Morning Craig,
Evan Flechsig
Port Charlotte, FL
Craig, you were brilliant on Morning Edition today. You mentioned grid computing, which some folks might vaguely recognize. I actually read about your blog on C-NET news but it took hearing you on NPR to get me here. I work as an MIS Programmer for a manufacturer and live in Jonesboro, Arkansas. Thanks for stepping up and speaking to the masses!
Good Morning Craig,
Very nice segment this morning on NPR. One thing that I wish was mentioned was “Distributed Computing”, which I’m sure you’re familiar with. Paying for progress is something we all know about, but “free” computing for good causes is something that is still widely unknown. Nice work.
Evan Flechsig
Port Charlotte, FL, USA
@Evan: good point - distributed computing for good causes doesn’t get a lot of attention. But looking forward, imagine the possibilities: imagine you are passionate about a specific condition or ailment - but the researchers of that condition need more compute power to test their ideas. You could reach out to people to donate money that would go straight to powering up the researchers compute cloud. The more I think of it, the more opportunities I see in this area. Great comment.
@Suzanne: Appreciate the feedback - I’m humbled. If there’s anything you’d like to see covered, just let me know. Thanks again.
Heard you on NPR. Nice going. Now I’m subscribed to your blog.
Another form of cloud/grid computing is underground; all those zombie computers cranking out SPAM without their owners suspecting.
As a developer I’m interested in the entrepreneurial possibilities presented by cloud computing. It seems like I could roll out a system with minimal capitol investment.
So, in case you’re having a hard time thinking up subjects to blog about … here are a few suggestions:)
I’d be interested in hearing specific security design guidelines for developing systems to run on the Amazon facilities. Which OS is best from the security perspective? What steps should be taken to secure it? How much budget should be allocated to security development and testing? What kind of third-party security testing should be done?
Then, when the system is ready for production, what security policies should be in place? How much budget is needed for operational security? What are the fixed costs vs the variable costs in security?
I suppose all these questions don’t relate specifically to cloud computing security but perhaps you can cover those parts that do.
Peace,
Rob:-]
Nice job Craig!!
Richard
Great interview Craig. That Fortune 500 company you work for is fortunate to have people like you in information security!
–Grady
G’day Craig,
I’m a listener in Sydney(Australia, not Canada ;’) on the Australian Broadcasting Corporation’s “News Radio”, and I was impressed enough to come check out your web site.
I’m a teacher in IT at a Technical College in Sydney, and one of the courses I teach is on Web Security - your site is an absolute goldmine - thanks.
Kind regards from DownUnder,
Harry
Clear and simple explanation Craig. Enjoyed it thoroughly. My wife overheard the interview and she had some questions! (and she’s not a techy ;)
Subscribed to both your blogs. Keep up the good work!
@Paavan: Hey there - thanks. Happy to take questions :-)
@harrywwc: Great to have an Aussie with us! If you like web security, you must check out these blogs also:
Jeremiah Grossman - http://www.whitehatsec.com/home/resource/grossman.html
RSnake - http://ha.ckers.org/
Google Security Blog - http://googleonlinesecurity.blogspot.com/
All the best,
Craig
@Andy: quite right - I’ve been meaning to setup my DNS properly for ‘www’ but just didn’t get round to it. I guess that means only the hardcore geeks from the NPR listenership made it over :-)
@Richard: Cheers :-)
@Grady: Appreciate you taking the time. Thanks.
@Rob: These are some excellent suggestions. I’ll pick out the Cloud Compute specific ones and add them to my list of things to write about. Thanks for this - good comment.
Craig, excellent explanation of could computing on NPR. Security as well as other applications will be huge for the adaption of cloud computing but being a CBCP I have also been looking into the need for business continuity, provisioning and movement of those servers should an disaster event occur. I look forward to more from your site.