Blue skies ahead for companies that put cloud first
Every technology business will need to embrace the cloud if they want to thrive in the fast-changing environment of multiple new normals, but they must also keep a keen eye on the consequences.
The continued rise of the cloud is not in doubt and the current COVID-19 crisis will even accelerate the rate of adoption. But it is also true that enterprises will need to review their strategies in response to two key factors: first, the ongoing cloud-technology evolution; and second, the cybersecurity consequences.
A breath of fresh air
There has always been a shared responsibility model in cloud with two roles: provider and consumer. Cloud providers have been gradually abstracting their services, which shifts the responsibility of the consumer from technology infrastructure to business services. This shift is ushering in a world of serverless computing; here, the consumer does not deal with the infrastructure (the servers are ‘invisible’) – the cloud provider decides what is needed and where to run the business services.
Providers are adding a portfolio of advanced features to this abstraction, such as artificial intelligence (AI), the Internet of Things (IoT) and edge computing. This is key for enterprises, as it would not be feasible to deploy many of these services outside the cloud. Think of the huge computing and storage requirements for advanced analytics and AI-model training.
The result of these trends for enterprises is higher development velocity; businesses can move from idea to implementation faster. Coupled with low-code and no-code platforms that democratize application development, we come to a point where applications will change as rapidly as the enterprise needs.
Get ready for a change in climate
Rather than relying on a single vendor, enterprises should ensure their cloud strategies leverage features and economics of different providers. This trend explains the increasing adoption of a hybrid multi-cloud approach, where workloads can be moved between clouds and on-premise facilities flexibly.
This flexibility is enabled by containers, a technology that packages an application and its dependencies in a standardized way so it can be deployed and operated across different environments. We now see massive adoption of this technology, similar to that of ocean shipping containers in the 1950s.
However, containers are not a silver bullet. Many workloads cannot be containerized and using cloud-specific services, such as AI, will create dependencies that cannot be easily avoided. The right strategy involves a trade-off between cost, performance and dependency.
Dark clouds with silver linings
While the cloud holds enormous promise, we must consider the consequences of its adoption – particularly around cybersecurity. Placing sensitive data and applications on a third-party cloud platform means the service provider must be trusted to protect data from external threats.
Enterprises must also comply with regulatory requirements, such as the EU’s General Data Protection Regulation and the US CLOUD Act. These obligations highlight the complication of holding private data in the jurisdiction of one entity but stored in a cloud under the jurisdiction of another.
Containers add another security complication, as they are still relatively new and will require the deployment of new ways of working, such as DevSecOps teams, to operate securely and seamlessly across the entire lifecycle.
Cloud providers are beginning to offer their own multicloud, container-management services. This approach enables deployment to serverless environments but, as the provider decides on the infrastructure to provision the containers, it creates a fresh cybersecurity concern – where is the application executed and where is the data held?
There are several solutions that exist to address the threats to cloud consumers, but these are mainly focused on data at rest (e.g. stored in a database) and data in motion (e.g. transmitted over a network). The security of data in use (e.g. during execution of an application) is trickier to address, but it is needed in a serverless world where your application and data could be running anywhere.
An answer lies in the form of confidential computing, which enables organizations to secure their sensitive data with greater control. It allows businesses to process their data and applications in an isolated and trusted execution environment, without exposing them to the external environment and even the cloud provider. This concept has taken hold; major cloud and technology companies have signed up to the Confidential Computing Consortium to establish open standards in this area.
A promising alternative is emerging in the form of secure platforms that are not linked to any single vendor or geography – a decentralized cloud that utilizes the integrity, security and resilience of blockchain technology. Companies are right now developing new protocols on top of the World Wide Web, with the aim of creating a world computer that, when it is available at scale, will be innately unhackable and unstoppable.
Create a platform to let your organization shine
For business leaders, the traditional parameters of cost and performance in the technology equation must now include security as an equal factor.
The multiple new normals that characterize our future world are not easy to predict. The serverless abstractions introduced by cloud providers promise rapid development and deployment cycles. But the consequence is loss of control and a lack of visibility of where data is processed. This is a critical cybersecurity issue.
Confidential computing provides an answer and will complement the serverless cloud, enabling enterprises to realize the benefits while maintaining trust in the privacy of their critical data and applications.