Security and Other considerations. Part 1
By Johan Nordstrom
The only constant in this world is change, and these days it’s coming quicker and faster than ever before, as is evident in the explosive market for cloud services.
A recent research and analysis from Cisco showed that the global internet traffic to and from different cloud services has been growing at a rate of 30 percent each year. So whether you like it or not, the cloud is how we structure, architect, use, and secure the environments under our control today. The time when servers were kept safely behind perimeter firewalls with intrusion controls and preventive solutions is past; organizations will instead need to depend on outsourced and hosted environments to handle security.
Breaking Down the Castle Walls
It is interesting to mention the “defense in depth” analogy relating security to a medieval castle (we even use the same analogy in our own Wallarm video! ) with controlled access to different locations inside and a deep moat filled with alligators around the perimeter. This “hard outside” and “soft inside” model was designed to make it as difficult as possible to breach the defenses. However, if an invader were able to get inside the walls, there was full access to the resources inside.
Today, the castle defense analogy is no longer relevant: systems and users move with ease from within the security of a protected corporate perimeter to their local coffee shop or to an entirely different country as part of their normal workday — and don’t pretend you never bring your laptop with you on vacation. To secure today’s generation of environments and platforms requires a totally reworked approach that not many organizations are ready for.
Forecast for Today: Cloudy
Some firms promote the idea of a “cloud-first strategy” for all technology deployments and business applications. This might not be a bad idea, but it doesn’t mean that your first priority should be to cut and paste your entire architecture into the cloud or a containerized environment — especially if you will be forced to choose between a new architecture and environment that is outside of your own direct control and the traditional security controls that you have been depending upon.
Now, in recent years, technology has evolved even more, to the point that it allows for more seamless security in floating environments that need to span traditional data centers, cross border, virtualization, and cloud environments. This allows organizations to grow their capabilities without having to choose between security and the latest generation of technology stacks.
This is essential for most companies because it’s no longer a question of “if” but “when and how” they will move to the cloud.
Word of the Day: Flexibility
It is easy to think that the cloud is a relatively new phenomenon, but if we go back in time a bit, we’ll find that the principle of outsourced or shared computer power is not new at all. Already in the 50s and 60s, when computers still were relatively new, researchers, universities, and militaries shared costs and resources to gain computing power.
Today’s modern technology makes it possible to add new solutions and functions and to have a flexibility that was entirely unthinkable fifty years ago, but there are still many things to consider before making the jump to a cloud environment.
The cloud (OPEX) vs. on-premise (CAPEX) discussion is something that has been going on for decades as firms navigate the advantages and disadvantages of each approach as well as the related risks and dependability of the underlying service and technology.
From the production and operations side, the choice to move into the cloud or maintain on-premise infrastructure has been and remains a very complicated question, especially if there is a demand for real-time connectivity and security.
Medium and large businesses more often look to the on-premise model because it provides better stability and more reliability. Moreover, they generally have larger IT budgets so they can hire dedicated employees, and, if needed, can consult individuals and experts who have the training and skills to handle in-house solutions.
Small companies with only one or few IT persons tasked with handling multiple unique systems are often not able to keep up with the requirements of running the business in a stable and secure way; those companies tend to be a lot more flexible and prepared to start from or move their systems to a cloud environment, which eliminates a lot of the workload and complexity.
In a production environment, using the cloud permits companies to add servers and software much faster — which can be particularly critical for companies that have to frequently update their systems and applications. Additional advantages are the elimination of machine maintenance and software upgrades. All of this also reduces the cost of operations and ownership.
For smaller businesses trying to avert the capital expenditure of their own IT staff and on-premise solutions, it seems a logical choice to take on the ability to move information to and from the cloud without the need to take on additional hardware, hires, or internal personnel, instead focusing on revenue-generating tasks.
The choice to move to a cloud solution also shines a light on another critical area: how to address and handle sensitive data and information and whether it makes sense to keep confidential and sensitive information in an on-premise environment or if it should be hosted by or transferred to a third party.
The ability to move to the cloud can also be limited by a company’s existing in-house developed applications and software that require many updates and real-time access.
However, the current marketplace is now developing toward a stage where cloud solutions are as close to instantaneous as a desktop link and where new vendors provide hybrid design solutions that allow the option to remain in full control of sensitive information and data.
Given these circumstances, the cloud versus. on-premise debate will nonetheless remain an “it depends” scenario in which the dimensions of the business and their particular requirements will determine the ideal infrastructure.
…To be continued!