Sometimes when you eat, sleep and breathe something, it’s easy to forget the rest of the world doesn’t share your passion. That’s what it’s like to work at Armor; we’re so entrenched in providing secure cloud infrastructure that it can come as a jolt to realize other cloud providers aren’t nearly as obsessive or experienced as we are in protecting businesses and their data.
That happened to me last month watching the San Francisco Amazon Web Service Summit. Much of the content focused on performance, cost, and services. Yet security and risk management weren’t part of the conversation at all. As I listened to the presentation, I couldn’t help thinking that Amazon could have offered even more value by sharing plans for stronger security, especially as they are one of the top malware hosts. Instead they focused on typical features – a trend that’s all too typical in our industry. It was classic technology innovator’s behavior: build something cool but avoid the negative vibe that can sour enthusiasm, such as security threats and prevention.
Maybe you’re familiar with how this dynamic tends to play out with cloud providers. A provider will focus on hosting a great application that gets deployed rapidly and performs well. Building a great data center, well, that’s not such a top priority. Marketers will name-drop security on the company Web site, but they won’t (and can’t, since they’re not experts) provide an in-depth look at their security architecture. Instead they stress features like speed to deployment, performance and scalability.
In short, these providers have an insecurity complex – because they aren’t offering real security and they know it. To compensate, they divert attention away from the real message of security by focusing on cost and performance. This is an irresponsible sleight of hand, given that Gartner and other industry leaders have all identified security as the number one reason for enterprise’s failure to adopt the cloud.
So why don’t these providers evolve? Two primary reasons. Their clouds were constructed with inadequate security before the industry realized the full importance of it, and now they don’t want to accept the responsibility of correcting their inadequacy. Instead they try to distract customers and drive the message in another direction.
Now don’t get me wrong; talking about cost and performance has a place in the cloud marketplace. But security and compliance are just as critical in building a strong infrastructure. This is, after all, a world where 78 percent of organizations have experienced a breach in the last two years. The criminal world is growing more relentless and sophisticated by the day. We need to be just as ruthless and advanced in our security – so let’s talk about how today’s cloud providers need to adapt.
Answer me this: would you bet your own money that the provider of the future will resemble the provider of today? With the security threats and data breaches that occur regularly, how can they? The commodity, performance-driven cloud provider is a relic of the past. Tomorrow’s provider will make security the top priority while delivering performance as well.
This is something Armor is delivering right now. From our orchestration layer that we built from the ground up with security embedded throughout to our higher standard on service-level agreements, we know how to build the safest and highest-performing cloud around. Just ask our customers.
We also understand the fallacy of the “good enough” approach to security. This mindset has taken hold in the industry and it’s fundamentally wrong. There’s no such thing as a cloud being partly secure or 90 percent secure – a cloud is 100 percent secure or it is insecure. Any loopholes or vulnerabilities are the very definition of insecurity. That’s why we go beyond other providers’ definitions of security to ensure all of our customers are completely, 100 percent protected.
In short, we’re continuing our track record as a trailblazer to light the path for other providers. We understand the status quo just isn’t acceptable. It’s not enough in today’s world, and it definitely won’t be sufficient in tomorrow’s.
Call it Next Gen Cloud. Call it evolution. However you see it, it’s a safe bet that the industry calls for a new breed of provider who builds security into the cloud from the ground up. Yes, continuity, speed, mobility, data access and connectivity are staples of the cloud and always will be. But smart businesses who want to stay relevant are moving from a commodity mindset to a risk management-driven one – and, naturally, put security first.