Technology, Security

Cloud date, Nov. 7, 2024: where the enterprise is headed next

Blog-post by,
HP Blogger
,

Dateline:  Friday, Nov. 7, 2024:  It’s rather cold this morning, when John Smith arrives at the control center of Nebulous Inc., one of the five companies delivering cloud services to the world. He has to resume his post as chief operator for the huge environment buzzing with data and services from companies all over the globe. Nebulous was created in 2017 when the service provider market started to concentrate and large enterprises finally embraced what was then known as “public cloud.” The need for extremely low cost and global reach resulted in the merger of the largest environments with key global network providers.  The result was five companies delivering capacity and services to the world, to enterprises and consumers alike. Information Technology had truly become a commodity in the same way as water and electricity. People no longer cared about the technology, just about the service delivered.

In 2019 the United Nations developed the global information protection act, removing the last barrier of free storage and movement of information anywhere in the world. That resulted in the disappearance of the last enterprise datacenters. Through a variety of tools, including smartphones, tablets, intelligent TV’s, cars and many other devices people have access to the power of the cloud anywhere around the globe. Libraries, pictures, music, films, everything is maintained in this web of technology. Most of the datacenters are located either underground in the desert, powered by solar farms, at sea, powered by waves, or in the far north, powered by wind, but they are managed by key centers located across the globe.

John enters the facilities and gets his eyes scanned for authentication. The control room is calm, operators are supervising screens and workloads are reasonably low as usual towards the middle of the month. He sits down behind his desk and asks for his mail that flashes up on his screen. It looks like there is nothing special, the usual routine. It will be another calm day. John is thinking about this evening, when he’ll go out with friends.

He goes on and starts his daily work. About one hour later, from the corner of his eye, he suddenly sees a small red area appearing on the big screen showing the location of the company’s datacenters around the globe. What’s that? One of the interconnection points with CGC (Celeste Global Cloud) announces that the interconnection no longer responds. Strange, that never happened before to John’s knowledge, but let’s not worry, he thinks, other interconnections will take over the traffic. Maybe they have an outage in a datacenter, that’s routine. Five minutes later, a second reports a similar issue, and then a third. John tries contacting his counterpart at CGC, but draws a blank screen. No contact, what the heck is happening?

Then, the same thing happens with an interconnection with Money ltd., the cloud managing most of the financial transactions. Again, John tries contacting and draws a blank. Something serious is happening. Piet, the head security guy on duty rushes over and tells John the intrusion detection software is announcing attacks in several places around the world and they seem to emanate from both Money and CSC. His staff is trying to contain them to keep the service running, but if the frequency increases they may have to shut down the service. John cannot take that responsibility. By now, he is sweating heavily. What should he do? This is serious.

Suddenly a high priority message appears on his screen. It reads: “The Bit Liberation Movement has taken over control of CSC, Money and Stardust and is shutting them down to stop the capitalist use of information technology. The United Nations needs to agree a list of demands prior they release the information flows. Nebulous should be used for governmental agencies to gain an agreement with the Bit Liberation Movement while D&D (Dupont & Dupond) will manage the information of the public. Any attempt by Nebulous and D&D to perform other tasks will have major implications.”

Wow, how could that happen? Before he has time to come to a conclusion, his screen blinks again and one of his contacts at CSC appears. Behind him is a flag of the Bit Liberation Army. He says: “Hey John, you will hand us over all controls of Nebulous, or we blow out the service. Ask Piet to open up the security gates. A member of our team will be in your offices in five minutes and tell you what to do.”

What the story teaches us

Let’s leave fiction here. This is obviously just a catastrophe scenario. But it teaches us a couple things. Information is the backbone of most economic transactions these days. And most information is going digital. Which means it travels through networks managed by a small amount of companies. As clouds consolidate, the information is concentrated. Companies are very good in securing their environments from external attacks, but what about attacks coming from the inside? As the backbone environments of information technology are concentrated, shouldn’t we take precautions? This spring, Amazon got a four day outage that affected many companies because of a human error. What could have happened if somebody intentionally wanted to harm the environment? Shouldn’t we, as the Cloud Security Alliance suggests, perform background checks on the operations staff? Shouldn’t we put controls in place to ensure one person or a small group cannot put the environment to a halt. As we centralize our information technology, we concentrate the information lifeblood of the world. And this requires protection in the same way as our electricity grid and our water supplies. Who is looking at that?

What do you think about the possible future scenario I postulate in this blog entry? 

(2) (2)

Discussion
Would you like to comment on this content? Log in or Register.
Judy Redman
Judy Redman 55 Points | Wed, 10/12/2011 - 00:31

Interesting post, Christian. You could have a second career as a sci-fi writer!  For other futuristic scenarios those in the Forum might enjoy this post with an IT analyst blogger looking at four  future scenarios.  What Does the Future of the Data Center Look Like to You?

Christian
Christian Verstraete 402 Points | Thu, 10/13/2011 - 09:04

Judy, thanks for the hint about becoming a sci-fi writer. Might be a hint for a future career, who knows :).

Thanks for pointing out the blog with the future scenario's. I will definitely look at that and maybe comment, who knows.

jdodge
John Dodge 1362 Points | Wed, 10/12/2011 - 13:51

I hope you picked up on the Star Trek theme in the headline...where the "Enterprise" is headed next...get it?

There are literally hundreds of places:

http://en.wikipedia.org/wiki/Lists_of_Star_Trek_Planets  

MichaelProcopio
Michael Procopio 18 Points | Tue, 10/11/2011 - 23:13

Christian,

Good story!

I think this may be a situation where we should follow the lead of nuclear power community - you need a background check to access there also.

That said there are many cases where people have become traitors after getting high security clearances. 

Could it happen - yes. But the probability is very low, just as no nuclear power plant has been blown up.

 

 

 

Christian
Christian Verstraete 402 Points | Wed, 10/12/2011 - 12:00

Michael, that's exactly where I'm going. As it concentrates in the hands of a few, we thoroughly need to think at risk scenario's and how we address them. Scenario planning might be a way to do thgat.