Posted on

AWS Banning Rekindles Debate on the Public Cloud

AdobeStock 90603827 scaled 1

the staff of the Ridgewood blog

Ridgewood NJ, The Parler app is non-functional, and parler.com has gone offline, as Amazon Web Services discontinued service to the company. Both the website and the app relied on AWS for content distribution.

AWS banning rekindles debate on the public cloud. When asked ,where is the “cloud”, its best to assume North Korea .

The public cloud offers users limited control. The environment is a multi-tenant environment meaning that a single environment serves many customers or tenants. Due to this shared environment, public cloud customers are not given access to the hypervisor. This lack of access prohibits customers from customizing their environment, and gives them less control.

Public cloud companies like Amazon (AWS)  own the hardware and software, enabling them to make changes (low-level changes or big changes) at their choosing, without consulting their customers beforehand. Public cloud providers also choose the authentication, authorization and access control processes and software of their choosing. As a customer, your organisation has no control over which methods they use or the procedures governing these methods. If your organisation has strict security policies in place, it may be hard to ensure these policies are followed when using a public cloud environment. You gave the keys to the safe to someone else and they can just change the lock anytime .

Some organizations or users think they’re protected because they’re using the public cloud to store their files, disregarding other backup methods or disaster recovery plans. Simply using public cloud storage isn’t disaster recovery, nor is it a sufficient backup method. Major providers claim to have redundancy built into their infrastructure. All too often we’ve however seen how this redundancy fails and systems have gone down for hours. Having a backup or disaster recovery plan in place is critical to ensure you still have access to your data when your public cloud provider is inaccessible, or a mistake is made and files are lost. In 2011, Amazon lost some of their client’s data and in 2015 Google also lost some of its client data. These incidents sadly happen, and relying on your public cloud storage for your only source of data is dangerous. Ensure your organisation has another backup and also utilizes disaster recovery to minimize the impacts.

As previously mentioned, the public cloud is a multi-tenant environment.  This inherently poses its own security threats as one flaw in the infrastructure could make the entire environment vulnerable. Multitenancy exploits may allow one tenant or hacker to view all the data or assume the identity of another client. Due to public cloud’s security vulnerabilities, your organisation should consider what compliance regulations you are held to as many have strict guidelines that will affect how you use the cloud.

The public cloud also limits your control. This makes it hard to enforce your security policies once they’re in a public cloud environment, and limits your control over authorization, authentication and access control. This creates an additional security risk.

And worse yet ,users are often unaware that their public cloud provider actually owns their data. It is best to read your service-level agreement (SLA) and ensure your organisation holds the rights to your own data. Many of the biggest providers have clauses in their contracts stating that the customer’s data is their own. This protects them legally and also allows them to create another revenue stream by selling the data.

4 thoughts on “AWS Banning Rekindles Debate on the Public Cloud

  1. Do you get inundated with spam?
    Expand the headers.
    Go to arin whois
    See that a HUGE amount comes from AWS hosted sites.
    Most of the spam is scams and i’d GUESS a virus if you click on the link.
    Thats ok.,, but parler isnt?
    Fucking scumbags.

    9
    1
  2. a lot of companies must be reevaluating cloud computing if not shareholders will

    7
    1
  3. I feel so much better knowing that the Pentagon moved (and is continuing to move) massive amounts of their data onto Amazon’s cloud.

    This can never go wrong….

    5
    1
  4. It’s 1 more risk to add to your business contingency planning.

Leave a Reply

Your email address will not be published. Required fields are marked *