Welcome!

Security Authors: Michelle Drolet, Elizabeth White, Paige Leidig, Lori MacVittie, Kevin Benedict

Related Topics: Cloud Expo, Security

Cloud Expo: Article

Security Is Not the Only Barrier to Cloud Adoption

Networking is also important

In his 90 minute keynote address at the AWS re:Invent conference, Andy Jassy quite unabashedly gave these reasons for using AWS versus a private cloud, (at the 32 minute mark) :

So public cloud adoption should be a no-brainer, right? Oh wait, but Andy omitted security in the public cloud - how can I trust that my customers' sensitive data is secure in the public cloud?

Been there, heard that before.

I agree, the message wears thin that enterprise businesses are apprehensive to store sensitive customer data in the public cloud, and thus hesitant to adopt the cloud at all. (By the way, it was also very refreshing in Jassy’s keynote to see NASA’s JPL use of the public cloud, as the Netflix story also gets old.)

Maybe it’s the network ?
Enterprises might not be able to migrate their applications to the public cloud, because of how their datacenter servers are connected and secured. A customer came over to our booth at AWS re:invent and while very excited about the AWS public and our announcement, wanted to know “What do I do about my VLANS? My physical and virtual servers are isolated at layer 2? And my servers have two networks: one network for data and applications, the second network only for administrators – how do I architect this in AWS?”

So we walk over the AWS booth, and discuss migrating VLANs to AWS, where the customer no longer controls the network. One idea proposed was to use VPC to isolate instances and elastic IP addressing for the management interface and IAM roles to lockdown who can access the instance.

“Lockdown” hmm, seems like security is a strong requirement for the public cloud after all!

More Stories By Jonathan Gershater

Jonathan Gershater has lived and worked in Silicon Valley since 1996, primarily doing system and sales engineering specializing in: Web Applications, Identity and Security. At Red Hat, he provides Technical Marketing for Virtualization and Cloud. Prior to joining Red Hat, Jonathan worked at 3Com, Entrust (by acquisition) two startups, Sun Microsystems and Trend Micro.

(The views expressed in this blog are entirely mine and do not represent my employer - Jonathan).