[toomuchtodo]

Lots of open S3 buckets full of critical data not helping the counter argument. Security is hard, proving you’re secure to others more so. How do I know you’re not just storing my data in S3, abstracting away the mechanism, but your bucket policy or acls are garbage? I don’t. Cloud does not immediately mean more secure.

[ageyfman]

The point I was making isn't that the cloud is naturally more secure, it's that the company was 100% focused on medical imaging, not the 1000 projects a typical network/system admin at a hospital has to juggle.