Gartner on cloud security: 'Our nightmare scenario is here now'

For one thing, it's not advised to run applications with different levels of trust controls on virtual machines located on the same physical server, he says. "It's best to keep them separate, virtual machines with the same trust controls on the same physical server," he said, noting auditors prefer this.

Without sharing detail, he said he knows of a recent occurrence in a cloud-computing arrangement where law enforcement going after someone seized the data for the entire physical server even though the suspect had data on just one virtual machine on that server. This caused a lot of consternation among other companies whose data happened to be on that same physical server in separate virtual machines. He noted that virtualization and cloud computing is new to law enforcement in some instances and this kind of issue is still being hammered out.

Mark Hurd, chairman and CEO at HPHP, who gave the keynote at Gartner yesterday, evoked a knowing chuckle from the audience when he said he has visited with many CEOs and frankly, they didn't like the term "cloud" because they would prefer to think they're operating in "clear skies." Alles zu HP auf CIO.de

But without tipping his hand, he hinted that HP could be active in this arena itself with cloud-oriented services over time, probably the more private cloud varieties.