RE:RE:RE:RE:Avigilon Blue, a New Subscription-based Cloud Service
Old dude. Here’s how gov security works in real world. I know, I happen to design some of their systems, audit them, install them and have worked with top gov people for many years. Numerous small and extremely large departments. I know one contractor who put a gov system on the net to test and the guy was fired shortly thereafter.
They typically use a closed security network. Does not go onto regular network used by john or Jane Doe gov worker. Completely self-contained and no "internet access” Some are in what’s referred to as a Sensitive Compartmented Information Facility (SCIF; pronounced "skiff"). A room where you go to discuss sensitive information or look at secure information. Old Maxwell Smart “cone of silence” it actually exists J
Only an idiot would permit installing a server at sea level or in a location susceptible to wind, rain, fire etc. Trust me. A secure room for data storage or management of same, is a VERY tight little room.
Some morons in business, who like a company that was recently hacked and had people’s social insurance numbers or credit card info stolen will use passwords like "admin" on their servers. Yes ADMIN is still used by some morons. So knowing that there are morons in security and they use admin, would any smart person put their system on the net, knowing that some knuckle head will use admin???
So in closing. If I was going after the only entity with real money and has money for very nice maintenance contracts etc., I would not be pushing the cloud. In fact I wouldn’t even mention it out of fear of being viewed as someone new to security. Private sector? Yah they would go for it. Private sector doesn’t have gov money.
Cloud sounds sexy to some, for me, its just another big hole waiting to be exploited.