Author Archives: simon

Is Cloud Lock-In A Bigger Issue Than Security?

Cloud lock-in a bigger issue than security

Before LabSlice I was employed as a Security Architect for a major bank. Banks, government departments and  health providers are naturally suspicious of technology solutions that they do not fully control. This is why cloud security is frequently listed as a concern for big industry, typically followed by operational uptime concerns. What you can’t control with your big budget is usually what you fear will backfire and cause you trouble.
But that’s not my stance. In general there is little that differentiates normal security concerns from cloud security concerns, and the big players (Amazon, Google and Microsoft) can usually deliver better security controls than most companies can achieve themselves. With certifications such as ISO 27001, annual SAS70 audits and the attainment of PCI-DSS, cloud vendors are showing themselves to have stronger datacentre controls than most companies, or at least SMBs. And true cloud computing (IaaS and PaaS) only provides you the infrastructure, not the application. It’s up to you to develop bullet-proof security for your application, by adding appropriate access control, data encryption and frequently monitoring the activities of your application.

So if the cloud is so secure, why do I have a nagging feeling about Amazon, Google and Microsoft being the biggest cloud providers around?   My bet is that cloud security concerns will eventually die out, as the next generation of IT professionals start to realize that they have been playing right inside the wolf’s den. Cloud lock-in is the problem of the future.

How you will be locked in to your cloud:

1.     Whilst there are some efforts to build cloud agnostic consoles and APIs, these efforts will ultimately bear little fruit. Ever-so-slight differences between cloud providers will make it difficult to extract yourself from one cloud and move to the next. One of the top cloud vendors is already well-known in the industry for locking people into their solutions, and there should be no difference in how they play out their business model in the cloud.

2.     Cloud vendors are not your standard host providers (eg. GoDaddy). Rather, the large cloud providers are already well-established players in multiple industries. Consider that players like Google are providing you a very easy platform on which to build the next social application, whilst at the same time they are trying very hard to enter this market themselves. In many ways I see cloud providers owning a platform that helps them deliver services they want to own in the future, and it’s no surprise that the 3 major players are strongly targeting startups. I don’t see a company like Google allowing the next Facebook or Twitter to easily migrate their platforms away. The bigger you get, the more hurdles you will find when you talk to your cloud vendor about migrating away.

3.     When you use a cloud vendor today you are not just buying compute power. Rather, you are building on top of a compute stack selected by the vendor, from the operating system right through to the programming languages made available (even IaaS locks you in to certain stack decisions). Migrating from one application stack to another is never an easy task.

My bet… Within 5 years you will hear little about cloud security, but you will find a lot more companies stuck with vendors that they would prefer they didn’t select to use today.

By Simon Ellis Owner Of Labslice

A Taxonomy Of The Amazon Cloud

A Taxonomy Of The Amazon Cloud

Using the Amazon cloud is a challenge, partly due to the overwhelming number of terms that must be understood to just get your servers up and running. Below is a taxonomy break-down that you can use as a reference for getting started with the Amazon cloud.: Cloud Computing: A self-service environment for the creation of highly-scalable applications,

Cloud Security: Keeping Those Keys Safe

Cloud security: Keeping those keys safe Jack Murgia, from Cloud Controllers, sent me an interesting query last week: “How does LabSlice ensure that the Amazon Web Services (AWS) Access Keys remain secure within the application?” This is a great question, as the AWS Access Keys are the keys to the house for any business using the

IaaS and PaaS to disappear by 2012

IaaS and PaaS to disappear by 2012 Cloud computing comes with its own unique acronyms, which can at times make it a confusing space to work in. The two key acronyms people know are: Infrastructure as a Service (IaaS): The provider gives you on-demand access to compute infrastructure, with console access (RDP or SSH) to

3 Quick Ways To Reduce Your Amazon EC2 Cloud Charges

3 Quick Ways To Reduce Your Amazon EC2 Cloud Charges

Reducing Your Amazon EC2 Cloud Charges The Biggest difference between standard web hosting and cloud-based hosting can be seen when you get the monthly bill. A standard web host, like GoDaddy, will charge you a flat monthly fee and give you access to a single, fixed server. Whereas a cloud-based host, like Amazon EC2 will