Google's Urs Hoelzle: Cloud Will Soon Be More Secure
Google's chief data center architect, Urs Hoelzle, says cloud security will improve faster than enterprise security in the next few years.
Cloud Certifications To Boost Your IT Skills
(Click image for larger view and slideshow.)
Google has pioneered key features of cloud computing, including chiller-less data centers, broader use of Linux containers, and the big data system that was the forerunner of NoSQL systems. Far from resting on its laurels, Google's Urs Hoelzle, senior vice president of technical infrastructure, said, "All the innovations that have happened so far [are] just a start."
Hoelzle made that pronouncement during the morning keynote address to Interop attendees at Mandalay Bay in Las Vegas on Wednesday, April 29.
And two areas that will show the greatest innovation over the next five years will be in cloud security and container use.
Cloud security will soon be recognized as better than enterprise data security because the cloud, by design, "is a more homogenous environment," he said. That means IT security experts are trying to protect one type of system, replicated hundreds or thousands of times, as opposed to a variety of systems in a variety of states of update and configuration.
In contrast, where one complex system has many different types of interactions with another complex system "little holes appear" that are hard for security experts to anticipate in every case.
Hoelzle said that the use of encryption on-the-fly and of scanning systems trained to look for threats and intruders is already in place, and will be extended over the next few years in Google's cloud operations.
In an interview afterward, he said the mapping of systems -- so that a cloud data center security system knows which application talks to which application, what policies are governing, who can access what data, etc. -- will give security experts an auditable tool with which to maintain security in depth. "You only have to get it right once and it's right every time," Hoelzle observed.
[Want to learn more about the Google Cloud Platform? See Google Turns Up The Heat On Amazon.]
In addition, for cloud users, the software changes in cloud systems occur behind APIs, so there's no fresh software at the surface in which an attacker may detect a vulnerability and exploit it. "There's no mistake on installation," that a hacker can see when the software sits behind an API, Hoelzle said.
"We run a large cloud that gets attacked every day," he said. After 15 years in which the company has
Continued on next page.
Charles Babcock is an editor-at-large for InformationWeek and author of Management Strategies for the Cloud Revolution, a McGraw-Hill book. He is the former editor-in-chief of Digital News, former software editor of Computerworld and former technology editor of Interactive ... View Full BioWe welcome your comments on this topic on our social media channels, or
[contact us directly] with questions about the site.

1 of 2

More Insights