Good online personal security, like good personal hygiene, can go a long way toward making for a happy existence. Just ask the recently hacked Twitter.
There's nothing wrong with scrutinizing the security characteristics of your service provider or potential service provider--cloud (as we've reported) or otherwise--regardless of the personal security habits your company imposes on its employees. Security skepticism is a good thing.
But there's a certain irony, I think, when the security expectations that we place on vendors are much higher than internal expectations. It's not a case of the cobbler's children having no shoes. In many companies, a security double standard exists, leaving data, information and even competitive secrets at risk.
Is there a double standard where you work? If so, figure out what you can do to at least ensure adequate security for yourself as an employee. If your job involves setting or implementing your company's internal security measures, see how they measure up against your expectations for vendors. If there's a big difference, put the wheels in motion to fix it.
Cost justification? Just ask Twitter.
- more on what happened at Twitter