[brfox]

Great rationale, and it has served you well. I am a happy smugmug user.

I have a question about data security. If I wanted the data to be safe (in terms of intellectual property and corporate secrets), what do folks here think about using S3 and EC2? I really like the flexibility of using Amazon instead of buying servers for internal corporate data processing... but is secrecy a good enough reason to keep everything inside one's own firewall? (I suppose one could encrypt a whole TB of storage)

[iigs]

IMO it depends on what you're securing. If you have a line of business that is particularly susceptible to espionage and the expected loss would be fatal to the business you obviously shouldn't trust anyone you don't have to. However, be realistic about it: many companies don't have anything of substantial enough value to merit infiltrating Amazon to break in to your server to analyze, and while it's of course possible to statically analyze a filesystem the effort bar is higher than the "I'll just snoop in this user's mailbox" level.

On the other hand, if you're doing anything that is either illegal now or could become unpopular with a government that Amazon could be pressured by, you should consider your data confiscated now. I'm not saying I've heard of Amazon doing it, but there are already enough service provider wiretap and warrant laws out there that you'd never know what hit you if it happened.