By Grant Asplund, Cloud Evangelist
What if your CEO came into your office today and said, “I want us to get rid of our on-premise datacenter and begin using the public cloud, ASAP!”
What three things would you prioritize first?
Earlier this year I launched my new podcast TalkingCloud. My first guest was Patrick Benoit and the episode is filled with great information. With a couple decades of experience as an IT executive and with his roots in programming, Patrick offered sage advice to those moving their workloads into the public cloud.
Patrick reminded me the cloud is simply an on-premise datacenter; it’s just someone else’s on-premise datacenter. He went on to suggest too many enterprises assume the cloud providers are taking on more responsibility than they really are. This results in enterprises ‘letting their hair down’ and not adhering to the traditional standard operating procedures.
The fact is, the datacenters being built by Amazon, Microsoft, Google are far superior to that of any datacenter (pick the name of a F100 company and insert here) could build. They are highly secure…and rest assured the hardware is all patched with the latest patches and all is superbly maintained…it’s their business. Moreover, their (Amazon, Microsoft and Google) risk is far greater than the risk (insert the same F100 company name here) experiences simply because their risk multiplies due to their huge customer bases.
We then turned our discussions to why so many enterprises end up on the bad end of a misconfigurations in the cloud. Patrick suggested the problems are rooted in lack of training and general confusion regarding the nuances between the ‘old’ on-premise tools and practices and the new software-defined everything environment called the public cloud. Furthermore, despite performing technology refreshes, enterprises are not doing the same with their IT staff…we’re not investing in keeping our people trained and educated on new technologies because we’re all so busy. The ease of use and accessibility of cloud technology only serves to exacerbate the problems, in part thanks to CTL-Z…no one reads a manual any more…we just poke around, click here and there and, if we don’t like what happens, we just ‘undo’ and never really learn like we used to.
Patrick is a big advocate of continuing education and training and mentioned the abundant Computer Based Training (CBT) offered by the cloud providers. It’s remarkable how much is available and how much is free. You’re squandering an opportunity if you don’t take advantage of the CBT offered by cloud providers. Patrick believes we’ve created our own problems by creating silos of technology experts. Making matters worse, we have too many on our teams who lack depth of knowledge.
We discussed the critical importance of access management and configuration management. He highlighted DLP as an ‘always’ concern simply because the cloud is so porous. Gone is the traditional North/South architecture…with the right credentials, I can log in to my cloud account from anywhere from any computer. This is why Patrick suggests Threat Intelligence is going to become increasingly more critical because enterprises are going to have to constantly be analyzing acceptable/unacceptable uses patterns, base lines and anomalies.
In Patricks words, “Fundamentals are key, know your access controls, know your data, know your assets. Manage your identity and access management and fully understand who in your organization is managing your IAM.”
I closed my first podcast asking Patrick what three things he recommends enterprises do before moving into the cloud? Here’s a summary:
- Identity and Access Management – Before you move into the cloud make certain your identity and access management are really tight and cleaned up. Also, know who is managing your IAM
- Really pay attention to and mature your Configuration and Change Management – Make sure you have very tight controls on all configuration and change management controls – don’t just accept ‘Default’
- What is the Business Risk…not data loss risk but potential business impact and/or loss. Think about what happens when you put data in the cloud and how it will impact your business customers– what is the potential business risk/impact to your business?
Subscribe and listen to all my TalkingCloud podcasts here: https://talkingcloud.podbean.com
TalkingCloud is available in Apple Podcasts, Google Podcasts and Podbean at https://talkingcloud.podbean.com