Cloud security is better than you think, developer relations need work; going “all in” is getting trendy and machine learning is driving it…
AWS’s annual re:Invent summit in Las Vegas last week was its biggest yet, attracting over 50,000 delegates. Here are Computer Business Review’s Top 5 AWS re:invent takeaways (based on the limited sessions one editor could get to!)
1: Cloud (in)Security is No Longer an Excuse for Staying On-Prem…
Concerned about moving to the cloud for security reasons? You may have been left behind by the pace of innovation (or just need some help with configurations). AWS has added 239 new security features in 2018 alone and now has one hub to rule them all.
It’s certified under everything from ISO 27001 to PCI DSS Level 1. AWS uses its own silicon with trust enclaves built into chips, hardware crypto accelerators built into cards and conducts regular physical and virtual penetration testing; its threat detection software GuardDuty processes an average of 92.7 million flow log records per second.
Security, configured right, is rock solid and even its hardware gets rigorously checked.
As AWS’s CISO Steve Schmidt said at a press Q&A following his “State of Security” talk: “We don’t trust suppliers: we replace the firmware we get on all of our devices. On every single machine. If its got BIOS, UEFI, it all gets replaced. Some firmware in GPUs is not accessible so we replace with firmware that we’ve validated is functioning properly and can cryptographically can prove is functioning correctly.”
Want watertight security? You’ll have to pay for it, but it those still scared about losing their IP or data in the cloud need to compare and contrast their own on-prem security with the cloud’s offerings. The findings may prove a surprise…
2: Everyone’s Talking about Serverless
Serverless was a hot topic at re:Invent, topping the most-discussed “what’s trending” lists on social media daily. What is it? Servers, contrary to the name, are still involved: they’re just managed by AWS (or another cloud provider) and not always running.
Instead, as Thorn Tech’s Mike Chan puts it lucidly: “You can configure events, such as API requests or file uploads, that trigger your serverless function to execute. And when that action is complete, the server goes idle until another action is requested, and you are not billed for the idle time.”
Why use it? As AWS puts it: “Serverless allows you to build and run applications and services without thinking about servers. It eliminates infrastructure management tasks such as server or cluster provisioning, patching, operating system maintenance, and capacity provisioning.”
At re:Invent the company announced it would be opening up its serverless language support, allowing “builders” to bring their own language to AWS Lambda, its serverless computing platform. You can do your thing on Ruby, C++ and Rust runtimes are coming soon and it is working with partners to provide more open source runtimes ranging from Erlang (Alert Logic) to Cobol (Blu Age).
Expect to hear more…
3: An Open Source Free-for-All is Raising Hackles
Hanging out with AWS? Something of a necessary evil to many in the open source community and the company’s rebundling of OSS tools like Elasticsearch and Apache Kafka to monetise “as-a-service” has raised more than a few hackles.
As Rafael Laguna, CEO of the software company Open-Xchange puts it: “AWS is quickly becoming for the Cloud what Microsoft Windows had managed to become for Client-Server: The controlling, proprietary platform for software and services.”
He added: “AWS is also a very bad model for open source, as it is a one-way street. Although AWS is built on top of open source, it is one of its least active contributors (as opposed to RedHat OpenShift, for instance). Many Open Source companies rely on making money from providing their software as a service, only to find out that AWS has now done the same, with their software, but also with the inherent advantage of owning a hyper scale platform.”
(AWS rejects the characterisation. It says it has over 1400 projects on GitHub and is a significant contributor to projects such as Apache MXNet, FreeRTOS and Kubernetes. It’s clear however that while Microsoft has put a lot of work into wooing the open source community, AWS has not – and this is beginning to tell).
4: Going “All In” is Getting Easier – and Machine Learning is a Big Driver
Korean Air will mothball its own data centres within the next 36 months as it embarks on an “all in” move to AWS after signing a 10-year contract, the company said: one of several major customer wins announced at Re:Invent. Korean Air is moving websites, cargo management, flight control systems, ERP and other systems to AWS.
Korean Air will also use AWS database, containers, and serverless technologies to create a microservices architecture on AWS, the company said.
Korean Air data scientists and engineers will be using the company’s machine learning (ML) service SageMaker to build and deploy machine learning models to improve predictive aircraft maintenance systems and automate repairs, they said. It was an important aside: along with step-change in cloud security, ML is proving a major driver of such “all in” moves to cloud infrastructure. Biotech company Amgen also announced an expansion of its relationship with AWS and again, ML was a driver.
“At Amgen, we hire top technologists who work closely with scientists and other experts to bring new breakthrough medicines to market,” said Mike Zahigian, Chief Information Officer at Amgen. “The choice to go in this direction [cloud] was influenced in no small part by technologists in information systems rapidly adopting AWS technologies over the last few years to accelerate innovation.”
AWS evangelist Julien Simon does a good job of capturing the key re:Invent ML announcements in this Medium blog…
p.s. Did somebody say “driver”? AWS launched “DeepRacer” at the conference: a fully autonomous 1/18th scale race car driven by reinforcement learning and a 3D racing simulator. Want to buy one? That’ll be a modest $249… Expect to have to queue.
5: Cloud to Space – and Back Again
AWS’s move to establish 12 satellite ground stations – essentially doing for these vital conduits for space data what the cloud has done for on-premises infrastructure (reducing capex risk for those who would otherwise buy or build themselves, and leasing on a pay-per-use basis) – is a canny one.
Along with a partnership with Lockheed Martin that will see the two work together on the defence contractor’s new “Verge” network of low cost ground antennas, which aggregate satellite data and stream it to AWS’s cloud for subscribers, it suggests AWS’s defence ambitions are growing fast (the provider is front-runner in a whopping $10 billion Department of Defence cloud contract that has yet to name a winner…)
With Jeff Bezos having been blunt on the company’s desire to support the military, Computer Business Review experts AWS to take on significantly more defence and aerospace sector work in coming years: expect the unexpected.