Scott Sanchez

I’ve just completed the first phase of my wide reaching industry study about cloud knowledge, and the results are exactly as we expected.  The more pork you eat (especially when it is slow cooked in a smoker or bbq), the more cloudy you become. This chart says it all… ... (more)

Two weeks ago I spent a few days at RailsConf in Baltimore re-connecting with my developer roots, and it gave me a fresh perspective on what developers really think about cloud. Background Although I’ve spent much of my time focused on the application layer in the past decade, ... (more)

Let’s say, hypothetically, that you are considering building a cloud-based service and had come to that fork in the road where you had to think about how to authenticate users to your API’s. As I was thinking about that problem, it struck me that potentially you could use the ne... (more)

Advertisement: Quad core VM with 8gb of ram and super-fast I/O and unlimited bandwidth — only $0.01995 per hour!!! Order form after you click through 19 pages of extras saying “no thank you”: VM                          $0.01995/hour Activation           $500.00 Deactivation    ... (more)

I’ve been having a conversation on twitter with @reillyusa this morning about how a “cloud of clouds” could help prevent a single point of failure like we saw take down so many sites yesterday due to issues at AWS.  One availability zone or region goes down at AWS?  No problem, a... (more)

So this morning the big news is that AWS is having issues affecting customers in US-EAST-1.  So far I’ve seen 4sq, reddit, godaddy, quora and many others on the “is down” list. What always surprises me when this happens is that people point fingers at AWS, and I always shake my h... (more)

For years already we’ve heard people moan about cloud lock in, and how things should be portable between clouds.  Today, most of the major cloud management platforms and stacks support multiple cloud technologies (some very good ones are even open source) and folks like CloudSwit... (more)

In the past few weeks I’ve run across a number of people building both public clouds that plan on using the highest end hardware possible.  The fastest processors, IO, memory, SSD’s, infiniband, redundant everything, high end SAN hardware, etc.  My reaction every time is… “why???... (more)

Another observational blog post as I try to catch up from not blogging for three months. This is what happens I spend a bunch of time on the street helping customers fulfill their cloudy dreams… One of the things I’ve been trying to evangelize is that for the first time since th... (more)

As product manager at ScaleUp, one of my top jobs is to make sure our cloud management platform has as much impact as possible at what we call the cloud "point of purchase". This is that magical spot where the consumer and provider meet.  It's where consumers locate, order and m... (more)

For years companies that had to store or process data about EU citizens only wanted to do it inside the EU. In some countries like Germany, the laws can be even tighter and hard to understand, so companies kept their data inside the “Bundesrepublik” to avoid any issues. The “Saf... (more)

Chris Hoff wrote a good post today on his blog about how security folks are pulling out the same-old DMZ models to “secure” the cloud that they used in their datacenters 15 years ago.  While this may seem like the right thing to do, it’s not very cloudy, really not very effective... (more)

This came off the top of my head recently when trying to convince a large enterprise that they should at least fiddle around with cloud, and although this is like cloud 101 for most people, I thought it was worth sharing.  This post was almost called “Getting Started With Cloud”,... (more)

What enterprises WANT, and their first choice when thinking about the benefits of cloud, is PaaS and SaaS.  Just like what you WANT to be warm in front of the TV is a crackling fire and a thick down blanket.  Since nobody has the time to make and tend a fire and a blanket require... (more)

This is a living blog post where you will find pointers to cloud security resources that I find valuable.  Reference material, standards efforts, articles, blogs, tweets… whatever I think might help someone else will get shared here.  Essentially, a place where I can (eventually)... (more)

In a previous post I discussed my opinion on why SaaS is the most secure option right now, better than PaaS and IaaS.  The short version is that because security is forced on you at all layers, and that super smart security people are responsible for that security, so the securi... (more)

This week I attended the Cloud Expo in New York City.  It was pretty well attended and I gave my “how cloud computing improves security” talk on both Tuesday and Wednesday to a total audience of probably 150 people.  Here is a top ten list of observations made and things that I l... (more)

Over the years I've had the opportunity to deal with the German Data Protection and Privacy Laws (Bundesdatenschutzgesetz, or BDSG) many times, including recently in a cloud computing context.  I thought it would be helpful to share some of the key things that are required, and h... (more)

There is a talk that I've given a few times with very good response - "How Cloud Computing -Improves- Security".  We go in to detail on all the areas where cloud providers have (or should have) gone the extra mile relative to the datacenter a customer runs in-house, and how with ... (more)

Cloud isn’t secure because it is multi-tenant.  This is a weak argument that I’m tired of hearing. Here’s my short and sweet rebuttal to that position. >> Your internal data centers are multi-tenant today, and you aren’t managing them as well as a public cloud is managed. I can... (more)