What is it with cloud computing? Engage VM, disengage brain?
Nine bits of advice from our man Trevor
Sysadmin blog The implosion of source-code hosting biz Code Spaces should have rung plenty of alarm bells.
A company with a loyal following and a bright-looking future suddenly disappeared, never to be seen again. What's worse, for the past several years a significant chunk of the IT community has been warning about exactly the sorts of issues that ultimately resulted in Code Spaces' failure.
I feel sorry for the real human beings affected by this incident; jobs lost, years of work evaporated.
Unfortunately, that's not all I feel. I also feel something almost, but not quite, entirely unlike schadenfreude. When I heard the news, the dark uncharitable part of my soul wanted to climb atop the tallest tower and bellow: "I told you so!" A release of years of pent up tension and frustration at watching company after company swallow cloud vendor marketing tripe hook, line and sinker.
A lot of people told the world so. Nobody listened.
Just because your workload is in the public cloud doesn't mean you can stop worrying about it. In fact, you need to worry more. When you ran your workload on your own premises, you were part of a great big blob of stuff behind a load of IP addresses.
Will this IP hide a multimillion-dollar corporation, or will it hide a home business that sells knit sweaters and makes a few grand a year? What will the security look like? What services could be running there? Is it a researcher's honeypot, or the real deal?
There was some security to be had in that obscurity. If enough zebras run together then they all look the same. Predators must rely on attacking the weak and the infirm because they just can't get a lock on those who are able to keep up with the herd.
To contrast, cloud providers are great big fat targets. They run a lot of workloads that are very alike. They use common security applications and procedures and – most critically – they can all be accessed through a limited number of management interfaces.
Do you remember how Microsoft Windows became the target for every nefarious ass on the planet simply because it was used by everyone else on the planet? This is replaying right now, but with the big three public cloud providers playing the role of planetary target practice.
The cloud is not a free pass to disable your brain
Public cloud computing is marketed as a free pass to disable your brain, but that's a blatant lie. I don't care what your company does in the cloud, you still need a proper systems administrator – an IT operations specialist – to keep it all in line.
Most importantly you need to actually listen to that operations nerd and understand that just because the nice cloudy marketing advert says you don't need things like "backups" or "monitoring" or "security" doesn't mean it's true.
There are some basics that apply, regardless of whether you are using the public cloud, on premises equipment or have a hybrid approach. Here's what you need to know:
Sponsored: Protecting mobile certificates