Join Date: Nov 2007
Location: Richmond Hill, ON
If you're not adding a layer of of your own crypto to the sensitive data, then sure, if they bad guys are working there, they can easily snoop your data.
We can come up with "what if" and various edge cases forever. At the end of the day, a certain level of risk will be deemed acceptable in order to function as a business.
Financial institutions and other regulatory / compliance driven businesses will probably never be fully in the cloud, but they also have the money to do things their own way.
For everyone else, these services are allowing businesses to operate outside of the traditional IT model where the IT dept calls the shots and if it's not offered in house, it can't be done. That's not an acceptable response to most of the business units since they know they can plunk their credit card down and buy an online service that will meet their demands and they didn't have to put together a capital expenditure request and a project plan to have it done internally.
DB4e | CPA19 | 2 x HDTC-2US | Mac Mini | EyeTV 3
My scanning and reporting scripts here