What is it with cloud computing? Engage VM, disengage brain?

Nine bits of advice from our man Trevor

Internet Security Threat Report 2014

Sysadmin blog The implosion of source-code hosting biz Code Spaces should have rung plenty of alarm bells.

A company with a loyal following and a bright-looking future suddenly disappeared, never to be seen again. What's worse, for the past several years a significant chunk of the IT community has been warning about exactly the sorts of issues that ultimately resulted in Code Spaces' failure.

I feel sorry for the real human beings affected by this incident; jobs lost, years of work evaporated.

Unfortunately, that's not all I feel. I also feel something almost, but not quite, entirely unlike schadenfreude. When I heard the news, the dark uncharitable part of my soul wanted to climb atop the tallest tower and bellow: "I told you so!" A release of years of pent up tension and frustration at watching company after company swallow cloud vendor marketing tripe hook, line and sinker.

A lot of people told the world so. Nobody listened.

Herd immunity

Just because your workload is in the public cloud doesn't mean you can stop worrying about it. In fact, you need to worry more. When you ran your workload on your own premises, you were part of a great big blob of stuff behind a load of IP addresses.

Will this IP hide a multimillion-dollar corporation, or will it hide a home business that sells knit sweaters and makes a few grand a year? What will the security look like? What services could be running there? Is it a researcher's honeypot, or the real deal?

There was some security to be had in that obscurity. If enough zebras run together then they all look the same. Predators must rely on attacking the weak and the infirm because they just can't get a lock on those who are able to keep up with the herd.

To contrast, cloud providers are great big fat targets. They run a lot of workloads that are very alike. They use common security applications and procedures and – most critically – they can all be accessed through a limited number of management interfaces.

Do you remember how Microsoft Windows became the target for every nefarious ass on the planet simply because it was used by everyone else on the planet? This is replaying right now, but with the big three public cloud providers playing the role of planetary target practice.

The cloud is not a free pass to disable your brain

Public cloud computing is marketed as a free pass to disable your brain, but that's a blatant lie. I don't care what your company does in the cloud, you still need a proper systems administrator – an IT operations specialist – to keep it all in line.

Most importantly you need to actually listen to that operations nerd and understand that just because the nice cloudy marketing advert says you don't need things like "backups" or "monitoring" or "security" doesn't mean it's true.

There are some basics that apply, regardless of whether you are using the public cloud, on premises equipment or have a hybrid approach. Here's what you need to know:

Beginner's guide to SSL certificates

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
'Urika': Cray unveils new 1,500-core big data crunching monster
6TB of DRAM, 38TB of SSD flash and 120TB of disk storage
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
SDI wars: WTF is software defined infrastructure?
This time we play for ALL the marbles
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Oracle hires former SAP exec for cloudy push
'We know Larry said cloud was gibberish, and insane, and idiotic, but...'
Symantec backs out of Backup Exec: Plans to can appliance in Jan
Will still provide support to existing customers
prev story


Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.