Cloud service unaffected by human failure

2016-01-08, 15:50 Posted by: Tony Hendrell, Head of Managed Cloud Services

Only few companies have the money to a similar data security investment as the data security division responsible for Amazon's cloud services. Luckily for others, help and assistance are available.

Public cloud service providers know how to make their data centers very secure and reliable. The companies using them can more extensively shift their data security investment focus from physical security to the data security of applications and services.

Many companies have already found that the cloud service management automation makes development more effective and improves service quality. Digital services must be designed for failure and surprising errors caused by technology or more usually people. Cloud services also help in this regard.

When you know how to design the architecture of a cloud service to tolerate different kinds of errors, an error made by an individual administrator or operator, for example, will not jeopardize the availability of a critical production service.

Critical production environments require continuous maintenance, i.e. work. The data security and vulnerabilities of popular CMS systems, such as WordPress and Drupal, have been discussed continually. Should their updating be automated and should administrators be allowed to focus on preventive data security improvement and development projects?

The goal of the service development and maintenance team should be that the software developer or operator does not need to log in to any production server. All changes are made in configuration files that are in the software code and in version management. From there, they are published as tested to the production environment by utilizing automation and the cloud platform's API interfaces.

Shortcuts have been taken somewhere along the process if someone needs to log in to the server in the case of changes, and changes have to be made directly in production. This causes a production interruption risk. In an administrator's dream world, there is no longer a need for maintenance breaks, and you need not directly make any data security updates on production servers.

The system administrator's dream is that software publishing and maintenance routines are built by utilizing automatic services. In addition, the software architecture is designed so that none of the critical functions are only on one server. That eliminates the need for agreeing maintenance breaks, and data security updates need not be done on the production server in operation.

The administrator only needs to keep the root server up to date. When there is a need to update the production environment, the required number of new production servers will be automatically initialized from the updated root server.

There are no free lunches: building automatic services and designing the publishing process require extensive expertise. However, all this is possible when you use cloud service API interfaces and modern automation tools.

Those responsible for the business and maintenance will sleep tight when they know the detailed state of their services and can prepare for changes in an agile, quick way. They will also have more time for business development projects as the maintenance of existing environments is automated as extensively as possible, with no compromise on data security – and no manual work.

People make mistakes. Why do so few companies still fail to see this as a sufficiently heavy reason to go for cloud services?


comments powered by Disqus

Tony Hendrell

Head of Cybercom AWS Business Group

Call contact
Email contact