Search
Follow me:
Listen on:

Day Two Cloud 124: New Cloud Security Thinking

Today on Day Two Cloud, we talk about new ways of thinking about security for cloud. As organizations adopt  cloud services, they’re applying on-prem security designs to cloud. Our guest is here to argue that this doesn’t work, and that you need a different approach.

Our guest is Adeel Ahmad, Implementation Services Lead at Hashicorp. This is not sponsored show, and Adeel is speaking for himself.

We discuss:

  • The mistaken assumption that cloud security operates the same as on-prem
  • Why identity controls are essential to get right
  • Focusing on risk
  • Compliance complications
  • Hybrid and multi-cloud security challenges
  • More

Takeaways:

  1. Aim for architectural simplicity of the platform (allows for scale).
  2. Aim to reduce operational complexity (or avoid operational hazards) – (allows for distributed self-service cloud provisioning).
  3. Understand the principle (business or compliance) risk and question whether stipulated controls add any value.

Sponsor: Aviatrix

Check out Aviatrix’s Flight Training to learn about multi-cloud networking and security. It’s worth your time if you’re defining your company’s multi-cloud strategy or want to nail down your Aviatrix Certified Engineer certification. Get details and register at aviatrix.com/flight-training.

Show Links:

@devops_adeel – Adeel Ahmad on Twitter

Adeel Ahmad on LinkedIn

Episode 124