Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Aviatrix Blog

Altitude Podcast: The 2 Most Important Cloud Lessons from Season One 

As we close in on the first six months of Altitude: The Unsung Heroes of Cloud Transformation, I want to take this opportunity to reflect on what I’ve learned after hosting so many interesting, influential, and inspiring guests. Together, we’ve explored a wide range of topics, such as the evolution of cloud, cloud migration, future trends, zero trust, digital transformation, and much more. Out of all these topics, I’ve selected the “top 2” that I want to explore in more detail.  

 

It was challenging to pick two favorite topics from an entire season, so before I delve into them further, I’d like to highlight a few notable episodes that deserve special attention: 

 

  • The Impact of the Cloud Networking and Security Skills Gap on Enterprises” with Danielle Coady, VP of Marketing at Aviatrix, and Nauman Mustafa, VP of Business Development at Aviatrix: Danielle and Nauman highlight the importance of closing the skills gap in cloud, and we explore how the Aviatrix Certified Engineer (ACE) Program is a difference maker in preparing the next generation of network engineers for cloud.  

 

 

  • Simplifying and Automating Global Network Connectivity” with Zac Smith, Head of Edge Infrastructure at Equinix: Zac pulls back the curtain on how Equinix rose to prominence vis-à-vis an egalitarian business model and delivers a master class in the importance of automation in a virtual world.  

 

  • “Transforming Legacy Networks in a Multicloud World” with John Bristol, Practice Leader at Enterprise Vision Technologies: John shares his years of experience helping the F500 move to cloud, where automation, dev-centric processes, and re-thinking network architecture play a critical role.  

 

Without further ado, here are my favorite two topics from Altitude’s first season.  

 

AI and Machine Learning are indeed the future – if we get it right.  

 

AI is suddenly a big deal, helping to rally the flagging tech sector and quieting some public cloud naysayers as of late. A 2022 McKinsey survey shows that AI adoption has more than doubled over the past five years. Why is this new consumer shift to AI getting so much attention from businesses, the media, and politicians alike? Zach Hughes, Vice President of IT at CHS, sheds a bright light on this topic in the Altitude episode “The Potential and Perils of AI in IT.” 

 

While enterprise IT has been training machine learning against big data sets for years, what is new is the appearance of cutting-edge algorithms specifically designed for creating new content, such as audio, video, text, and code. This new consumer-driven AI front-end, which we know as OpenAI, ChatGPT, DALL-E, Bard, and so forth, is referred to as generative AI. 

 

Generative AI as a productivity tool has its roots in spell and grammar checkers and can be considered as “next level” workplace assistants. What’s important here is that ideally, the content that generative AI helps create is ultimately owned by the person or entity that is responsible for the final product. For example, if I used ChatGPT to help write this blog (I didn’t, I promise!) then I’m still the author and must accept that the buck stops with me. 

 

In the same way that the iPhone started as a consumer revolution, the new AI revolution has begun with public consumption, then will later transition to the workplace.  If business leaders don’t adopt some sort of concrete stance on how generative AI will be used in the workplace, Zach notes, then they will miss a critical window to control how AI fits into their business processes.  

 

The initial concern is not that generative AI will outright replace most jobs – Zach predicts that it will primarily augment them – but rather, that human-injected bias into the ML process will produce results that are inaccurate, misleading, or downright false.  As the output of AI becomes more and more human-like, we as consumers won’t be able to tell the difference between fact and fiction.    

 

Favorite quote: “I think when you start to layer in potential for bias, potential for misinformation into AI…to know the capacity for us to be manipulated by things that look like facts, but aren’t, or that look black and white, but are more grey, [we need to] just continue to make sure we don’t fall victim to the machines.”  – Zach Hughes 

 

 

However, this inherent danger for bias in generative AI must be weighed against the positive outcomes that AI and ML in public cloud have already made in our society. In the episode “A Cloud Migration Experience: From Limitations to Innovation,” Justin Payne, Sr. Infrastructure Security Architect at Mueller Water Products, discusses how his company is using AI and ML in the cloud to proactively predict when a water line or a sensor is going to fail, then replace it before the system even breaks. 

 

This saves both the business and the consumer money, keeps critical infrastructure safe and sound, converses a huge amount of fresh water, and helps protect the environment. While the struggle for a 100+ year-old public sector company to adopt cloud was real, the power of AI/ML has revolutionized Mueller’s business and made the world a better place.  

 

Favorite quote: “Now with AWS and cloud in general, that machine learning and that data mining and those data lakes, [we have] the ability to plot all that data in and quickly use it to then offer the customer features we could never do before.” – Justin Payne 

 

 

Security in the cloud can be a minefield, but by embracing new approaches, security professionals can find a path to success.   

 

It’s no secret that cloud security is top of mind with enterprise these days. CrowdStrike recently reported that in 2022, cloud exploitation grew by 95%, representing a three-fold increase from the previous year. Does this mean that cloud is less secure than traditional data centers? Certainly not. But it is an indication of two important and related factors: 1) The rising quantity of business-critical apps in cloud has made them the focus of a recent wave of high-profile attacks. 2) Cloud security professionals need new approaches and tools to improve security in the cloud.  

 

During the episode “Can We Achieve Distributed Security at Scale in the Cloud?”, I had the pleasure of exploring this second factor in depth with two security heavy weights, Toby Foss, Director of Network Operations at Informatica, and Chris McHenry, Head of Security Solutions at Aviatrix.  

 

The first challenge we discussed was the lack of control and visibility in cloud compared to what traditional data center firewalls offer, which provide deep insight into every flow across every interface. Upon moving their first serious workloads to cloud, IT and security pros found the basic security services of cloud lacking here. This challenge was compounded by the fact that in cloud, the standard concept of a secure perimeter doesn’t exist as most cloud-native services are designed to access the internet right out of the box. Standard firewall architectures in cloud, which are borrowed from the data center, are poorly equipped to handle this “endless perimeter.”  

 

Next, we discussed challenges with data collection, and how security teams must quickly analyze massive amounts of data for threats due to international laws that require, in some cases, a slim 72-hour window in which to disclose a breech. Lastly, we hit on two common cloud headaches for security professionals – services like NAT gateways that provide easy outbound access but offer no visibility or security controls, and how IP addresses are becoming almost irrelevant for security logic, given IP reuse/exhaustion and PaaS services like containers that disguise their internal IP address over the network.  

 

 

Admittedly, there was a healthy bit of “glass half empty” discussion going on, but this episode also exposed some fantastic opportunities for security and IT to turn the corner and gain the upper hand in protecting their cloud workloads. Toby emphasized that security teams need to use automation as a path to consistently hit their goals and provide patterns that can scale at the speed of business. Second, massively distributed security platforms are now on the market that can provide the visibility, scale, and centralized control necessary to handle the “endless perimeter” of cloud.  

 

Furthermore, some of these platforms are also capable of abstraction, where firewall policy can be based on object tags, giving cloud security pros a new and necessary language to protect their critical apps and services. Toby spoke a bit about his work with attribute-based security as he pursues his PhD in computer science and cyber security, affirming the importance of this new capability.   

 

Favorite quote: “The network has to be able to enforce policy everywhere if you’re trying to do anything attribute-based in networking security. [If] you have to think about how to route that traffic through an intelligent device, the developers are not going to be able to help you out…because the irony is, if it’s embedded in the network, you actually have to think less about the network when you enforce that policy.” – Chris McHenry 

 

Another episode that delves into new approaches for cloud security is “Securing by Design in the Cloud” with Mohamed Ghassen, Sr. Cloud Security Engineer at SAP. Mohamed led an insightful discussion on how cloud design must consistently embed security into every layer, from the network to the application to the user, and connects this practice to zero-trust security.  Meaning, zero-trust security is not something you add after the fact in cloud – it is inherent in each and every step of the application life cycle. 

 

Mohamed and I agreed that security professionals need to become fluent in CI/CD practices so that they can work closely with developers throughout this process, being involved at each step to provide guidance and oversight. This approach is called “DevSecOps” and is critical to close gaps that traditional security practices fail to address in cloud – such as securing distributed systems, enabling agility, and focusing on automation to do more with less. 

 

The episode closes with a discussion about which platforms best enable DevSecOps. Again, we agreed that platforms that embrace automation and abstraction are the key. Automation increases time to market, saves money, and helps security create repeatable designs that become the centerpiece for collaboration with developers.  Abstraction closes skill gaps and reduces the complexity across multiple clouds, which in turn yields a unified language, improved security, and lower TCO. 

 

Favorite quote: “I would say that a vendor would be successful if he can build some abstraction layer that unifies the cloud providers and simplifies…the tasks of the software engineer or the developer.” – Mohamed Ghassen  

 

 

Each conversation on Altitude has opened my mind to inspiring new perspectives and opportunities, and I can’t wait for what’s to come. We have exciting new speakers coming up you won’t want to miss, so be sure to subscribe at: https://aviatrix.com/altitude/

 

if there’s a specific topic you would like us to cover next, feel free to comment below.  

 

Thank you to our listeners and amazing guests. Let’s continue to be curious, to rethink, and to innovate as we open our minds to the brilliant perspectives of the cloud industry.    

  

About Altitude: The Unsung Heroes of Cloud Transformation 

As enterprises go all in on the cloud, IT leaders and teams either fall behind or rise above. Altitude: The Unsung Heroes of Cloud Transformation explores the latest cloud industry trends, challenges, and opportunities that IT leaders and teams face today. Hosted by Bryan “Woody” Woodworth, Altitude equips listeners with the knowledge and inspiration to lead the way through the ever-evolving cloud landscape.  

 

Tune in for episodes released biweekly: https://aviatrix.com/altitude/