True I guess. But there's no need to upgrade the apps themselves. Any web-app used for sensitive data should always be https:// - I know some aren't though. Very naughty.
True I guess. But there's no need to upgrade the apps themselves. Any web-app used for sensitive data should always be https:// - I know some aren't though. Very naughty.
Are we as users able to change any of the settings on our computers to make access via https:// rather than http:// or is this something which is down to the provider?
Are we as users able to change any of the settings on our computers to make access via https:// rather than http:// or is this something which is down to the provider?
It's down to the provider. They need to implement a security certificate at their end to encrypt the data between your browser and their servers.
It's down to the provider. They need to implement a security certificate at their end to encrypt the data between your browser and their servers.
Although it is only the the connection that is secure. If someone is running an unpatched op sys or an out of date browser etc, then however secure the connection, the data could be being read and stolen at the user's end.
Although it is only the the connection that is secure. If someone is running an unpatched op sys or an out of date browser etc, then however secure the connection, the data could be being read and stolen at the user's end.
True, but the same applies to your own computers.
And what do you think is more likely to be unpatched or unprotected? Joe Bloggs Windows Vista machine running Zone Alarm or our montored Windows Server 2003 boxes sitting behind a top of the range hardward firewall with intrusion detection, etc.
Re-reading your post, I wonder if you are talking about the users system being insecure rather than the provider? If it is insecure, then that's still going to be insecure even if they don't use cloud computing.
But if they are using products like KashFlow then atleast the data is stroed somewhere secure (and no, a keylogger wouldn't get their login details)
True I guess. But there's no need to upgrade the apps themselves. Any web-app used for sensitive data should always be https:// - I know some aren't though. Very naughty.
Some will say any app used for sensitive data should always be Offline. The security of "Cloud based applications" is largely unknown, as vendors rarely give details of bug fixes, or system intrusions. I don't know what the physical security of the site, your offices, your staff at the office, nor the people involved with looking after the server.
Take Gmail, everyone knows of massive hacks on user accounts, but do you hear it from Google themselves? No, its bad for business. Most of Google services have been riddled with holes, and its right across the board, not limited to just one application.
If a company the size of Google can't secure their systems, why should we trust anyone else?
Quite funny really though how progress is revolutionary, zoom back to 33 years ago when a young bill gates and paul allen were writing programs on a usr33 teletype, a dumb terminal if you like which connected over a wide area network to mainframes housed in a data centre where users rented processing time. Here we are today and 'cloud' is being heralded as the new big thing!
Of course everyone knows the web, or thin client is the future, its been mooted for years , the idea that you should use a PC as an appliance, like a toaster, your toaster goes bang you unplug it, buy a new one and plug that in and off you go again, you dont spend days fixing toaster OS problems
I tell you what, using just your browser rather than any desktop apps isn't that bad. I can patch into our Exchange server, use Google apps, and all of our websites are browser admin'd anyway. Good stuff.
The security of "Cloud based applications" is largely unknown, as vendors rarely give details of bug fixes, or system intrusions. I don't know what the physical security of the site, your offices, your staff at the office, nor the people involved with looking after the server.
Linear Mode
