The Achilles’ heel of public cloud
What is the Public Cloud?
The public cloud is defined by Microsoft as:
“A computing services offered by third-party providers over the public Internet, making them available to anyone who wants to use or purchase them. They may be free or sold on-demand, allowing customers to pay only per usage for the CPU cycles, storage, or bandwidth they consume.”
How do you make and maintain a massive public cloud?
You use common parts and you use them everywhere. You try to keep the whole cloud as similar as possible. You do this at every layer of the stack from the hardware to the application api’s. That means the major cloud back ends are homogenised. Key to keeping in control of a massive cloud is to reduce the number of variables – reduce components, reduce complexity and look for as many ‘one size fits all’ solutions as possible.
The cloud industry is not the first to realise this, it’s been around in the car industry for years. That’s how the big get big.
This is great news for us, the consumer as it ultimately keeps cloud costs down.
So what’s the catch?
There is one big problem with homogenisation: a failure in a one of these homogenised components could lead to a big problem. Think back to the car industry.
Recalls are not uncommon in the car industry, but car experts think they are getting bigger as car manufacturers use the same parts in many different models.
What if one of these homogenised cloud components has a major security flaw?
The cloud can’t recall components following a breach; once data is lost it is gone forever. What would happen if there was a flaw in the shared hypervisor architecture of one of these huge public clouds?
What could happen? Massive cloud fail, Massive Cloud blackmail or some other Massive cloud mess! I was listening to a counter argument the other day, and that’s what prompted this little blog.
The words that struck me where something like ‘it’s ok because we fixed the problem before it got out in the wild… And of course we thoroughly test everything for flaws”
Oh dear, that’s not the answer to this problem – you can’t stop people finding flaws in hypervisors because everyone can download, install, rent, and purchase their own to play with. Next time it may be the cloud provider who is the last to hear. You can’t rely on good will and expect people to do the right thing and report the problem like you did in the 90’s. You can’t expect your team of good guys to find the problems before the bad guys do. The game’s changed and now a flaw that impacts your homogenisation has got to be the ultimate jackpot.
The hypervisor is the hot topic at the moment. Cloud models that allow consumers access to homogenised hypervisors have a big problem to consider but it extends far deeper into the cloud model than the hypervisor – it’s the homogenisation at the heart of the big public clouds that will present the opportunities over and over again.