Emerald City Technology Conversations Premier with Archis Gore

Today I’ve cut the final, the video and audio are getting better and better as I determine how exactly these … More

DataStax Developer Days

Over the last week I had the privilege and adventure of coming out to Chicago and Dallas to teach about … More

Security, A Rant Sort Of… and a shocker.

Here’s a shocking statement for a lot of people in technology and especially outside of technology. “Your money is at greater risk because it isn’t in a cloud.” Here’s another shocker “Your medical information is at greater risk at your on-premises Doctor than if it were stored and protected by access control in the cloud.”

Is that shocking to you? If you aren’t shocked you probably know a lot about cloud technology. The cloud is more secure than most of the IT Departments, physical server locations, secure Government installation, and other environments than one might imagine.

Why Am I Writing This Blog Entry?

Your Cloud, My Cloud, Security in the Cloud

I had a great conversation the other night while at the Seattle Web Analytics Wednesday (#waw) with Carlos (@inflatemouse) and a dozen others. @inflatemouse brought up the idea that an analytics provider using the cloud, increases or at least possibly increases the risk of security breach to the data. This is, after all a valid point, but because of the inherent way web analytics works this is and is not a concern.

Web Analytics is Inherently Insecure

Web analytics data is collected with a Javascript Tag. Omniture, Webtrends, Google, Yahoo, and all of the analytics providers use Javascript. Javascript is a scripting language, which is not compiled, and stored in plain text in the page or an include, or passed into the URI when needed. This plain text Javascript is all over the place, and able to be read merely by looking at it. So the absolute first point of data collection, the Javascript tags, is 100% insecure.