The Cloud versus On-premises debate is still alive and well. I originally posted this article in October of 2014 and in December of 2015 I’m happy to report that fear mongering is still strong at many enterprise IT departments. I have had many a security person tell me that:
On-prem is more secure than cloud
…all the while my brain is buzzing with these sarcastic thoughts.
On-prem is better (more secure, more available, fill-in-the blank) because….
- Operated and maintained by people with less product experience than the vendor and who aren’t allowed to attend product training, because that makes sense
- Always at least a few versions back from the latest release of code to make sure we only apply older versions of buggy code
- It is behind my firewall (which I also run old code on) and cloud solutions don’t use firewalls
- Monitored by a solution that sends me lots of alerts
- Not monitored by an IDS, ’cause it’s on the inside “safe” part of my network
- It is only exposed to the safe internal network where my stupid users who aren’t savvy with technology are
- The government can’t access my data as long as it stays in my datacenter
- My users aren’t malicious (but my vendors are)
- I can control it
I write these as someone who has been a customer and thought these things, been a technology partner and promoted these things, at a vendor selling a hybrid solution and playing either card.
Just having a little fun, hope you enjoyed it.