Chapter 5. Security
If the cloud forces you to completely reexamine your thinking about any particular part of your infrastructure, it’s most likely to be security. The first question I hear from most executives is, “Should I be concerned about losing control over where my data is stored?” Although outsiders are particularly focused on this question, the following security implications of the cloud are much more profound:
Lawsuits that do not involve you become a security concern.
Many of the laws and standards that govern your IT infrastructure were created without virtualization in mind.
The idea of perimeter security is largely nonsensical in the cloud.
How you manage user credentials goes beyond standard identity management.
As with many other aspects of the cloud, security here can actually be better than in an internal data center. The ephemeral nature of virtual instances forces you to adopt robust security processes that many traditional hosting environments get away without using, so the move can result in a high-security computing infrastructure.
Get Cloud Application Architectures now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
