For the longest time, some of the biggest hesitations have been founded in security in the cloud. But things are changing – the problems are starting to get resolved. As different things come online, from always encrypted SQL Server features to dealing with certificates and keys and the like, it seems to be time to reconsider and reevaluate.
I caught this post by Mark Russinovich (CTO, Microsoft Azure) talking about what they see for cloud innovations for 2016.
He’s talking about some items that you’d expect – advances and acceptance of bigger, badder services and Xaas – platforms, infrastructure and software.
But the thing that caught my eye was the talk about security.
“…with more customers recognizing that the cloud is secure and even acknowledging they believe the cloud is more secure than their own datacenters.“
This is a huge mindset swing in how people are considering the cloud. Now, sure. He’s not saying that everyone, everywhere is moving this direction all at once. It’s more that as projects and objectives come online, the security aspect is clearly in a much better place and less of a hinderance.
I can see this too in the work we do and in the work with clients. It’s interesting that talk is less about “I can’t move anything sensitive…” and more about “make sure we are using those elements that protect our information.” Those are entirely different statements and requirements.
Needless to say I have to agree with the sentiments in the post. Where before we had to worry more about protecting information, figuring out the pieces to get there, figuring out what was missing or unsupported, etc, today it’s more about selecting the pieces and approaches needed and knowing that they’re covering the requirements well.
What do you see as you consider security implications of moving to the cloud today, vs. “yesterday?” Of particular interest personally are the international requirements for data protection, privacy and access controls. What do you see for your own systems?