The NIST definition of Cloud Computing from 2011 has now become so much an oversimplification that it is more often than not unhelpful, e.g. when trying to base your policies on it. Cloud or not-cloud was important when we had no clue what we were dealing with and while it was maturing, but that phase has passed. So, forget about ‘IAAS’ and ‘PAAS’, end your ‘cloud policies’ or cloud-specific procedures. Instead, concentrate on managing the key generic issue underlying it: the ever more complex mixes of owned and outsourced algorithms and data, regardless of oversimplistic ‘cloud’ concepts.
1 month, 20 days ago