What is it with cloud computing? Engage VM, disengage brain?

Nine bits of advice from our man Trevor

Beginner's guide to SSL certificates

Sysadmin blog The implosion of source-code hosting biz Code Spaces should have rung plenty of alarm bells.

A company with a loyal following and a bright-looking future suddenly disappeared, never to be seen again. What's worse, for the past several years a significant chunk of the IT community has been warning about exactly the sorts of issues that ultimately resulted in Code Spaces' failure.

I feel sorry for the real human beings affected by this incident; jobs lost, years of work evaporated.

Unfortunately, that's not all I feel. I also feel something almost, but not quite, entirely unlike schadenfreude. When I heard the news, the dark uncharitable part of my soul wanted to climb atop the tallest tower and bellow: "I told you so!" A release of years of pent up tension and frustration at watching company after company swallow cloud vendor marketing tripe hook, line and sinker.

A lot of people told the world so. Nobody listened.

Herd immunity

Just because your workload is in the public cloud doesn't mean you can stop worrying about it. In fact, you need to worry more. When you ran your workload on your own premises, you were part of a great big blob of stuff behind a load of IP addresses.

Will this IP hide a multimillion-dollar corporation, or will it hide a home business that sells knit sweaters and makes a few grand a year? What will the security look like? What services could be running there? Is it a researcher's honeypot, or the real deal?

There was some security to be had in that obscurity. If enough zebras run together then they all look the same. Predators must rely on attacking the weak and the infirm because they just can't get a lock on those who are able to keep up with the herd.

To contrast, cloud providers are great big fat targets. They run a lot of workloads that are very alike. They use common security applications and procedures and – most critically – they can all be accessed through a limited number of management interfaces.

Do you remember how Microsoft Windows became the target for every nefarious ass on the planet simply because it was used by everyone else on the planet? This is replaying right now, but with the big three public cloud providers playing the role of planetary target practice.

The cloud is not a free pass to disable your brain

Public cloud computing is marketed as a free pass to disable your brain, but that's a blatant lie. I don't care what your company does in the cloud, you still need a proper systems administrator – an IT operations specialist – to keep it all in line.

Most importantly you need to actually listen to that operations nerd and understand that just because the nice cloudy marketing advert says you don't need things like "backups" or "monitoring" or "security" doesn't mean it's true.

There are some basics that apply, regardless of whether you are using the public cloud, on premises equipment or have a hybrid approach. Here's what you need to know:

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Linux? Bah! Red Hat has its eye on the CLOUD – and it wants to own it
CEO says it will be 'undisputed leader' in enterprise cloud tech
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
Hey, what's a STORAGE company doing working on Internet-of-Cars?
Boo - it's not a terabyte car, it's just predictive maintenance and that
Troll hunter Rackspace turns Rotatable's bizarro patent to stone
News of the Weird: Screen-rotating technology declared unpatentable
prev story


Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.