I’ve read a very interesting and different post about security in cloud computing and more precisely IaaS (Infrastructure as a Service).
Tons of articles and surveys about security being the major obstacle to cloud computing and lots of FUD are current, but Andreas M. Antonopoulos dared to offer a new perspective of security as THE differentiator of IaaS offerings. I have especially like the part:
“Security is like a liquor license to a restaurant — an opportunity to up-sell each customer with a high-profit margin product to balance out the dismal or loss-leading margins of the core product. Security is the single most profitable differentiator that a service provider can add to IaaS to have any hope of making money. Security is brand-sensitive, labor-intensive, infinitely customizable and difficult to scale. That makes security the perfect differentiator that can add value to a bland IaaS offering.”
As a security provider for IaaS I’ve to strongly agree with this new perspective and we are currently working with hosting companies and IaaS providers in order to make this perspective come true.
For us, the main challenges ahead:
- Heterogeneity: There are several cloud stacks (AWS, OpenStack, VMWare, Nimbula, Eucalyptus just to name a few), so it is hard to build solutions for all and moreover they offer different functionality
- Focus: Security is a real and hard problem (please check the guidelines of the Cloud Security Alliance if you want to go deeper), but we have to focus on customers needs with an incremental approach and try to build solutions for each need (there is no silver bullet)
What do you think about these challenges?
Thanks Andreas for the refreshing article