Let’s take a look at the past. When was the first time you heard of the term
“Cloud”? Honestly, I heard of it
probably back in 2009 or so. All that I
recall from it was that you could an account, get a web hosting plan, and set
up a website and/or ecommerce front.
It was also a place in which you could get your own unique email
address depending upon the domain that you got.
You didn’t have to depend upon AOL, Yahoo, Netscape, or even Hotmail (I
don’t think Gmail was prevalent at the time).
I remember I ended up asking some of my other geek friends what
this Cloud was all about. Their response
was fairly typical for the time, “Well, it is a place where you store stuff”. But to a large degree, they were right. During then, that is all that the Cloud was
pretty much used for. It wasn’t until I
took a job as a creative writer with a company known as “emedia” did I fully
start to understand what it is more about.
After all, I was writing most of the copy stuff for most of the
IT clients that we had. By now I had
heard of the AWS, and some of the stuff that it could do. I thought, well, this is pretty cool
stuff. Btu when I got laid off from this
job, I lost touch with the meaning of the Cloud, as I took on positions in tech
writing that had nothing really to do with it.
I then got back into it in 2016, when I took a job with a
tech company that was an exclusive partner for not only Veritas, but for the AWS
as well.
I ended up even attending an AWS conference, where just
about every geek that you could imagined attended. My eyes then opened up even more as to what
the Cloud and do, and my interest picked up again.
One of the very first concepts that I was introduced to was
about the Simple Storage Service, known as “S3” for short. Now, fast forward six years later, and the
Cloud has become something that nobody ever imagined that it could.
It's not just a place anymore for storage. Now, companies can physically migrate their On
Prem infrastructure totally into the AWS or Microsoft Azure (the other Cloud
juggernaut). You can create just about
any sort of AI application that you want, heck, you can even build out your own
virtualized Data Center without having to worry about the cost and the expense
of the brick and mortar one.
Heck, back in the late 90’s, to build an Oracle database server,
you would have to spend at least $30,000, mostly in buying the software.
But with the AWS or Azure, you can now even build out your own
Oracle Enterprise server for as low as $80.00/month!!! But it is important to keep in mind that one
of the big catalysts for this move to the Cloud was actually the COVID-19 pandemic. Because of this, employers don’t have to
worry about issuing company devices, all employees can now access what they
need once again, in the Cloud.
But, as the demand for the Cloud continues to explode, so do
the different configurations that can come along with it. For example, there is now the Private Cloud,
the Hybrid Cloud, and the Public Cloud (which was the original platform).
As a result, companies can now use various combinations to
meet their needs. While this is
advantageous, it has also caused a mass amount of confusion to which nobody has
really paid attention to, especially from the standpoint of security.
Here are some typical examples:
1)
Data storage/leakage:
As mentioned, this is what the
Cloud was built on. But as businesses
are creating more databases to hold this data and to come into compliance with the
data privacy laws (such as that of the GDPR, the CCPA, HIPAA, etc.). there is
much more influx of data than every before.
We are not taking about just gigs of data. We are talking about Terabytes of data, and
thousands of it (now often referred to as “Big Data”). The AWS and Azure have the tools already in stock
to help you protect your datasets, but many companies don’t configure them to their
own requirements. Rather, they leave them
at the default settings, which is a huge security risk. Even these Cloud providers say that you are responsible
for this as well.
2)
IAM and PAM:
These are acronyms that stand for “Identity
and Access Management” and “Privileged Access Management”. These are both complex areas of
Cybersecurity, but simply, these are the techniques that one would use in order
to govern the rights, privileges, and permissions for each end user. I don’t about the AWS, but Azure still has
what is known as the “Active Directory” in which you create various user groups
and profiles to help govern what is assigned to each employee. But with so many different Cloud configurations
that are now possible, keeping track of all this has become a nightmare for the
IT Security team.
3)
The use of the security tools:
I can’t speak for the AWS, but I
know for a fact that Azure has a ton of security tools that you can use
whatever Cloud deployment that you have.
But remember, these are complex tools in the end, and to a novice like
me, it can take quite some time to figure out what to do, and how to do them
properly. In this regard, you are
probably best off having an CSP do all of this for you.
My Thoughts On This:
Compounding this problem even more is that companies are now
using different providers in order to meet their needs. For example, they may end up using both the AWS
and Azure to fulfill what they are looking for, and try to connect the two
platforms together. Heck, even I am a
victim of this.
For my own tech writing biz, I have three of them. The reason for this is that sometimes one
offers cheaper deals than the other, but primarily, one of them has website
starter packages, in which you can create a one-page website off the fly. You don’t need to know Word Press for that.
But the main problem with using different providers is that it
is that much harder to manage all of those passwords, of which I am finding
out. In all honest, if you are a company
that is exploring about making a move in the Cloud, try to find a good CSP that
you can work with. They will not only do
the entire migration for you, but if you want them to, they can even do the post
maintenance work for you as well.
Moving to the Cloud takes a lot of time and thought, and it
should be done in a phased approach. In other words, it’s not a one and done
kind of thing. It’s a beast that will
need to have continual monitoring to it.
You don’t want to end up in a recent survey that was
recently conducted by Cloud Security Alliance which found that only 41% were
not sure if they had experienced a security breach in the Cloud. More details on this study can be seen at the
link below:
https://cloudsecurityalliance.org/artifacts/state-of-cloud-security-concerns-challenges-and-incidents/
No comments:
Post a Comment