Welcome!

Microservices Expo Authors: Automic Blog, Elizabeth White, Pat Romanski, Jason Bloomberg, Matt Brickey

Related Topics: Microservices Expo, Containers Expo Blog, @CloudExpo

Microservices Expo: Article

Cloud Storage and Security Not a New Concept

Everybody Talks About It, But Is It Really All That Different?

Articles and blog posts associated with security and cloud computing are a daily occurrence, unless some well-publicized breach occurs in the cloud.  At that point the number of commentaries and discussions will increase exponentially, and then, over the following week, return to normal frequency. 

I decided to focus on security as it relates to cloud storage, to see if something really new and different is occurring, and if overall changes need to be contemplated, as it comes to classic data security activities.  When I focused in this way, I quickly discovered that not much has changed, and security of data in the cloud is highly dependent on the same precautions and understandings as security of your data in a private data center.

In this recent article, it was suggested that files of one owner residing on a physical device with the files of others could somehow result in unauthorized access. It could, and the answer to this and a myriad of concerns fits within traditional approaches and understandings of security.  

For example, Mezeo encrypts all files prior to storage.  So, even if you somehow got access to another's file, it would do you no good.  My point is that the cloud introduces a few additional complications, but it is not a problem that the current level of speculation seems to portray it as.  An extension to typical security practices, diligence, effective execution and audit of your current practices is what is required.

With this underlying theme, we look at how best we can ensure the security of the data in the cloud. Let's look at five areas that you should consider in regards to storing data in the cloud.

1. Physical Security: First, understand some things about the data center that is hosting the cloud where your data is stored:

  • Is the data center physically secure? 
  • What about it's ability to withstand power outages? 
  • For how long? 
  • Are there multiple, independent (on different grids) electrical power paths? 
  • How are communications facilities enabled and where does the fiber enter the facility?
  • How many communications providers have a POP (point of presence) at the facility? 
  • How is the data center certified (SAS 70 Type II)?

World class data centers are expensive, and they are also well understood.  What is the tier rating of the data center? (Tier IV is best). Make sure you do business with a cloud storage service provider who makes use of such facilities.

2. Data encryption:
Encryption is a key technology for data security.  Understand data in motion and data at rest encryption.  Remember, security can range from simple (easy to manage, low cost and quite frankly, not very secure) all the way to highly secure (very complex, expensive to manage, and quite limiting in terms of access).  You and the provider of your Cloud Storage solution have many decisions and options to consider.  For example, do the Web services APIs that you use to access the cloud, either programmatically, or with clients written to those APIs, provide SSL encryption for access, this is generally considered to be a standard.  Once the object arrives at the cloud, it is decrypted, and stored.  Is there an option to encrypt it prior to storing?  Do you want to worry about encryption before you upload the file for cloud storage or do you prefer that the cloud storage service  automatically do it for you? These are options, understand your cloud storage solution and make your decisions based on desired levels of security.

3. Access Controls: Authentication and identity management is more important than ever.  And, it is not really all that different.  What level of enforcement of password strength and change frequency does the service provider invoke? What is the recovery methodology for password and account name?  How are passwords delivered to users upon a change?  What about logs and the ability to audit access?  This is not all that different from how you secure your internal systems and data, and it works the same way, if you use strong passwords, changed frequently, with typical IT security processes, you will protect that element of access.

In addition, you'll need to examine:

4. Service Level Agreements (SLA): What kind of service commitment is your provider willing to offer you?

and, finally, there's the notion of

5. The Trusted Service Provider.

For more details and analysis on these last two areas, visit my Cloud Storage Strategy blog.

More Stories By Steve Lesem

Steve Lesem is President/CEO of Mezeo Software. Previously, He was Senior Vice President and Chief Marketing Officer of the managed hosting provider VeriCenter. He has also served in leadership positions at SafeNet, BMC Software and IBM. Steve holds a Bachelor of Science from the University of Texas at Austin. He is the primary author of the Cloud Storage Strategy Blog (www.cloudstoragestrategy.com), which frequently sees posts picked up by publications in the IT services and Web hosting spaces.

@MicroservicesExpo Stories
With continuous delivery (CD) almost always in the spotlight, continuous integration (CI) is often left out in the cold. Indeed, it's been in use for so long and so widely, we often take the model for granted. So what is CI and how can you make the most of it? This blog is intended to answer those questions. Before we step into examining CI, we need to look back. Software developers often work in small teams and modularity, and need to integrate their changes with the rest of the project code b...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
SYS-CON Events announced today that Calligo has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Calligo is an innovative cloud service provider offering mid-sized companies the highest levels of data privacy. Calligo offers unparalleled application performance guarantees, commercial flexibility and a personalized support service from its globally located cloud platfor...
Many organizations are now looking to DevOps maturity models to gauge their DevOps adoption and compare their maturity to their peers. However, as enterprise organizations rush to adopt DevOps, moving past experimentation to embrace it at scale, they are in danger of falling into the trap that they have fallen into time and time again. Unfortunately, we've seen this movie before, and we know how it ends: badly.
"Outscale was founded in 2010, is based in France, is a strategic partner to Dassault Systémes and has done quite a bit of work with divisions of Dassault," explained Jackie Funk, Digital Marketing exec at Outscale, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
From personal care products to groceries and movies on demand, cloud-based subscriptions are fulfilling the needs of consumers across an array of market sectors. Nowhere is this shift to subscription services more evident than in the technology sector. By adopting an Everything-as-a-Service (XaaS) delivery model, companies are able to tailor their computing environments to shape the experiences they want for customers as well as their workforce.
If you read a lot of business and technology publications, you might think public clouds are universally preferred over all other cloud options. To be sure, the numbers posted by Amazon Web Services (AWS) and Microsoft’s Azure platform are nothing short of impressive. Statistics reveal that public clouds are growing faster than private clouds and analysts at IDC predict that public cloud growth will be 3 times that of private clouds by 2019.
"DivvyCloud as a company set out to help customers automate solutions to the most common cloud problems," noted Jeremy Snyder, VP of Business Development at DivvyCloud, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We focus on SAP workloads because they are among the most powerful but somewhat challenging workloads out there to take into public cloud," explained Swen Conrad, CEO of Ocean9, Inc., in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - we've lost control, we've given up cost to a certain extent, and then security, flexibility," explained Steve Conner, VP of Sales at Cloudistics,in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"Peak 10 is a hybrid infrastructure provider across the nation. We are in the thick of things when it comes to hybrid IT," explained , Chief Technology Officer at Peak 10, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"I think DevOps is now a rambunctious teenager – it’s starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"I will be talking about ChatOps and ChatOps as a way to solve some problems in the DevOps space," explained Himanshu Chhetri, CTO of Addteq, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @DevOpsSummit at 20th Cloud Expo, Dan Florea, Director of Product Management at Tintri, provided a ChatOps demo where you can talk to your storage and manage it from anywhere, through Slack and similar services with...
If you are thinking about moving applications off a mainframe and over to open systems and the cloud, consider these guidelines to prioritize what to move and what to eliminate. On the surface, mainframe architecture seems relatively simple: A centrally located computer processes data through an input/output subsystem and stores its computations in memory. At the other end of the mainframe are printers and terminals that communicate with the mainframe through protocols. For all of its apparen...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
For over a decade, Application Programming Interface or APIs have been used to exchange data between multiple platforms. From social media to news and media sites, most websites depend on APIs to provide a dynamic and real-time digital experience. APIs have made its way into almost every device and service available today and it continues to spur innovations in every field of technology. There are multiple programming languages used to build and run applications in the online world. And just li...
Data reduction delivers compelling cost reduction that substantially improves the business case in every cloud deployment model. No matter which cloud approach you choose, the cost savings benefits from data reduction should not be ignored and must be a component of your cloud strategy. IT professionals are finding that the future of IT infrastructure lies in the cloud. Data reduction technologies enable clouds — public, private, and hybrid — to deliver business agility and elasticity at the lo...