Tag Archives: Cloud

Cloud

Top 7 Cloud Myths

Cloud computing, naturally, due to its popularity, is something that is plagued with tons of myths. Naturally, these myths or misconceptions do have consequences, as they can delay innovations, slow the progress of an enterprise, and create fear where it’s not warranted. While cloud computing is virtually mainstream now, the vast majority of that growth occurring in the past five years, there are still many myths surrounding it. Cloud computing is essentially capabilities that are delivered as a service, with a boundary created between the consumer and the cloud service provider. For a lot of people, this becomes the source of all the misconceptions, as cloud computing becomes something more abstract. So it’s understandable that with all its success it has engendered a lot of misunderstandings and myths.

Amongst all the hype and confusion that continues to surround cloud computing, it’s in the best interest for CIOs to separate both fiction from fact, this can be done by learning about the various myths that surround the cloud, as of today.

1. Cloud Computing is Solely about Money

One myth, and probably the biggest one surrounding cloud computing is that migration to this service guarantees financial savings. While, in many situations, this is actually true, there are many different reasons why you may want to move to the cloud, with the most common reason being agility.

When it comes to business, any and all decisions, whether it’s the cloud or anything else, must be made, after considering the numbers. Even if agility is the primary reason, one must also consider the costs. CIOs shouldn’t assume anything, meaning, they shouldn’t assume that moving to the cloud will cut their costs, not without doing their own analysis study, first.

Experts have advised that specific models, including total cost of ownership, be used, on a case by case basis. So you’ll want to split the cloud into its use case, while looking beyond simple cost concerns. It’s very important that the projected cost savings are realistic, that the company doesn’t assume they’ll make significant savings simply because they’re on the cloud.

2. Just One Cloud Strategy Is Required

Multi-cloud is becoming increasingly more popular, as the days pass by, but despite that, you find that most businesses are still drawn towards simplicity. However, cloud computing is very broad, encompassing, many different services and infrastructure, which is why any devised cloud strategy must reflect this. Cloud services typically include many different models, levels, applications and scope.

For this reason, any cloud strategy must be able to accommodate, the various functions and uses of a cloud service. Any organisation must also realise that they won’t be able to get everything they require or desire from the one vendor. A cloud strategy that is based around one service, only works, if expectations are within its framework.

3. Use Cloud for Everything

Unless there is money to be saved, moving your old legacy application over to the cloud, may not necessarily be the best decision. The cloud tends to come into its own, when value is based on flexibility, when the company is structured around consuming and paying for solely what it needs, when it needs it.

For this reason one shouldn’t be afraid to accept the truth. That the cloud may not be beneficial for all workloads. As a result, non-cloud solutions should be considered as more preferable.

4. Cloud Is Not As Secure As On-Premises

Many people perceive cloud computing as not as secure. However, when we look at the number of security breaches suffered in the public cloud, we find that there have been very few. The vast majority of breaches are still experienced by on premise data centres.

This is why you shouldn’t assume that cloud service providers are unable to provide you with the level of security that you require. Of course, you should expect the cloud provider to be able to demonstrate its capabilities, but once they are able to do that, there is no reason for you to sway from what you know.

5: Enterprises Are Leaving the Public Cloud

The thought that workloads are now being shifted away from the cloud, is wishful thinking at best. When we look at legacy vendors, we must ask, who would stand to benefit from such a myth. The truth is, most enterprises that have moved to the cloud, are still with the cloud. That said, for those that have decided to move back, the vast majority of them have moved from cloud infrastructure as a service (IaaS), rather than SaaS.

One thing to bear in mind, is that some cloud migrations are unsuccessful. However, most organisations when face with cloud problems, are more likely to address them, wherever they arise, rather than take the more drastic measuring of moving everything back to their previous location.

6: Multi-Cloud will prevent lock-in

The vast majority of organisations will start off by using one cloud service provider, but may develop concerns about developing on the single vendor, which leads to them entertaining other vendors. When a company does this, it is known as multi-cloud. Multi-cloud has many different approaches, including a more functionality-based one. For example, an organisation may opt to use the Amazon Web Services, as their main cloud service provider, while using Google Analytics and Big Data in conjunction with it.

IT leaders need to understand that having multi-cloud as their cloud strategy, is not always sufficient in addressing the issue of lock-in. If lock-in has been identified as an issue, then a more streamlined approach should be adopted, one that focusses on tackling real solutions.

7. The Cloud Is a Must

Cloud-washing is basically the tendency of others to call everything the cloud, even it’s not. In many cases this is purely accidental, the result of confusion about the technology. However, there are many vendors and IT organisations that will refer to things as being the cloud in order to make sales, gain funding, and meet certain strategies and cloud demands. This all helps to feed the myth, that in order for an IT company to be worth its salt, it must be on the cloud.

The best thing you can do is be honest, which means, not referring to everything as the cloud. There are many other capabilities, such as virtualisation and automation that do not require cloud-washing in order for people to patronise it.

Author Bio:

Uchenna Ani-Okoye is a former IT Manager who now runs his own computer support website https://www.compuchenna.co.uk

Cloud

Google Cloud Secret Manager

Google Cloud today declared Google Secret Manager, another device that helps its clients safely store their API keys, passwords, authentications and other information. With this, Google Cloud is giving its clients a solitary instrument to deal with this sort of information and a brought together wellspring of truth, something that even advanced venture associations frequently need.

Google Cloud Secret Manager Overview

a. Definition of secret management
In today’s digital world, secrets play an important role in protecting sensitive information. Secrets can refer to anything from passwords to API keys, certificates, and other credentials. Secret management involves securely storing and sharing these secrets to prevent unauthorized access and ensure confidentiality.

b. Overview of Google Cloud Secret Manager
Google Cloud Secret Manager is a fully managed service that allows users to store, manage, and access secrets securely. It is a part of the Google Cloud Platform suite of services, and it provides a central location for storing secrets that can be accessed by applications and services.

Features of Google Cloud Secret Manager

a. Centralized storage of secrets
Google Cloud Secret Manager provides a centralized location for storing secrets, which makes it easy to manage and maintain them. Secrets can be organized into logical groups, and access can be controlled at the group level.

b. Secure sharing of secrets
Google Cloud Secret Manager allows users to securely share secrets with other services and applications. Access can be controlled at the individual level, and users can assign different levels of access to different groups and individuals.

c. Integration with other Google Cloud services
Google Cloud Secret Manager is designed to integrate seamlessly with other Google Cloud services, including Compute Engine, App Engine, and Kubernetes Engine. This makes it easy to access secrets from within these services without having to manage separate credentials.

How Google Cloud Secret Manager Works

a. Creating and storing secrets
To create and store secrets in Google Cloud Secret Manager, users first create a secret. The secret can be a password, API key, certificate, or any other sensitive information. The secret is then encrypted and stored in Google Cloud Storage.

b. Accessing secrets
To access secrets stored in Google Cloud Secret Manager, users must have the appropriate permissions. Secrets can be accessed programmatically through APIs or through the Google Cloud Console.

c. Updating and deleting secrets
Secrets can be updated and deleted as needed. When a secret is updated, the new value is encrypted and stored, and the previous value is invalidated. When a secret is deleted, it is permanently removed from the system.

Benefits of Google Cloud Secret Manager


a. Enhanced security
Google Cloud Secret Manager provides enhanced security for sensitive information by encrypting all secrets at rest and in transit. Access to secrets is controlled through role-based access control, and users can be granted access only to the secrets they need.

b. Increased productivity
Google Cloud Secret Manager can increase productivity by providing a centralized location for managing secrets. This eliminates the need to manage separate credentials for each service or application, which can save time and reduce errors.

c. Reduced risk of data breaches
Google Cloud Secret Manager reduces the risk of data breaches by ensuring that sensitive information is stored securely and access is tightly controlled. This can help organizations comply with regulatory requirements and avoid costly data breaches.

Use cases for Google Cloud Secret Manager

a. Managing API keys

Google Cloud Secret Manager can be used to manage API keys securely. API keys are used by applications to access APIs, and they are often sensitive information that needs to be protected. With Google Cloud Secret Manager, API keys can be stored securely and accessed only by authorized applications.

b. Storing passwords
Passwords are one of the most common secrets that need to be managed securely. Google Cloud Secret Manager can be used to store passwords securely and share them with applications that need them. Passwords can be encrypted and stored in Google Cloud Storage, and access can be controlled at the individual or group level.

c. Securing certificates
Certificates are used to verify the identity of a server or client in a secure communication channel. Google Cloud Secret Manager can be used to store and manage certificates securely, and they can be shared with applications that need them. Certificates can be encrypted and stored in Google Cloud Storage, and access can be controlled at the individual or group level.


Google Cloud Secret Manager is a powerful tool for managing secrets securely in the cloud. It provides centralized storage, secure sharing, and tight access control for sensitive information, and it integrates seamlessly with other Google Cloud services. With Google Cloud Secret Manager, organizations can enhance their security, increase productivity, and reduce the risk of data breaches.

FAQs
Q: What types of secrets can be stored in Google Cloud Secret Manager?
A: Google Cloud Secret Manager can store any type of sensitive information, including passwords, API keys, certificates, and other credentials.

Q: How is access to secrets controlled in Google Cloud Secret Manager?
A: Access to secrets is controlled through role-based access control, which allows users to assign different levels of access to different groups and individuals.

Q: Is Google Cloud Secret Manager compliant with regulatory requirements?
A: Yes, Google Cloud Secret Manager is compliant with a variety of regulatory requirements, including HIPAA, PCI DSS, and SOC 2.

Q: Can secrets be accessed programmatically through APIs?
A: Yes, secrets can be accessed programmatically through APIs, which makes it easy to integrate them into applications and services.

Q: How does Google Cloud Secret Manager enhance security?
A: Google Cloud Secret Manager enhances security by encrypting all secrets at rest and in transit, and by tightly controlling access to sensitive information.

It allows you to store, manage, and retrieve secrets across Google Cloud and other cloud services, without the need to hardcode them in your applications or store them in plaintext files. With Cloud Secret Manager, you can easily rotate secrets and manage access to them using Cloud IAM, helping you to ensure that only authorized users and applications have access to sensitive data. Cloud Secret Manager is designed to be integrated with a variety of Google Cloud services, including App Engine, Compute Engine, Cloud Functions, and Kubernetes Engine, as well as with third-party applications and services.

“Numerous applications expect accreditations to associate with a database, API keys to conjure a help, or declarations for verification,” Google designer advocate Seth Vargo and item administrator Matt Driscoll wrote in the present declaration. “Overseeing and tying down access to these privileged insights is regularly entangled by mystery spread, poor perceivability, or absence of combinations.”

With Berglas, Google previously offered an open-source order line instrument for overseeing mysteries. Mystery Manager and Berglas will play well together and clients will have the option to move their mysteries from the open-source instrument into Secret Manager and use Berglas to make and access insider facts from the cloud-based device too.

With KMS, Google additionally offers a completely overseen key administration framework (as do Google Cloud’s rivals). The two instruments are particularly reciprocal. As Google notes, KMS doesn’t really store the insider facts — it encodes the mysteries you store somewhere else. Mystery Manager gives an approach to effortlessly store (and deal with) these privileged insights in Google Cloud.

Mystery Manager incorporates the vital devices for overseeing mystery forms and review logging, for instance. Privileged insights in Secret Manager are likewise venture based worldwide assets, the organization stresses, while contending apparatuses frequently oversee insider facts on a provincial premise.

Some additional points about Google Cloud Secret Manager:

It uses the Cloud KMS key encryption to protect secrets at rest and in transit.
It integrates with Cloud Identity-Aware Proxy (Cloud IAP) to enforce fine-grained access control to secrets.
It supports both versioned and unversioned secrets, allowing you to easily rotate and manage secrets over time.
It integrates with Cloud Audit Logging, providing an auditable record of who accessed which secrets and when.
It provides a programmatic API and a command-line interface (CLI) for managing secrets, as well as integration with popular configuration management tools such as Terraform and Chef.
It is designed to be used with microservices and container-based architectures, allowing you to store and manage secrets in a central location and access them from multiple services.

The new apparatus is currently in beta and accessible to all Google Cloud clients.