I vow not to castigate organizations that build huge public PaaS or IaaS resources, then after lackadaisical marketing, just say, “Shucks, Merv, let’s just do Azure or vCloud.”
I’m going to use each and every cloud reference with an adjective, as in “SaaS Cloud,” “IaaS Cloud,” etc., because most of the rest of the Internet is not the cloud, just tawdry and tracking-infected websites.
I will use an encryption key manager and back it up daily to an offsite location. I will use only 256+bit encryption on everything I encrypt. I will resist the temptation to use less than AES-256, especially with X.509 keys.
I promise to use an actual root certificate, whose provenance is vetted by either Apple or Microsoft, and I will expire the certificate every six months, just to frustrate the hell out of all of my https users.
To read this article in full or to leave a comment, please click here
My 10 New Year"s cloud resolutions for 2016
No comments:
Post a Comment