Cloud Insecurity

I recently had the opportunity to meet with one of the nation’s largest cloud/hosting providers.  An NBG Networks’ client was considering outsourcing some of their critical servers to this company and they asked if we would tag along when they went to tour the facility.
My employee (who we’ll call Bob) and I showed up at this facility for the tour and noticed several employees outside playing handball in front of the building.  Apparently the .com era is still alive and well when it comes to cloud providers.  Bob and I walked up to the door and pushed the buzzer.  Before anybody had a chance to answer one of the handball guys noticed us and kindly let us in using his RFID card.  The handball guy then turned to us and said “guided or un-guided tour?”  Bob and I looked a bit confused and asked to meet our contact, who evidently was in a different administration building.

If anybody can tell me why any datacenter on earth should have an “un-guided tour,” please do so in the comments section!  Bob and I were literally floored.  Not only did the handball guy not ask who we were, he let us in with his access card and basically told us to go wander unsupervised in their main server farm.

After we found the correct building, we were again left unsupervised in their break-room where the other .com wannabes played ping pong and xbox.  If this is the state of cloud and hosting infrastructure at every provider, I’d rather keep a server in my basement than use their facilities.  Suffice it to say, our client did not choose to continue talks with this provider.

-Nick

Follow Me

Nick Gibson

Nick Gibson is a United States computer security expert and founder of NBG Networks LLC. He has worked in security regulated industries like healthcare and finance for over a decade.
Follow Me

Latest posts by Nick Gibson (see all)

No Comments Yet.

Leave a comment