Cloud. Public. Private. Dedicated. Secured. Security topic can detonate and destabilize any discussion about cloud deployment. Tell people about security and discussion will be derailed for the next 30 min… I’ve been discussing cloud security on my blog many times. You probably can skim few notable discussions by reading – Cloud PLM and Good Enough Security and Thoughts about cloud PLM security and iPhone 5.
Big companies and cloud providers are moving forward to improve cloud security and certification. Maybe you remember this one – Cloud PLM and Security Certification. Google App Engine is officially secured now. Large PLM providers are checking Cloud IaaS options. Over the weekend I stumbled on interesting Quartz article – Amazon is staffing up for its 600 million cloud for spooks. Here is an interesting passage:
On Friday June 14, a US Government Accountability Office (GAO) report elaborated on previous reports that Amazon had won a $600 million contract to build a “private cloud” for the CIA. (The GAO report was generated when IBM, which had been competing for the contract, protested that it had lost unfairly.) More than half a billion dollars will buy you a lot of cloud computing, and now, according to postings on Amazon’s own jobs site, the company is staffing up to meet the demand the new contract will require. Specifically, Amazon is looking for engineers who already have a “Top Secret / Sensitive Compartmented Information” clearance, or are willing to go through the elaborate screening process required to get it. TS/SCI is the highest security clearance offered by the US government, and getting it requires having your background thoroughly vetted.
So, Amazon is staffing for systems engineers —government cleared. Eventually, it means Amazon will be gathering top knowledge about security and certification. It can be a good news for large PLM vendors looking for experience in heavy PLM implementations for large OEMs.
What is my conclusion? My hunch, CIA security requirements should be in-line with requirements of big manufacturing firms. Security is not a simple act or feature. To ensure security of large OEMs requires time and experience. Leading PLM vendors are trying to figure out how to expand their platforms to cloud environments and security experience can become hot topic for them. Just my thoughts…