Cloud-Native Collision: Security and Cloud Center of Excellence
The migration of enterprise applications and infrastructure to cloud-native architectures is a hot topic—and a very complex one. While we may want to believe digital transformation efforts and cloud migration projects have already pushed large numbers of teams to build new apps and rearchitect existing apps as cloud-native, built using microservices and running on platforms like Kubernetes, the reality is that most organizations are still in the early stages of becoming cloud- and cloud-native-proficient.
For CloudNativeDay 2022, I lead a small, very focused panel of experts: One a highly competent cloud cybersecurity expert, the other an expert with deep, deep experience in software architecture and enterprise cloud migration. Both experts are well versed in their respective disciplines and have 20 to 30 years of industry experience. I anticipate a high-energy, back-and-forth, point-counterpoint style debate that comes from the intersection of two areas of expertise we often stereotype as being at loggerheads.
While it is nearly impossible to adequately articulate the impact and value of the conversation, it is clear that adopting new technologies merely scratches the surface of the cloud migration challenge. While it is about containers, microservices, Kubernetes, serverless, zero-trust and APTs to some extent, it’s ultimately not about those topics at all. That said, two themes became abundantly clear.
First, establishing what the cloud service providers refer to as ‘landing zones’ or ‘cloud formations’ is equally important to the applications we bring to or build in the cloud. Individual or greenfield apps may be able to operate on a silo of infrastructure, security and software stacks; enterprises will fail under the weight, cost and chaos of every application for themselves.
Landing zones establish a common set or platform of services that are needed not only by individual applications but portfolios of applications; all can benefit from a common solution platform. Nearly all applications—and much of the compute, data and storage, too—benefit from the speed and scalability that come from having a shared landing zone for security, management, observability and monitoring, identity, networking and governance. Landing zones serve as onramps for existing and new applications, both cloud-native apps and those built using traditional architecture.
The second theme of this software architecture and security convergence is establishing a cloud center of excellence. Not to dictate or enforce standards or an approved set of products, but to establish a Switzerland-like neutral set of competencies, design patterns, landing zones and architectures. These competencies can be applied to workloads and applications shared across development, whether that is happening in IT, in the individual business units or with outside partners or suppliers.
Looking forward, I hope this is just the beginning of what the convergence of security and architecture disciplines can bring to the table. Maybe this is what shift left and DevSecOps looks like at scale, as part of a serious and concerted effort to establish a cloud-equipped enterprise rather than an organization equipped with the cloud.
Want to learn more and hear the full conversation? Register here for CloudNativeDay 2022 and tune in Wednesday, August 10, 2022. It’s going to be an awesome day.