In my previous article I wrote about where are the security jobs in a cloud future. So if it is a cloud based future, what kind of security jobs will there be? Generally security folks like to go where the action is. To be on the front lines in the security war. That being the case the place to be is at the service provider.
The service provider will be expected to have the in house expertise to design, manage and maintain both Iaas and Paas environments. Security will move up the chain to the service provider because that is where the assets are.
But saying that security jobs will move to the service provider is a no brainer. What kind of security jobs will there be there? That is the real question.
First and foremost, security experts at the service provider better be virtual environment experts. There are going to be several flavors at least of virtual infrastructure. VMware, Xen, XenServer, KVM, HyperV and who knows what else. Each will have its own nuances around security. Whether it be vSafe or something else, certified or experienced security pros with securing virtual environments will be in high demand.
Many of the other service provider and/or cloud security engagements will be similar to their current enterprise counterparts, just moved up the stack to the service provider. Web application security will continue to be a really hot area. Database security and access control will also continue to be in high demand.
For me though, after virtual environment security, the security skills that will be most desirable and in demand by service providers will be identity based security solutions. Who can access what in the cloud, keeping a trail of who goes where and what they can do when they get there will be even more important in the cloud then it will in the enterprise data center environment.
Besides what kinds of security skills will be needed at the cloud, there will also be needed a different attitude about your security job. For years we have all paid lip service in IT to the rest of the organization being “our customer”. But in the cloud that will be exactly the case. You will be servicing real customers. They may have issues around what they want you to know. You will be an someone that some of them may look at as taking their job. Customer satisfaction really does become important. Hey man they don’t call them service providers for nothing.
But overall to the contrary of what some doom and gloom pundits have preached, the cloud will offer more opportunity for security professionals to practice their craft and make the world a safer, more secure place.
Related articles by Zemanta
- Architectural Multi-tenancy (devcentral.f5.com)
- The New Network for the Data Center (slideshare.net)
- CaseCentral Joins Cloud Security Alliance (eon.businesswire.com)
- Ping Identity Joins with Other OASIS Members to Advance Identity Standards for Cloud Computing (eon.businesswire.com)
- F5 Friday: Never Outsource Control (devcentral.f5.com)
- You Can’t Secure The Cloud… (rationalsurvivability.com)
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=de3dd4f2-9327-4f17-b27a-9c9fe20501fa)
{ 1 trackback }