Welcome to this week’s edition of CloudBolt’s Weekly CloudNews!
Lastly, thank you reading our blog this year. We wish you Happy Holidays and a Happy New Year! Weekly CloudNews will return in 2020.
With that, onto this week’s news:
Brien Posey, ITProToday, Dec. 18, 2019
“The fact that organizations need to spend so much time and effort deciding when to use on-prem storage and when to use cloud storage speaks to a bigger issue: a gap between where we are and where we should be when it comes to strategic storage management.
One of the major challenges that storage admins face today is that of storage silos. In the data center, storage is divided by application, and is further subdivided into performance and capacity tiers. Never mind the fact that most organizations also have storage scattered across multiple clouds.
There are several problems with this approach to storage. For one thing, it makes application agility difficult. Suppose, for example, that you have a particular application running in your data center and want to move that application to the cloud. While there might not be anything overly difficult about moving the application itself, dependency resources can present a challenge. If the application depends on a specific backend database, for instance, the database might also need to be moved to the cloud. Otherwise, the application’s performance is likely to suffer if the application has to send all of its database queries across the WAN.”
Catherine Knowles, TechDay, Dec. 18, 2019
“Venafi has released the findings of its latest survey, revealing 75% of DevOps professionals say certificate issuance policies slow them down.
In addition, more than a third (39%) of professionals believe developers should be able to circumvent these policies to meet service level agreements, and less than half believe developers always request certificates that serve as machine identities through authorised channels.
Venafi, the inventor and provider of machine identity protection, conducted a survey on digital certificate security policies and practices in DevOps environments.
Cryptographic keys and certificates serve as machine identities and enable authentication and secure communication for applications, service containers and APIs on enterprise networks, the internet and in cloud environments. The use of weak or unauthorised keys and certificates can significantly increase security risks, particularly in cloud environments, Venafi says.”
Adrian Bridgwater, TechHQ, Dec. 16, 2019
“Cloud computing is the future they told us. Leave all your IT concerns at the door and buy into an on-demand Software (and Platform, and Infrastructure) as-a-Service model that benefits from true elasticity, robust back end security provisioning and a seamless experience for all who plug into the cloud, as it is piped hot and fresh for us from the datacenter whenever we need it.
That was the public cloud dream scenario, and, in marketing terms if nothing else, it mostly still is.
Of course, it doesn’t quite work like that in the real world because public cloud comes with inefficient Reserved Instance pricing structures, the issue of multi-tenant servers which some use cases will not permit, location governance issues, and a world of other extenuating factors from latency concerns to GDPR compliance issues. This is the ugly face of cloud.”