“The Cloud” is often offered up as a fantastic cure-all; a way to avoid having to think about infrastructure concerns, and make your IT issues someone else’s problem. In limited instances, it may be as simple as outsourcing email or web hosting, in other cases, it may be the virtualization (and cloud migration) of mission-critical or customer-facing applications. Unfortunately, moving to the cloud doesn’t make your management concerns go away, it just makes them different. There’s a story out now about a company that got caught in a bad situation by trusting too much in their cloud strategy, and not taking enough common-sense steps to protect their (or their customers’) interests. For a good summary of what happened click here.So, where does that leave us? What lessons are there to be learned?
The Cloud Isn’t Necessarily a Complete Solution
“The cloud” isn’t a strategy or a solution. It’s part of both of those, but should not be considered a complete replacement for good old-fashioned security and common sense. Although moving to the cloud does provide significant opportunities to improve resiliency against hardware failures, or to deliver a more geographically-distributed infrastructure, it doesn’t protect against everything. As this story shows, it’s still important to plan for “worst case” scenarios.
Identify and Plan for Threats That the Cloud Doesn’t Protect Against
Sometimes, system outages aren’t your biggest problem. The problem here started when someone gained unauthorized access to the system, which in turn led to them having the necessary access to start deleting or changing key infrastructure components. In a broader sense, even with a good backup system (which wasn’t the case in this instance), if someone can gain access and corrupt your data, it may be impossible to tell when the “bad” data started to be an issue. If that happens, there’s no telling how far back your problem existed, or if restoring a backup will even help solve the problem. Although most COOP and DR plans focus on catastrophic outages, it’s important to fully evaluate all threats, including intentional attacks by hackers or other viruses/Trojans, and have risk mitigation plans in-place.
You Need Multiple Layers of Access Control
You need to have multiple layers of access control to provide real security. If the backups and everything else are accessible from (or collocated with) the production instances, there is a problem. By separating (physically and logically) the production data from the backup, it’s possible to create a multi-pronged security posture that protects against malicious attackers, rather than just against system failure. As in the first point above, offsite backups are a good (and old-school) idea that needs to be properly implemented. Although there’s a certain degree of inconvenience caused by having fully separated environments and tools, the security gained more than offsets the nuisance.
In short, this was a terribly unfortunate event that has had disastrous impacts for both Code Spaces and their customers. Hopefully, as word of this spreads, it will serve as a wake-up call to those businesses who have allowed themselves to be lulled into a false sense of security based on the fact that they are “in the cloud,” or by believing that their basic operational safety is somehow now someone else’s concern. At the end of the day, any IT infrastructure calls for an appropriate blend of savvy management, proper threat evaluation, and development and execution of good risk mitigation strategies, whether the infrastructure is “in the cloud” or right down the hall.
<a class=”button large” href=”https://www.seguetech.com/contact/”>Need Help? Contact us</a>