CIOs are increasingly concerned about cloud security. And they should be.
With the recent outbreak of visible breaches at high-profile organizations
like Target, Anthem, and others, and the subsequent damage they cause,
corporations are scrambling to make sure their cloud applications, whether on
private, public, or hybrid clouds, are safe.
But cloud security is complex. With ephemeral applications and services
springing up around multiple data centers, with dozens or hundreds of
independent microservices each with their own access mechanisms, with the
widespread adoption of virtualization and the recent rampant frenzy over
containerization, keeping on top of cloud-specific security vulnerabilities
is a huge effort.
Here we'll look at a handful of high-level cloud security concerns that keep
security folks up at night.
1. Transparency is crucial.
Transparency is hi... (more)
This is part of the ever-expanding "Microservices and PaaS" blog series
covering the rapidly evolving use of microservices in modern cloud software
projects. Parts I and II introduced microservices concepts and discussed
patterns and practices being spearheaded by microservices pioneers, notably
Netflix, who were represented at a recent microservices meetup that was the
genesis of this series.
Part III presented a list of challenges and pitfalls that adopters of
microservices face. This list is formidable and somewhat daunting; pointing
out the significant changes in mindset, or... (more)
This is the final installment of the six-part series Microservices and PaaS.
It seems like forever since I attended Adrian Cockroft's meetup focusing on
microservices. It's actually only been a couple of months, but much has
happened since then: countless articles, meetups, and conference sessions
focusing on microservices have been delivered, many meetings and design
efforts at companies moving towards a microservices-based approach have been
endured, and five installments of this blog series have been written.
There's no doubt that microservices, like containerization and DevOps... (more)
In the first four parts of this series I presented an introduction to
microservices along with a handful of emerging microservices patterns, and a
discussion of some of the downsides and challenges to using microservices.
The most recent installment of this series looked at ten ways that PaaS
facilitates microservices development and adoption.
In this post I'll cover some words of wisdom, advice intended for
individuals, teams, and organizations considering a move to microservices.
I've gleaned this advice from the various articles and meetups mentioned
above, from dozens of dis... (more)
In the Cloud, Virtualization Is an Implementation Detail
Virtualization is everywhere. Enormous and highly profitable companies have
been built on nothing but virtualization. And nowhere has virtualization made
more of an impact than in Cloud Computing, the rampant and unprecedented
adoption of which has been the direct result of the wide availability of
virtualization software and techniques that enabled it. But does the cloud
actually require virtualization?
I think not.
What Makes Cloud Computing Cloud Computing?
According to NIST Cloud Computing has a handful of defining chara... (more)