With the rise of international threats, enterprises and governments are finally understanding that the most effective information security is in the public cloud. Credit: Thinkstock I may be overstating a bit, but it seems like we can’t go a week without some breach or ransom attack hitting the news cycles. It’s even more frustrating when these incidents affect the lives of the rank and file, such as long gas lines—or no gas. Although it’s easy to play Monday-morning quarterback, the common pattern is that companies are using security technology that’s less than effective, and perhaps the security talent on the ground is the same. Just saying. The uptick in attacks is changing some hearts and minds. Some of France’s most sensitive state and corporate data can now be stored in public clouds, specifically Google and Microsoft, if licensed to French companies, the government said recently. This is an about-face from the French government’s previous trust in only local systems. French Finance Minister Bruno Le Maire and two other ministers laid out part of a strategic plan. They referred to “U.S. technological superiority” in the field in contrast to previous calls from European politicians for fully homegrown alternatives. Public cloud security is typically the best path because that is where the R&D dollars are being spent, both by the hyperscalers themselves, as well as a huge number of third-party providers that have been banking on the rise of public cloud computing. These third-party security providers are becoming more important as multicloud and cross-cloud security become more popular. Another factor is that data in the cloud is fully managed and monitored. Hackers must work through many layers to finally get at the data, and their actions are likely to trip a warning if CPU and I/O consumption is out of whack, for example. Also, connecting IPs from areas that are known for these types of attacks is monitored. You’ll have to get through the cloud itself, then work on penetrating other layers as well. Therefore, hackers seek easier prey, such as older on-premises systems that are likely to be neglected. Moreover, those who use public clouds are uber-paranoid and encrypt everything in flight and at rest. This typically comes without a substantial hit in performance and cost. Most of those moving to public clouds also adopt identity management. This provides intracloud and cross-cloud security that can also include traditional on-premises systems in the mix. Of course, security depends on the talent of those who set it up. Public cloud providers often point to the notion of “shared responsibility.” The short version is that the cloud providers provide the tools, but protecting your data is your responsibility. I’ve been beating this dead horse for years. The public cloud crossed the best-security chasm years ago, but it’s taken until now for larger companies and governments to get on board. I guess a little fear is a good motivator. Related content analysis Azure AI Foundry tools for changes in AI applications Microsoft’s launch of Azure AI Foundry at Ignite 2024 signals a welcome shift from chatbots to agents and to using AI for business process automation. By Simon Bisson Nov 20, 2024 7 mins Microsoft Azure Generative AI Development Tools analysis Succeeding with observability in the cloud Cloud observability practices are complex—just like the cloud deployments they seek to understand. The insights observability offers make it a challenge worth tackling. By David Linthicum Nov 19, 2024 5 mins Cloud Management Cloud Computing news Akka distributed computing platform adds Java SDK Akka enables development of applications that are primarily event-driven, deployable on Akka’s serverless platform or on AWS, Azure, or GCP cloud instances. By Paul Krill Nov 18, 2024 2 mins Java Scala Serverless Computing analysis Strategies to navigate the pitfalls of cloud costs Cloud providers waste a lot of their customers’ cloud dollars, but enterprises can take action. By David Linthicum Nov 15, 2024 6 mins Cloud Architecture Cloud Management Cloud Computing Resources Videos