Do you remember playing capture the flag as a kid? I sure do! My friends and I would split up into even teams - usually about 6 kids per team. Then each team would hide our precious flag on our side of the backyard. Now the important "strategery" comes into play once the game actually begins, as I found the winning formula was to make sure my teammates all spread out and stayed as far away from each other as we could. That way, we avoided getting caught when we entered enemy territory (i.e. the other side of the backyard). Some teams would stick together in groups of 2-3 to chit-chat while they snuck around the backyard, making them an easy target! The principle here is a familiar one: don't put all your eggs in one basket. Well, cloud computing has created the largest IT egg basket the world has ever known. The aggregation of thousands and thousands of workloads into a few, very large data centers has made these workloads sitting ducks for attackers. Just like my chatty friends, cloud-hosted workloads are easy to find and much more vulnerable than in the old days when each company kept their workloads in their own private data centers. I'm certainly not proposing that we go back to the old days of IT, but it's important to consider how we can combine the cost and efficiency benefits of cloud without increasing our attack surface and adding new vulnerabilities into our security perimeter.
In this short video Jason and I will explore some of the top considerations related to both planning for, and designing for security when operating in the Cloud.
As a follow-up to the video above, in this short video Jason describes his personal experiencing working with Akamai to overcome the security challenges he has experienced when operating in the Cloud.