Sunday, October 04, 2009

a cautionary tale about cloud security

Well described by the BitBucket team - a problem with an attack on their AWS-based infrastructure. See: http://blog.bitbucket.org/2009/10/04/on-our-extended-downtime-amazon-and-whats-coming/

In the end it looks like the right thing happened, but certainly there were a few travails along the way. This episode suggests you need your own sophisticated technical resources to work the problem with the cloud provider team.

For those who worry that finger-pointing or delay in problem identification can occur with your cloud provider, this episode confirms some of your fears. Its early yet, and over time providers will be able to distinguish themselves by their tools and techniques for rapid identification and resolution of problems, including security-related attacks like this one. Its a learning curve for all involved.

No comments: