For all but the most curmudgeonly luddites among us, it’s become totally clear: “The cloud” is here to stay. The power and ubiquity of distributed compute and storage is all around us — at home, at work, and in our social lives.
Recent advances in virtualization have brought us compute efficiency, storage consolidation, and system redundancy that was nearly unimaginable just 10 years ago. As a former IT guy, those benefits were always the promise of virtualization, but they seemed like a futuristic fantasy.
A decade ago, my corporate file store consisted of primary storage with three disk shelves of expensive, fast spinning disks to store backed up data for 30 days. Then I had a filer to track what data was “fresh” and what was “stale.” Stale data was moved to secondary storage, which consisted of many more shelves of much slower disks. Then, after 90 days, all data was copied via a (totally awesome and very expensive) tape robot that whipped and whizzed tapes around inside a big ol’ refrigerator-sized enclosure in my datacenter.
Today, that’s all crazy talk! Files? Save ‘em to Box. Mail? Use Office 365 or Google. Never think of it again. Infinite storage, as far as I am concerned, with an infinite lifetime, and 100% availability. The only limit is my Internet speed, and my budget.
The cloud has matured. We have totally distributed, highly reliable databases of information. Email. Contracts. Real-time car racing games. Home security. Photos and image processing. Everything we used to do locally on our machines, or over a local area network (yeah, I’m old enough to say LAN), is now available globally, across servers, networks, OSes, and devices.
Virtualization — and the move to the cloud — freed me, as an IT guy, from the tethers of my hardware, power, and air conditioning costs. But what I didn’t expect was that those drivers, which were critical and exciting to IT, were even more beneficial to the average consumer.
I never imagined that regular people — people who’ve never been woken from a dead sleep by the bleeping tones of the on-call pager; people who never had to schedule a diesel fuel tanker truck to come re-fill the onsite power generator; people who haven’t seen a single episode of the reboot of Battlestar Galactica — would get even more benefit from the cloud than I would!
I had been interested in only the technology and cost benefits of the cloud. And I was sold. But with mobile devices making the transition from simply phones to de facto personal computers, the push to the cloud is no longer driven by IT and technology. Instead, it’s IT and technology that are being forced into the cloud by consumers and employees.
Enter the app. Each cloud company can write a native, fully featured, built-for-fat-fingers app that you can download from the app store and that runs as users expect. If it’s Android, it works like Android. If it’s iOS, it works like iOS. (If it’s Windows… well, those 19 people are out of luck.) There are millions of ‘em, and users love them.
So, problem solved, right? IT is happy. Users are happy. Great! The cloud is a panacea!
But what about security?
When I traded in my onsite datacenter for a cloud subscription, I made my firewall obsolete. Luckily many of today’s enterprise cloud vendors do a better job of protection than my old budget would have allowed. Unauthorized access is still blocked, and blocked well. That’s good news.
But what about authorized access? Employees can get their data from any device — anywhere — as long as they have a username and password. (Which, let’s face it, is probably the same password they use for 20 other cloud apps, and is written on a sticky note in their top drawer.)
Cloud and mobile are here to stay, and that means we have to leverage a security choke point that isn’t a gateway, or a proxy, or a firewall. It has to be everywhere in the network, across the Internet. It has to be user identity.
User identity is the way IT can control who has access to what data, within each app. IT can enable or disable people within apps, set up new accounts without having multiple passwords, and track who’s doing what, from where, and on what device. But IT can do this only with the right solution that manages and provisions cloud accounts without a million user passwords.
The solution is Identity and Access Management as a Service — and it’s the difference between “the cloud” and “the new, cloud-based enterprise.” It’s the way to secure access when the firewall is irrelevant, and to enable single sign-on so users can forget about those sticky notes.
The cloud is indeed the future, and consumer mobile technology is leading us in an exciting new direction. However, IT can reclaim the driver’s seat, as long as we base our new policy on identity.