The Sky is Falling! Your Systems are Unsafe!
I’ve seen far too many articles lately on, essentially, how screwed up your systems are, or how unsafe they are, or how the HeartBleed issue is going to make all of your information for all of history and the future vulnerable.
Yikes!
Take a breath and read these though. Really consider what they’re saying and figure out what needs to be done. What CAN be done. Sometimes it’s a very simple cure, sometimes it’s not a problem at all and sometimes it takes additional work and investigation to determine YOUR fix for whatever the exciting issue is that’s being pointed out.
Now, before I get completely called on the carpet about minimizing issues, there are true issues out there, things that you need to deal with (including HeartBleed, if it impacted you and your systems). I get it. But I see far too many articles about (paraphrasing) "Your systems are unsafe and you’re losing data!" Essentially, the sky is falling.
I’m not here to call out any particular publications or sites. I am here to ask you to both read through and consider what’s being called out as the issue. For example, one such "sky is falling" item talked about the fact that systems in the cloud were vulnerable… because the cloud provider wasn’t automatically updating the VMs and systems you may be hosting there. The suggestion was that because you’re in the cloud, it’s not safe.
Wait a ‘sec. I don’t WANT my cloud provider to update my VMs. That’s my job. It’s the point of VMs – "hands-off!" If I want constantly updated and managed solutions, there are solutions for that in the cloud by most or all of the cloud providers. Use that. But if you’re using systems that you’re responsible for, OF COURSE the cloud provider isn’t going to be messing with your stuff. They better NOT be… Does that mean the cloud is inherently a black hole of death and destruction and that the data mites are going to come and eat your databases just after publishing all possible confidential information to the web? Maybe not.
You need to know that you’re responsible. That is, indeed, important. You’re responsible for your updates in some of the cloud options you can select. This is identical to on-premise – you’re responsible. You need to manage your update cycles, you need to manage your application of patches, fixes and address issues that come up. That’s just normal admin responsibilities. Let’s treat it like that and stop yelling at the top of our voices that the sky is falling. Let’s focus more on making sure everyone knows and understands where the lines are, who has the ball and what they should be doing with it, rather than just putting out links to attract traffic or hysteria.
Jumping down off my soapbox now.