There has been quite a bit written about Code Spaces and how unauthorized access to its ITaaS console granted enough permissions to delete everything out of Amazon, including backups. There are lessons here not only for tenants, but also for those vendors who create ITaaS consoles, such as VMware (vCHS, vCD, vCAC, vCenter, Orchestrator, etc.), …
TVP Tag Archives
A Tale of Two Clouds
Recently I have had the pleasure of discussing security with a number of cloud providers. Specifically, we talked about what security they implement and how they inform their tenants of security-related issues. In other words, do they provide transparency? I have come to an early conclusion that there are two types of clouds out there: …
IT as a Service: Not Just for a Cloud
I was going to write about how building a cloud is similar to moving, but the more I think about it, the more I think people are confusing an automated virtual environment with a cloud: IT as a Service is not just about cloud. Having automation does not imply your virtual environment is a cloud or visa versa. Granted, using IT as a Service is important for a cloud if you look at the NIST definition of a cloud, but it is not necessary for a cloud. Perhaps IT as a Service is just a stepping stone towards a cloud, perhaps it should start as a data center play?