Prioritise Cloud Security from the “B of the Bang”
The British Olympic Gold Medallist sprinter Linford Christie memorably quipped that he started his races not merely at the ‘bang’ of the starting pistol, but at ‘The B of the Bang’. Wise words indeed. Anyone developing software in the cloud should do a Linford and prioritise cloud security from their own “B of the bang” too. You may get into trouble if you do not ship features to the expected dates and/or costs, but you may still be able to go live with some work arounds. However, you will not go live if there are security holes and nor should you. If you leave your cloud doors open, then it can be very bad indeed not only for yourself but for the reputation of your employer too.
In the past week alone, it has been fascinating to see just how important and valuable the cloud security industry has rapidly become. Three announcements caught my attention.
- Firstly, in their recent block-buster earnings report, Satya Nadella casually mentioned that Microsoft’s security business did more than $10 billion in revenue in 2020!. Read this great summary from Cloud Wars Live in analysing the impact behind the headline.
- Secondly, Google announced a major upgrade to Apigee, its API management platform that it bought in 2016. A key highlight was a sophisticated multi-layer approach to security with the newly named Apigee X being integrated with GCP’s Cloud Armor & Cloud Identity.
- Finally, Datadog enhanced its own cloud services by buying Sqreen, a SaaS Security platform, which provides a neat real-time solution that analyses code & config to highlight vulnerabilities. Sqreen has impressive VC backing & it looks a smart move for both firms.
When, we at APS and IOCO our S African engineering partners designed our Digital Data Lab, we did a Linford and made security our #1 priority. One of our highest priority use cases was to mitigate the risk of data loss and data leakage. This is absolutely critical as the value of a Digital Data Lab would be completely undermined if the data sets within a Lab(s) could be hacked into or saved to personal email accounts and/or unapproved cloud storage solutions. The thing is Data Loss & Data Leakage are dry topics, so I wanted to find a way to make this easy for people to both get and to remember. So, I went back to my teenage years and named my Data Loss & Data Leakage use case “Hotel California”.
- Hotel California – You can check the data in any time or any way you like, but it can never leave.
- (well, only save it to approved storage 😊)
I have now learnt that my “Hotel California” concept has proven super easy for others to remember. We are also confident that our cloud native solution is neat in that it mitigates the risks but without constraining the productivity of the Lab users too.
Why a Lab ? Our conviction is that many firms currently lack the cloud native Data Scientists & Data Engineers, who are essential to accelerate and de-risk a firm’s cloud adoption journey. They are currently continuing to use low tech solutions like excel building on an informal economy of shadow IT data feeds with undesirable consequences for quality, risk and productivity We believe that our combination of a working Digital Data Lab, optimised for data experimentation and analysis can help a team/firm get going and grow its own muscle, whilst having the option of tapping into the talents of a high skill, near shore partner.
In my last Blog I suggested that Wealth & Asset Managers will soon be in a “War for Talent” for cloud native Data Scientists and Engineers, driven by the rapidly growing need to progress their Sustainability and ESG ambitions. Whatever solution they follow, then I am cannot recommend strongly enough that they do a Linford and prioritise Security from the “B of the Bang”.