Scott Sanchez Cloud Blog

Scott Sanchez

Subscribe to Scott Sanchez: eMailAlertsEmail Alerts
Get Scott Sanchez: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Scott Sanchez

There is a talk that I've given a few times with very good response - "How Cloud Computing -Improves- Security".  We go in to detail on all the areas where cloud providers have (or should have) gone the extra mile relative to the datacenter a customer runs in-house, and how with a solid partnership with your provider - a cloud can be more secure than what you have in-house.  One of the things we discuss during that talk is how users of cloud need to be prepared to spend more on security and compliance to get the level of comfort and risk management they are used to. The number I like to use is 15% - that for each dollar you save by making a move to cloud computing, you should invest  15 cents to improve security and increase compliance efforts.  The top areas of focus for most should be application security and real-time monitoring efforts.  The security levels tha... (more)

Building a Smart Engine for Multi-Cloud, Highly Available IaaS

I’ve been having a conversation on twitter with @reillyusa this morning about how a “cloud of clouds” could help prevent a single point of failure like we saw take down so many sites yesterday due to issues at AWS.  One availability zone or region goes down at AWS?  No problem, as service levels started to degrade your apps/data/state/etc was moved to another zone or to Rackspace or someone else.  The engine would reduce the cost of having HA because it would make smart decisions about where, how and why to move workloads, and could even have a bunch of hot/warm instances running... (more)

Concept: Using AWS IAM to Protect Your Own APIs

Let’s say, hypothetically, that you are considering building a cloud-based service and had come to that fork in the road where you had to think about how to authenticate users to your API’s. As I was thinking about that problem, it struck me that potentially you could use the new(ish) identity and access management services from AWS.  Create users, set groups and permissions, authenticate them against IAM as an identity provider of sorts.  Of course after I read the FAQ where it asked if you can use it on 3rd party apps, the answer was “not yet”. But I think you can, today. Step... (more)

Cloud Isn’t Secure Because It Is Multi-Tenant

Cloud isn’t secure because it is multi-tenant.  This is a weak argument that I’m tired of hearing. Here’s my short and sweet rebuttal to that position. >> Your internal data centers are multi-tenant today, and you aren’t managing them as well as a public cloud is managed. I can hear you going “Huh?”. Yeah.  Unless you are a three letter agency or one of a handful of super paranoid (or regulated) commercial organizations, your data center is multi-tenant today.  You have gaping holes opened so business partners can come in and help you make money, employees coming in from ‘dirty’... (more)

Top Threat For Cloud Computing: Security Cluelessness

In a previous post I discussed my opinion on why SaaS is the most secure option right now, better than PaaS and IaaS.  The short version is that because security is forced on you at all layers, and that super smart security people are responsible for that security, so the security you get with SaaS is “best” right now. So why is cluelessness the biggest threat for cloud?  Because the tens of thousands of IT workers who bear some kind of security responsibility inside of IT shops around the world are now fiddling with cloud computing.  If not already, then “soon”, many of these ... (more)