Videos, News, Snowflake, Blog

Security: Cloud vs Firewall

Jared Hillam

Jared Hillam

January 31, 2017

Imagine for a moment that you needed to hunt for food. If you’re looking down the scope of your gun and you see a whole bunch of mice scurrying would you consider trying to shoot one? Even if you were successful would it benefit you or be worth your time and effort? Of course not. You’d look for something big that would be worth all of your time and energy.

Now, believe it or not, hackers are a lot like hunters. They’re looking for the big target. They want to spend their time on the largest possible payback. This is where our discussion about cloud security comes into the picture.

Before the advent of cloud computing, all applications and systems were locally managed. Organizations set up firewalls to keep their infrastructures from being hacked. You can almost imagine that each company was like its own kingdom with walls around its inner city. But like any kingdom, they needed the ability to interact with the outside world, so companies would punch a hole in their firewall that would allow them to port data back and forth with partners and vendors. These holes combined with a grand reward for getting input a target on the back of corporate firewalls.

Cloud computing offers a completely different approach. This is because in a serverless cloud computing platform everything that happens is part of an ad hoc service call. For example, if you need to compute some data, a service would conduct that computation, and would only really exist while it is needed, so any service, from data quality to notifications comes alive when they’re needed but disappear when they’re not. This lack of “persistent existence” is the beauty of serverless cloud architecture, and part of the reason that hackers feel like they’re “hunting for mice” when they try to hack a true cloud infrastructure. Not only are the services ad hoc but they’re a moving target. That’s not to say there is no persistent data in the cloud. But even persistent data in the cloud is replicated and highly mobile, so if a hack is detected we can shut that data down and use a replicated copy to support the enterprise with little effort. Additionally, as a practice, we encrypt the data everywhere, including when the data is at rest and when it is in flight. Now, as a side note, don’t confuse service-based cloud computing with just renting a server in the cloud and throwing your on-premise systems on it. That’s no more secure than your existing firewall. AND you’re not saving any money that way. What I’m talking about is true ad hoc serverless cloud computing.

So the question is: Is your organization's data more secure using the Kingdom and Firewall approach? My argument would be that 80% of organizations would be better off having their data in a cloud computing service architecture than behind a corporate firewall. I believe this is purely based on the reality that hackers will gravitate to the path of greatest payoff. If I’m going to exploit or hack a service that will pop in and out of existence, then I’m hunting for mice. Compare that to the whale that is your company or organization, which provides a distinct target, a less sophisticated security structure, a huge payoff, and persistent application systems that stay put.

Because we live under constant risk of being hacked, we need to have strategies that are not just technical, but also have a commonsensical game plan. When dealing with risk, small is beautiful. The bigger your footprint the more attention you will bring. At Intricity we can help you understand better what having a cloud service solution looks like, and how to migrate to it. I recommend you reach out to Intricity and talk with one of our specialists about this topic. You can get started by checking out our cloud solution assessment offering, which I’ve linked to in this video.

Whitepaper: What Makes Data Yours


Related Post

New Video: What are Enterprise Data Apps?

Enterprise data apps simplify IP management & licensing, allowing devs to focus on creating excellent data apps. Will it be game-changing or a side hustle?

Watch Now

Snowflake ProTalk: Mastering Anonymous Procedure Using the New Call with Feature

May 17 | Unleash the power of Snowflake and learn how to create and call anonymous procedures without needing the CREATE PROCEDURE schema privileges.

Register now

ChatGPT & Data Management

Many weeks ago, quite a number of folks asked what was going to happen to Snowflake & Databricks now that ChatGPT is around. Here are our thoughts:

Learn More