[VIDEO] Does an Open Source OpenStack Cloud Mean Better Security Compliance?
I personally believe that open source is a better methodology for building, procuring and deploying software. However I also know full well that when it comes to security, configuration choices and implementation often make the difference between being breach and being safe.
So when I recently chatted with the Cloud Security Alliance - I asked them if it was possible to bake in security compliance, directly into an open source OpenStack cloud. The executive I spoke with, John Howie was formerly employed by Microsoft, so there might have been a bias - but his organization's view is that open source or proprietary - the same controls are needed to secure the cloud.
Howie also notes (in my video interview with him below) that there is NO SUCH THING as a truly open source cloud...