[munin]

> The author obviusly doesn't realize that the company making the wafers for Raytheon ISN'T ALLOWED TO USE THE CLOUD.

This is probably going to change. People like you said the same thing about health data, and student data. The savings were so tantalizing that the regulators and stakeholders figured out how to make it work. What do you think GovCloud is for? C2S and "Secret cloud"?

Our university had a 3-4 person dedicated Exchange team. When "Google Apps" came out, people wanted us to switch to that from our old mail server stuff. Go figure, why would you keep using pine and squirrelmail when you could use gmail? "It can't hold student data" the IT team said, "it isn't certified for FERPA or ITAR." Okay, true. Fast forward two years, now Google's "Apps for Education" can deal with both. The switch was sudden and brutal and the university no longer has a 3-4 person dedicated Exchange team or an Exchange deployment of any kind.

[jimbokun]

And at some point, AWS or Azure might be considered more secure than servers configured and administered by an organization that doesn't have that as its core competency.

[illumin8]

This. Who beat every single private organization with Spectre/Meltdown mitigation? Amazon Web Services.

There is a pervasive myth that servers run by private organizations are more secure than those run by the public cloud providers, and the opposite is actually true. Does your organization receive embargoed information from Intel to mitigate side-channel 0-days before they are publicly announced?

[blub]

Fast forward two years and after Google promised they would not spy on the students like they do on the general population to get the contracts they did exactly that.

Lobbyist and fools can get past most logical objections and cloudify anything.