We've talked to Sarah before, and probably will again. She has strong opinions based on her experience in IT, and is happy to share those opinions. So take it away, Sarah...
Robin Miller for Slashdot: We are talking with Sarah, and she is founder, CEO and high muckety muck for SysAid based in Israel which is where she is not shockingly. Sarah maintains that the best reason to move your company’s software and data to the cloud is that the cloud is more secure. Talk to us.
Sarah Lahav, Sysaid : What I am saying is that 90% same challenges you are having now you will have when you put yourself in the cloud. Because I am not saying more secure but I am saying it is challenging. But if you look at infrastructure and what the cloud has to offer you, I am saying that it is a better substantial way to be secure in the cloud if you trust your provider like Amazon with the money they can invest because it is their business to keep you secure. The services with information in fact they have lots of people that’s what - their job to do is to keep your data secure. I am saying you have better chances of being secure in the cloud.
Slashdot: Alright. But in the cloud – the public cloud -- isn’t it possible that many attackers could try to get at your data, while having most of your corporate data stored on a server behind your firewall, and in fact, one that is not behind your firewall because you have disconnected it from the internet, is more secure? You have taken that piece of Cat 5 cable and pulled it out and you only plug it in for updates when you are watching.
Sarah: Yes, but I don't think that's something companies in this day and age can actually do. I mean most of their services as an organization work with applications like Salesforce. that requires you to be open to the internet. If you are the military you would not have regular connections to the internet but that’s not most of the corporate world. Most of the corporate world with customer services employs Salesforce, other SaaS providers, SaaS services you are buying. You are already out there, you can actually use that exposure to the internet. The only thing I am saying is that Amazon has more resources than any organization to invest in the cloud. Firewall is a firewall so you can get firewall from Amazon. I think that most probably having security app
I think the most security risk we have are people. The knowledge of what they do, and that wouldn’t change if it is locally or in the cloud. You just have to get knowledge and use it as a skill around Amazon and other SaaS providers in order to know what to do to protect the information. I really think from the cost effective side of things, if you don’t have the infrastructure, you want to keep updating you have better chances of cost effective in the cloud in Amazon than you have locally. The security, everybody agrees is the challenge. It is where the war is. And I really think that Amazon has better chances with the money we invest to keep us updated in all times and give us tool to check it.
Slashdot: I just want to say something: You are pushing Amazon hard. I have several good friends, who are fine, excellent programmers and security guys who work for Rackspace, out of Texas.
Sarah: Also good, also good, also good if you have government and regulation, and you are familiar with the services they provide, Rackspace it is just an ocean, Amazon as long as you know, we had a brief conversation before this conversation about the internet of things, and how it is a huge security breach, which I agree, but the internet of things is a breach because the IT person doesn’t know, so more conversation we have about security with IT people, it is not about what they know, it is about what they don’t know like if you buy a teapot and put it in the organization, it has internet on it, it is very simple to protect it, the fact you don’t know it puts you to all, and that is not even in the cloud yet. So I am saying it falls on people more on technology and I really think in regards with investing and money, it is worth to put it in the cloud, in the public cloud. You have better chances of keeping it secure. It is our business. Because we will be out of business if your data is not secure. That’s what we do.
Slashdot: Okay, let me, I don’t know how to say this.
Sarah: Because you want to give me a hard time.
Slashdot: Not really. I just want to learn as much as I can to help our listeners, our viewers, learn as much as they can. So I am going to give them a link to your website of course, the company website so they could see that and go in there. But the point is well taken, and I have heard it before that if you are a small company you don’t have the need to have a full time systems administrator on staff. It is just plain cheaper to hire your company or the one in Texas, Spiceworks, or any of the many others. So you are saying quite correctly -- I think I heard it once in an ad for something else--“We live and breathe this stuff.” That you just have more people, and probably smarter people working on security than a small company can have—I agree with that. Now, isn’t it inherently safer to have everything you can behind your firewall and connect with VPNs back and forth?
Sarah: Again, I am not just talking about the small company, a lot of the currently best services is by Salesforce but you will say I am pushing again Salesforce, but that was just an example. The services that if you want to be – the sales team that have the right tool, then you want to move forward, you have to consume services from the cloud. Salesforce with the timing, the company organization name means what kind of data they are holding for you. In which organization there are sales, there are numbers, there are orders, there are contacts, that’s one of the most valuable assets they have; so if an organization would be like to be competitive in this day and age, most of the services they are consuming are cloud based. The experienced organization expects to have multiple updates for the year currently making the task of people that want to keep their services on premise impossible. We have an on-premise version and SaaS solution and I can tell you that the SaaS is relatively more advanced than the in-house. Because the challenges are the in-house are enormous but we understand that people -- not all of them – are ready to adopt the cloud. If you want to be a competitive organization, if you want to give your workers the tools to do their job and to keep the organization in line with the competition, SaaS is the only way to go. What exactly I was talking about is secure unless you are a health, services provider or you hold credit card numbers for people who purchase some stuff for you, or if you have got health information, or you are military, and also around there the regulations, like HIPAA compliance or government set boundaries, and the SaaS people understand this is a business need. Not an IT need. The IT, you are giving them a headache, and they have a lot of headaches between BYOD and the internet of things, but they understand it is a business need, they would have to consume services in the cloud. Sometimes you all will be out there and that’s what you are doing so just know about it. The problem is knowledge. What services are out there? We are talking about VPN... even to install VPN you want to have security and you have to have knowledge. I think people are more afraid to get new knowledge than to consume stuff from the cloud.