The Cloud vs. Business Security. What conclusions can be drawn after AWS disconnected Parler?
Amazon Web Services (AWS) suspended its service delivery to Parler, the portal which was used by some of the people involved in the recent Capitol assault. The decision froze the entire service operation and put its further functioning in jeopardy.
Irrespective of Amazon's decision, the situation Parler has found itself in sends a clear message to anyone intending to migrate their resources to the cloud: Do you have a good contingency plan in place if the service provider suddenly ceases to provide service? Traditionally, concerns about ensuring smooth running ran in the opposite direction – the public cloud used to be considered a safe haven for our resources.
In this case, though, the location of resources must be viewed from a different angle. Migrating IT resources to the public cloud is a tempting option for optimizing costs and managing resources. (It should be borne in mind, however, that optimization does not always mean slashing costs!) Taking into account the business continuity perspective, things get a little more complicated.
Placing resources in a consolidated solution like the public cloud takes future points of failure (e.g. application SPOFs) to a higher level – the cloud provider itself becomes a single point of failure. Also, in terms of national economic security, cloud giants’ expanding operations aggravate the situation.
We should consider using independent infrastructure suppliers as well as so-called domestic clouds. Small businesses frequently are unable to comply with the security requirements of today's Internet environment. Ensuring proper protection against volumetric DDoS attacks seems a challenge – not to mention any protection in layers, starting from application firewalls and going all the way down to anti-fraud systems.
Here is where the bigger players may come in handy. I mean those who have developed security units with their own resources, frequently supported by solutions that smaller companies cannot afford. Additionally, we should see the risk of capital consolidation among the largest providers, for whom smaller competitors are no match. As a result, the decisions of these giants may affect the entire domestic economy, not to mention the operations of individual companies. In this context, true economic security should come from economic dispersion. Note that we mean dispersion, not fragmentation.
If you’re planning on using the cloud in your business, don’t solely depend on the offering/infrastructure of one supplier. It is advisable to diversify risk by using the services of a few companies – or at least to have a contingency plan of how to efficiently start a business relationship with another provider.