SecuropeanCloud providers need to do more to protect their customers from making security mistakes. I'm very concerned about how easy it is to accidentally misconfigure services, the skills gap that exists between the small pool of cloud security (configuration) experts and everyone else, and the constant churn of new cloud features and functionality which is adding to overall system complexity.
lds@securopean 100% agree with this. I spend most of my time fighting bad default values, short sighted or rushed implementations, mismatch between "recommended best-practices" and product reality.
One of the biggest drawbacks of Cloud is pushing huge responsibility on already over loaded teams. Not everyone should be a network expert, security expert and SRE in addition to their existing expertise in order to run infrastructure securely on the cloud.
Too big to care?
#cloudsecurity
@lds Agreed. And I notice the answer for many cloud services seems to be to launch a new security service on top (adding to the complexity and knowledge gaps), and not to fix the problem in the original service - I'm assuming because employee rewards are skewed towards new services, or it's just easier to launch new products than it is to change existing ones.
@securopean And you can't bill the fact that you've fixed the glitch. You can bill a new security console big $$$.
Ellopunk@lds @securopean I just came here to say amen... And we wonder why everyone is burned out