SMB resources on the move
-
@Dashrender said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
@BBigford said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
@stacksofplates said in SMB resources on the move:
So now, the only way for someone to get my info is to physically come in my house and take it (which is a different discussion).
There is always another means of compromise, just thinking that there isn't itself is a security risk. One that I guarantee AWS' security team (ranked the best in the world) doesn't make. They also have monitoring and people there 24x7 always watching everything with the best AI and the best human I that there is. Nothing you do gives you the tools that they have, nothing.
But beyond that, the fact that someone could grab your stuff physically alone is enough to end the discussion. Amazon effectively removes that risk. You can't physically target data at Amazon. You can't target it via software tools, you can't target it with guys and a trunk and guns. You have to attack through different vectors.
This.
I keep getting shot down for so many services we could have hosted because our Sprint contracts say we can't use a hosting provider because the cloud is insecure. Same goes for anything HIPPA. But cloud security and monitoring is far superior to anything I could offer on a budget. If I had a ton of time... Maybe. But I don't, and that would cost the client a ton more even if I did.No, nothing is HIPAA restricted like that. That is a myth. HIPAA does NOT undermine security. That's someone who is just lying to you.
perhaps not lieing, but instead put their own opinions into what they believe they are reading, and then put in rules for things they deal with and blame it on HIPAA.
Well, injecting opinion when they've not even remotely looked over the HIPAA material, talked to experts or know about security... that would be a form of lying
-
@scottalanmiller said in SMB resources on the move:
@BBigford said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
@stacksofplates said in SMB resources on the move:
So now, the only way for someone to get my info is to physically come in my house and take it (which is a different discussion).
There is always another means of compromise, just thinking that there isn't itself is a security risk. One that I guarantee AWS' security team (ranked the best in the world) doesn't make. They also have monitoring and people there 24x7 always watching everything with the best AI and the best human I that there is. Nothing you do gives you the tools that they have, nothing.
But beyond that, the fact that someone could grab your stuff physically alone is enough to end the discussion. Amazon effectively removes that risk. You can't physically target data at Amazon. You can't target it via software tools, you can't target it with guys and a trunk and guns. You have to attack through different vectors.
This.
I keep getting shot down for so many services we could have hosted because our Sprint contracts say we can't use a hosting provider because the cloud is insecure. Same goes for anything HIPPA. But cloud security and monitoring is far superior to anything I could offer on a budget. If I had a ton of time... Maybe. But I don't, and that would cost the client a ton more even if I did.HIPAA does NOT undermine security.
I would hope not. Intentionally not looking at every secure resource is just flat out negligent and naive. But I haven't had to do anything with HIPAA, yet. I've only talked to some of the admins at our local hospital about it.
-
@BBigford said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
@BBigford said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
@stacksofplates said in SMB resources on the move:
So now, the only way for someone to get my info is to physically come in my house and take it (which is a different discussion).
There is always another means of compromise, just thinking that there isn't itself is a security risk. One that I guarantee AWS' security team (ranked the best in the world) doesn't make. They also have monitoring and people there 24x7 always watching everything with the best AI and the best human I that there is. Nothing you do gives you the tools that they have, nothing.
But beyond that, the fact that someone could grab your stuff physically alone is enough to end the discussion. Amazon effectively removes that risk. You can't physically target data at Amazon. You can't target it via software tools, you can't target it with guys and a trunk and guns. You have to attack through different vectors.
This.
I keep getting shot down for so many services we could have hosted because our Sprint contracts say we can't use a hosting provider because the cloud is insecure. Same goes for anything HIPPA. But cloud security and monitoring is far superior to anything I could offer on a budget. If I had a ton of time... Maybe. But I don't, and that would cost the client a ton more even if I did.HIPAA does NOT undermine security.
I would hope not. Intentionally not looking at every secure resource is just flat out negligent and naive. But I haven't had to do anything with HIPAA, yet. I've only talked to some of the admins at our local hospital about it.
HIPAA just has statements like "equal to or above standard industry security practice". It's very general and puts it on the IT and security teams to ensure that they are meeting basic security practices. If anything, having data not on an enterprise cloud should be a red flag and trigger an audit.
-
@scottalanmiller said in SMB resources on the move:
@BBigford said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
@BBigford said in SMB resources on the move:
@scottalanmiller said in SMB resources on the move:
@stacksofplates said in SMB resources on the move:
So now, the only way for someone to get my info is to physically come in my house and take it (which is a different discussion).
There is always another means of compromise, just thinking that there isn't itself is a security risk. One that I guarantee AWS' security team (ranked the best in the world) doesn't make. They also have monitoring and people there 24x7 always watching everything with the best AI and the best human I that there is. Nothing you do gives you the tools that they have, nothing.
But beyond that, the fact that someone could grab your stuff physically alone is enough to end the discussion. Amazon effectively removes that risk. You can't physically target data at Amazon. You can't target it via software tools, you can't target it with guys and a trunk and guns. You have to attack through different vectors.
This.
I keep getting shot down for so many services we could have hosted because our Sprint contracts say we can't use a hosting provider because the cloud is insecure. Same goes for anything HIPPA. But cloud security and monitoring is far superior to anything I could offer on a budget. If I had a ton of time... Maybe. But I don't, and that would cost the client a ton more even if I did.HIPAA does NOT undermine security.
I would hope not. Intentionally not looking at every secure resource is just flat out negligent and naive. But I haven't had to do anything with HIPAA, yet. I've only talked to some of the admins at our local hospital about it.
HIPAA just has statements like "equal to or above standard industry security practice". It's very general and puts it on the IT and security teams to ensure that they are meeting basic security practices. If anything, having data not on an enterprise cloud should be a red flag and
trigger an auditgenerate a sysadmin resume.FTFY.
