14 DAY TRIAL // Google and Microsoft may be at odds about one thing or another, but when it comes to cloud security, they are two peas in a pod.
The two giants took the stage at the RSA Conference held at the Moscone Center. The panel that discussed cloud security included Bret Arsenault (Microsoft chief information security officer), Eran Feigenbaum (Google director of security for Google apps), Bruce Schneier (security expert), and Wade Baker (Verizon expert on the data breach risk team).
While Schneier presented a rather acid opinion on the cloud business, Google and Microsoft’s representatives both consider that cloud storage is now safe enough for everyone to join.
“Fundamentally, ‘cloud’ means to me your data on somebody else’s hard drive. Do I trust that other legal entity with my data on their hard drive?” Schneier asked, before adding that you most often can’t trust vendors to make the right decision for users, CNET reports.
Google and Microsoft obviously had a much different opinion, considering that they both offer such services via their platforms. A big question came from the panel moderator who wanted to know whether Microsoft would trust Google to host its data, and the other way around.
Arsenault was the first one to reply that such a decision would depend on “business factors.” “We do outsource a number of business components today,” he mentioned, before adding that there was always a motivation at the company to use its own software first.
Google’s exec did admit that the company used some competitors’ cloud systems. “Some of their services are better than ours, and some of them use ours,” he said.
Neither statement comes as a surprise, especially since the two companies are, after all, competitors in the market. It should be noted that both execs were extremely polite in their replies.
Both Arsenault and Feigenbaum agreed, however, with Schneier, saying that it did come down to trust when one decided to join a cloud system.
“We fundamentally blindly trust. We trust licensing, we trust litigation; there's a lot of systems we have for when trust fails. All these critical apps are a very human system,” security expert Schneier said.
The RSA conference started on February 24 and will last through February 28. It has been boycotted by countless people, and many speakers decided to cancel their appearances following a media report linking the RSA to the National Security Agency.
According to that report, the security company accepted a contract with the NSA that involved using one of the agency’s in-house developed encryption algorithms that contained a backdoor, which enabled the spies to easily decrypt information.