Just as in real life, many of the problems clouds cause are due to the limited visibility clouds create.
Clouds Block Your View of the Network
The cloud hinders your view of the network in two ways.
First, clouds make it harder to define the network perimeter boundary. This means it’s more difficult to take steps to protect your system from attacks on your network (see more about cloud’s impact on security below).
Second, using cloud makes it more difficult to collect network statistics relevant to your application performance and ensure you have good reliability and performance (see more about cloud’s impact on performance below). You can’t attach monitoring to every hop on the public internet or within the cloud provider’s private network.
Clouds Block Your View of Security
The cloud limits your responsibility for security, because the cloud provider handles some aspects. At the same time, your responsibility for security is extended from your own data center to the cloud provider’s data center. Yet your visibility remains limited to resources that are defined as your own; you have no way to know who accesses the physical server your virtual machine resides on. And while it’s said cloud providers are better at implementing patches than other businesses, you have limited oversight into how protected your VMs and other resources are. In addition, you have limited ability to protect the network connecting your VMs to resources within the cloud’s data center.
Clouds Block Your View of Performance
With Software as a Service and serverless computing, you don’t own and can’t inspect the performance of the underlying technology. When you use Infrastructure as a Service, you can inspect your own virtual machine, but not the underlying physical devices.
Clouds Block Your View of Data
Cloud makes it easy to share and use data, but it also makes it difficult to track data. Because instances and services can be brought up on demand via self-service, you lose some control over how, when, and where data is used. Cloud also means you may not know how long the cloud provider retains backups. Using a cloud access security broker (CASB) can help overcome these limitations.
VAST’s expertise with Amazon Web Services, Google Cloud Platform, and Microsoft Azure allow us to implement cloud monitoring strategies that overcome the visibility limitations of cloud. Contact us to learn what you can do to make sure you don’t lose sight of your applications and data when you deploy in the cloud.