From the Blogosphere
Iron-Clad Cloud Networks By @JamesCarlini | @CloudExpo #IoT #Cloud
‘In the Age of Nanokrieg© and cyberattacks, hardening Intelligent Infrastructure and Mission Critical Networks is a must’
By: James Carlini
Dec. 13, 2015 02:30 PM
Iron-Clad Cloud Networks and Defending Against Nanokrieg©
Today, most enterprises have some type of cloud-based solutions or are looking at cloud-based infrastructure for some of their enterprise applications. What is lacking in many organizations is the strategic design focus and sophisticated implementation for very secure infrastructure which not susceptible to cyberattacks.
Hardening data centers as well as enterprise networks (and clouds) is a critical step to ensure an organization's business continuity. Forget "disaster recovery" as it is a dated term and dated concept. Disaster recovery refers to the organized shutdown of systems and then when the disaster (event) is over, a systematic restart of the total application is initiated.
In today's business environment, many organizations cannot survive if their applications are out-of-service for a couple of days. Business continuity, where enterprise operations continue through the episode of the disaster, is a more robust design approach to system and network resiliency.
Disaster recovery is a dated term like data processing. More resilient systems, which are not susceptible to disasters and outages, are what should be planned and designed, especially for any organization's mission critical applications.
The Internet of Things (IoT) Is Only as Good as the Internet of Reality
IT execs, who are not asking hard questions as to the "resiliency and robustness" of some of the inter-workings these cloud products, will be the first ones suffering when their organizations is exposed as having a data leak, a network failure, or a loss of all customer records and credit card information due to a cyberattack. Of course, this also applies to government systems and networks as well.
If the corporate (or government) network infrastructure is not fully protected or resilient from cyberattacks and other threats, the functionality of its cloud will be compromised whether it is a public or private cloud.
Why is this so important? If you are looking at any cloud-based computing, it better be bulletproof especially if it is carrying time-sensitive mission critical applications for your enterprise or information deemed private and confidential (like customer credit card information or health records).
One cloud feature missing in financial networks which I have pointed out in the past is Cloud Transaction Synchronicity ©. Basically, this is the total traffic synchronization of ALL transactions being sent across within a cloud. This should be a traffic monitoring service available in any cloud application.
This would guarantee a much higher and comprehensive level of compliance within the boundaries of the SEC (Securities and Exchange Commission), FINRA (Financial Industry Regulatory Authority) as well as other regulatory bodies within the financial and brokerage area. By having this timing synchronization embedded into the total network infrastructure of a cloud, it would guarantee the ability to re-construct the transaction sequence in any major drop or jump in the velocity and value of transactions processed. It would be able to provide exact sequencing of transactions and where they originated from, which in today's cloud networks is not a functional capability of any network utilizing HFT servers (High Frequency Trading).
Without having this type of diagnostic capability, no cloud network offers what is really needed to be able to re-construct and diagnose the sequence of transactions occurred in a market crash scenario like the one that happened in 2010. (The 1000 Point Drop of the Dow)
Testing the Design for Resiliency: Have You Really Thought It Out?
Have these clouds been thoroughly tested and thought through? One of the major networks being discussed today is the First Responder Network, FirstNet. It is supposed to be a government network that has many capabilities for municipalities. One of its flaws that I see is there is no mention of being EMP-proof throughout the network. They need to incorporate that capability into their RFP and the design spec.
EMP attacks are a real possibility. With the rise in terrorist attacks and a country's national economy viewed as a viable target, it makes sense to harden both data centers and their networks to a standard where EMP attacks are nullified (http://www.thefederalistpapers.org/us/emp-attack-on-us-power-grid-could-kill-9-in-10-americans):
As the Heritage Foundation has reported, an EMP attack with a warhead detonated 25 to 300 miles above the U.S. mainland "would fundamentally change the world:"
"Airplanes would fall from the sky; most cars would be inoperable; electrical devices would fail. Water, sewer and electrical networks would fail simultaneously. Systems of banking, energy, transportation, food production and delivery, water, emergency services and even cyberspace would collapse."
Is your data center susceptible to an EMP attack? (Electro-Mechanical Pulse bomb) Are your network EMP-proof? If you are dealing with a third party supplying a data center capability and/or a private cloud, are they EMP proof?
These are questions to have fully answered before you embark on building out any enterprise or third party-supplied, cloud network or data center supporting any mission critical application.
Carlini's upcoming book on Military Infrastructure, Strategies & Tactics for the War on Terrorism, Nanokrieg Beyond Blitzkrieg, will be out in 2016.
His visionary book, Location Location Connectivity is available on AMAZON.
Follow daily Carlini-isms at www.TWITTER.com/JAMESCARLINI
Copyright 2015 - James Carlini
Reader Feedback: Page 1 of 1
Latest Cloud Developer Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week