How the cybersecurity culture changes the direction of a company
January 27, 2023
August 2017 | by Marketing
If we ask two people who see the same cloud in the sky together what shape the cloud has, we will probably receive two very different answers. The same happens when we asked two CIOs what their perception of the public cloud is. Among unicorns and monsters, there are few who know how to distinguish between the stormy cumulonimbus and the tall and light stratocumulus.
In this rapidly evolving environment, seeking identity, several myths about the public cloud have developed. Usually fueled by misinformation and also by the interest of those who feel threatened by the paradigm shift. I believe it is worth bringing the perception of companies that have already migrated to the cloud and can now testify about what it means to have most of their systems in this invisible environment.
The first of these myths concerns cloud performance. The complaint is that the cloud often does not meet user expectations and leaves much to be desired in terms of availability. The fact is that most of these complaints come from companies that have placed their systems in smaller data centers with various technological restrictions and that generally offer hosting solutions where the hardware is owned by the customer. This is not the reality of the public cloud. In the cloud of the big providers like AWS, Microsoft and Google, the amount of resources is virtually unlimited for most customers and the quality of service is totally dependent on the resources and settings you choose for your environment.
The sky is the limit in terms of performance. If something isn't working properly, it's just a matter of modifying the resource parameters to get more bandwidth, CPU, memory and storage. In addition, several tools allow working on the architecture of solutions in order to make them more easily scalable and thus enjoy better performance in an optimized and inexpensive way.
The second myth is about security.
There is a perception that moving data and systems to the cloud can increase exposure and vulnerability to security threats. Here again we are victims of precarious implementations of hosting solutions that claim to be cloud, but do not offer the basic security features available in large public clouds. Also contributing to this perception is the lack of knowledge of the security mechanisms that are natively available for all environments. Among them, we find complete solutions for system isolation, cryptography, prevention and mitigation of attacks, monitoring and auditing, in addition to an extremely sophisticated and granular system of access control and identification of all cloud resources. It is extremely difficult to find companies that have this set of tools permanently updated with an automated SOC (security operations center) and such strict criteria for physical access to equipment as is the case with large Public Cloud providers. Thus, it becomes a matter of education and knowledge to understand that, in most cases, migration to the cloud represents an improvement in the overall security of the solutions.
The third myth is about cloud costs. This theme can become quite complex because there are several models for purchasing the same resources. However, the myth that the public cloud is more expensive comes from poor comparisons with pure hosting solutions where resources are statically allocated (purchased) with growth margins already included.
The fundamental issue is that in the public cloud we can request expansions immediately and therefore it makes no sense to pre-allocate resources that are not being used. As we pay for hours of use, any time the server is turned off already represents savings. The goal is to make workloads operate much more fairly in terms of consumption (rightsizing) and utilize the ability to scale horizontally by adding more servers in the form of clusters of machines. Thus, we can create and finish servers throughout the day, adjusting its service capacity to what is actually used. Perhaps the simplest example is just scheduling the startup and shutdown of servers that only operate during business hours. That is, through monitoring, automation and use of tools that allow the dynamic use of resources, we managed to prove the economy of the cloud.
The last one is related to the construction of hybrid clouds (public/private) as a strategy to deal with the inability of the public cloud to accommodate certain applications. Of course, there will always be very specific applications that are extremely difficult to move to the cloud, but those applications are much rarer than the ones I see used as a justification for maintaining private clouds. To illustrate, we can mention the solutions that allow taking ERPs to the cloud in a safe and efficient way. These are business-critical applications, often written in legacy technologies and interconnected with various other services, but which have been fully moved to the cloud with great success.
For the vast majority of companies, the local infrastructure will be restricted to users' computers and the internet access that interconnects them to the cloud. The private part of the hybrid cloud appears only as a temporary solution to accommodate an inability to move everything to the cloud at once.
Of course, there is no single way of looking at the public cloud. Depending on the reality and needs of each company, the solutions may change, however the gains in scale, sophistication and convenience of the public cloud place a new paradigm in infrastructure in which it is increasingly difficult to justify the purchase and maintenance of own equipment. We need to get used to the fact that the public cloud is something much more concrete, complete and sophisticated than the infrastructure solutions that preceded it and with that I imagine that cloud with the face of a mythological monster will become just a beautiful group of water droplets that float in the sky in the form of cotton.
Caio Klein is a partner and COO at Sky.One
This content was produced by SkyOne's team of cloud and digital transformation experts.
Check out some related posts.
January 27, 2023
November 11, 2022
November 11, 2022