TekBytes #5: The Current State of Cloud Security

Posted on 26th March 2023 by Alex Galbraith | Permalink 0

Discussing the concept of Cloud Security over breakfast with my kids (yup – poor kids I hear you say!), I was thinking about the current state as one of constant (and accelerating) evolution and improvement. As more businesses adopt cloud computing, the need for robust and effective security measures has become increasingly important. While cloud hyperscalers have made significant investments in securing their platforms, the responsibility for implementing and maintaining effective security measures ultimately falls on customers or those they entrust to manage their platforms on their behalf.

Challenges

There are many challenges that businesses face when it comes to cloud security and far too many to go into in a TekBytes thought of the day, but let’s look at a few.

One major challenge is the lack of visibility and control over the infrastructure and data that are hosted in the cloud. This can make it very difficult to identify and address security vulnerabilities and threats. Another challenge is the complexity of cloud security, which can be exacerbated by the use of multiple cloud providers, each with their own security protocols and standards. Finally, we have a huge lack of skills in the market, and those few people with the skills are constantly being tempted by offers of outrageous salaries, so retaining your talented teams is really tough!

Despite these, there have been really significant advancements in cloud security in recent years. The hyperscalers have implemented many new security measures, such as encryption, improved access controls and policies, significantly better monitoring tools, to help protect their platforms and their customers’ data. Post-Covid, with customers moving to the cloud in even larger numbers, it’s also great to see that customers have become more aware of the importance of cloud security and are taking steps to prioritise it.

The threat landscape for cloud security continues to evolve, with new and extremely sophisticated attacks emerging all the time. Businesses need to keep up and be proactive in their approach to cloud security.

Tips

So, a couple of quick tips to think about if you haven’t already started taking your cloud security seriously?

  1. Implement multi-factor authentication (MFA). A bit like when you hear sports commentators or coaches talking about a losing team, the common thread is simply not doing the fundamentals / basics well. One of the most effective ways to improve cloud security is to require MFA for all users accessing cloud resources (not just root). Lack of MFA is like leaving your car door unlocked and crying out to have your vehicle taken for a Ferris Bueller-style joy ride!
  2. Regularly review and update security policies: It’s important for businesses to regularly review and update their security policies to ensure they are aligned with current best practices and standards, and these best practices are constantly evolving. Things like access controls, password policies, data encryption, and incident response plans. By keeping security policies up-to-date and ensuring that all employees are aware of them, businesses can significantly reduce the risk of security breaches.
  3. Investigating the used of third-party security tools and services. Tools (if properly implemented) provide additional layers of protection, such as threat detection and monitoring, vulnerability scanning, data encryption, etc. Engaging security experts one-off or regularly to provide recommendations for improving their security posture, or simply outsourcing management of their cloud estates.

I’m genuinely hopeful that the emerging (and frankly astounding) improvements in artificial intelligence will have a positive and significant impact on businesses who don’t or can’t spend the time and resources to protect themselves and their customers effectively. If they don’t we’re only going to see a proliferation of more high profile and high impact cases in the news!

Cloud , , , , , ,

TekBytes #4: Why I’ve Switched to Simple Markdown in WordPress

Posted on 7th September 2021 by Alex Galbraith | Permalink Comments Off on TekBytes #4: Why I’ve Switched to Simple Markdown in WordPress

I’m always looking for ways to improve my workflow and productivity; most recently I’ve started using Markdown for as many projects as I can, so using Markdown in WordPress is no exception!

If you haven’t seen or used Markdown before; it’s a super-lightweight markup language that allows you to add formatting elements as you go by using special syntax. For example, if you want to make a section of text display in italic, simply put an asterisk at the start of the word or sentence. When the output is then parsed, your *Italics* then becomes Italics).

Why is this useful?
  • Like an XML file, it’s open, super portable and easily readable across many applications, operating systems and web platforms (think Reddit, GitHub, Stack Exchange, Confluence, etc).
  • It saves time when editing simple documents as you don’t have to go back and highlight/modify formatting, just add the syntax as you go, often with the use of one or two characters at the start of a line. Simple examples might be a bulleted list, where you add an asterisk *, or an H1 heading where you add a single hash symbol #.
  • It’s fantastic for writing documentation where you might want to insert a quick code snippet or command just like this!
  • Due to the very simple notation, it’s far quicker than writing HTML and can be substituted for HTML on many publishing platforms.
  • If Git is already part of your workflow, it makes for easy collaboration with others (ideal for Devs!) and you can use GitHub for both version control and easy access from anywhere to your in-progress content.
  • Learning and practising with Markdown opens up future opportunities to move to various publishing platforms such as Jekyll, Hugo, etc. I might even think about giving the site a facelift sometime soon!
  • New skill to master, init?
Markdown Block - Activate Markdown
Using Markdown in WordPress
You’ve sold me! How do I start?

I don’t know why WordPress didn’t enable it in the default code, but it does come as part of Jetpack (which I assume 90% of sensible WordPress Users are using!). If you want to adopt it to your blogging workflow your site too, simply install Jetpack, then enable it under Settings → Writing.

You can find detailed instructions here:
WordPress Support – Enable Markdown in WordPress

Here’s a quick intro to how to use Markdown:
Markdown – Getting Started

After writing a couple of draft posts with it so far, I have to say I’m pretty happy with it. The next step is to find a decent plugin for linking to GitHub, enabling me to write/edit posts in my favourite text editor (VSCode, Sublime Text, Atom depending on my mood), then push them up via Git!

Scripting , , , , , ,

Answer Honestly: Are you Ersatz Cloud Native?

Posted on 13th July 2021 by Alex Galbraith | Permalink Comments Off on Answer Honestly: Are you Ersatz Cloud Native?

As we approach the middle of the year, I’ve been in the full-on strategic planning mode the last couple of weeks and cloud native is a major focus for me! As part of this, I was looking at industry trends and a particular type of organisation caught my eye.

Most organisations often aspire to increase agility, to respond quicker to their customers and market demands, to innovate. However, many organisations have years of technical debt, monolithic application stacks and shrinking IT budgets. IT is still too often seen as a cost centre instead of an opportunity to become a profit centre and agent for growth.

These organisations have one thing in common; they see lifting and shifting to the cloud as the silver bullet.

I thought Cloud was the silver bullet?

Now don’t get me wrong, cloud is AWESOME! It does help to address some of the challenges identified, but anyone who has been working in this space for any length of time will tell you cloud is an enabler, not the solution.

Moving your workloads to cloud is like moving your business from your garage to a shiny new workshop, with an array of amazing tools hanging on the wall just begging to help you with your next project.

You have room to breathe, so your innovation is now limited by your imagination, far more than your square footage! If you come up with an idea that turns out quickly to be garbage, there’s a handy industrial skip out the back, meaning you don’t have to wait 2 weeks until the next grey bin day to get rid of it!

Of course, that doesn’t mean it’s a free-for-all! You still need to understand the tools, how they work to achieve outcomes faster and what problems they solve, lest you accidently lop off a finger!

Sounds great! Am I Cloud Native now then?

Here’s the key – unless we re-evaluate everything we do today and adopt new ways of working, we are simply not going to realise the benefit of working out of our shiny new workshop, with our huge array of tools!

In the real world this means your entire process from whiteboard ideation to deployment, the ongoing lifecycle of applications and everything / everyone / every process that touches them!

To me, cloud native means a set of technologies, the methodologies and processes to manage them and a state of mind which needs to permeate an organisation!

If you’ve simply lifted and shifted your existing estate and dropped it into the cloud, you’re not cloud native, you’re simply running VMs in a different data centre.

Much like the famed elevator from Lemony Snicket, VMs in the cloud are simply playing at being Cloud, or more accurately, Ersatz Cloud Native.

Further Reading:

I wrote another brief post on cloud native considerations a while back:
The Complexity of Public Cloud Architecture

Architecture, Cloud , , , , , ,

TekBytes #3: A Certification Haiku for the vExpert Announcement!

Posted on 10th March 2018 by Alex Galbraith | Permalink Comments Off on TekBytes #3: A Certification Haiku for the vExpert Announcement!

I am very chuffed to have become a VMware vExpert for the 6th time this year! Last year I wrote a post about how awesome the programme is, so I won’t bore you with that this year! If you want to read it, you can find it here:

VMware vExpert 2017 – It’s not just about the schwag!

Instead, I am compelled to write a wee haiku about something which most vExperts hold near and dear to their hearts – IT certification!

I hope you enjoy!

 

Certification;

Rolling in my hamster wheel,

Will it ever end?

 

Anyway enough messing about, better get back to the studying!… GCP next! 🤓

Certification, Life , , , , , , , , ,