Tumgik
Visit Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Fun Fact
If you dial 1-866-584-6757, you can leave an audio post for your followers.
#but aside from that the game is a great playground and sandbox for a million other stories or ideas
baldursghaik · 1 month
Text
Reading the reaction to Larian's decision to fully step back from wotc/d&d/etc has been interesting
a lot of mourning of the loss of "content"
"we could have had years and years of content" "this is heart breaking to never see these characters again" etc etc
is that what you really want? content? is this what modern media production has come to, that people aren't sated with anything less than milking a property until it's a barren husk of anything it once was?
Why can't we be happy with what we have? I don't think it's unfair to be sad about this news, especially given that it felt like some things were being teased or hinted at, and now they most likely will not come to fruition (at least at larian's hands), but is that really so bad? If you're so dissatisfied with a character's ending or arc, write a fanfiction, draw fanart, boot up the game again and just imagine your way into what you DO want
is that not the fundamental nature of d&d?
#again#I cannot iterate enough that it's okay to be bummed out about this#but I'm proud of larian for doing right by their employees#they have more respect for themselves as well as the source material than wotc/hasbro does#I just wish that people could be happy at all that we have so much already#the only thing I truly wish larian would add is more material for wyll because he was done so dirty in comparison to everyone else#but aside from that the game is a great playground and sandbox for a million other stories or ideas#and wotc/hasbro or even larian themselves cannot rip that out of your hands#you can make more of what you love about this game this series this entire universe
205 notes · View notes
mikegchambers · 7 years
Text
Nothing is Safer than Cloud
The security features of cloud providers give you the best processes, tools and practices to truly beef up your game
Padlocks floating in the matrix are especially secure.
There’s nothing like making broad claims with a headline featuring some dubious grammar, especially at the beginning of the week. But bear with me and we will slice and dice the ever-nagging issues of security in this post.
Get the Security Team On Board
In the on-premise enterprise world, IT security groups are becoming the Department of No. If you use any sort of agile release train, like frequent releases of mobile app versions for your organization, you’ll be familiar with scans, audits and the general slowdown that occurs when you enter the security orbit. Modern software is about change and yet change is the enemy of security in the on-premise environment.
This is a conundrum since you want to release software regularly but don’t want to be that executive who opened a security hole that caused the theft of all your client data. In fairness to the security folks, on-premise security is really difficult since it exists at many levels, it’s often applied as an after-thought and their job is like plugging a million microscopic holes in a dam.
In cloud there’s a better way, and it resolves the conflicting tension between needing to introduce changes in the software, and ensuring the environment is secure. There are four features that security teams will love (I’m picking from AWS here but similar magic exists elsewhere):
The security team can define the roles and rights of every user and process in the system, making it pretty much impossible to create new instances (servers) or deployments that open ports or violate security policies. Instead of policing per application, they can focus on the entire organization in an abstract, generalized way.
Automation at every level minimizes intentional damage or accidental screw-up. From machine images to auto-scaling and templating, you can guarantee that the 100,000th instance is using the same security policies as the first. This goes a long way to making sure that growing complexity in the environment doesn’t create vulnerabilities.
Security tools such as Amazon Inspector provide constant security assessments and look for weaknesses 24/7. These applications ensure that any windows left open are slammed shut asap.
Centralized automatic logging of every action, API call and event make it much easier to see what’s happening and isolate problems when they occur. This eliminates operating in stealth mode so audit trails abound for every user and process.
The TL;DR version is that cloud gives security teams a fully configurable sandbox where developers can play and get sand in their eyes but not burn down the playground in the process. This compares to on-premise, which is more like trying to keep watch over a hundred caffeinated 5-year olds in a knife store.
With proper configuration, a security team can own and monitor a bulletproof environment and not need to firefight on a per-project basis.
But really, how can my data ever be safe in the cloud?
This is a legitimate question especially for non-technical people but before I answer, let’s start with one mind-blowing fact that people often forget when discussing digital things.
For physical products, locking them up in a place where you can see them will deter thieves and usually stop them from being stolen. This works because (1) the thief may not know you have said riches (2) the riches are put in a place that’s hard to find and (3) the riches are secured with locks, safes and armed guards that make it easier for the thief to steal from other people.
Under no circumstances are the items ever totally immune from theft, it’s just that stealing the Hope Diamond is an order of magnitude more difficult than stealing cash from a gym locker. You also know when your riches are stolen because they are gone.
Hackers also freeze when a human enters the room.
For digital products and data, the same deterrents don’t work the same way. If your corporate data is stored on your CEO’s laptop on the top floor of a heavily guarded building, the thief doesn’t need to enter the lobby Matrix-style to physically reach the laptop.
Hackers will attempt to breach your network, overcome digital security safeguards and then copy the file(s) if they find them. You may never know the data has been stolen because the original file is still there. Or the boss might just use the password Password123 and accidentally leaves his PC in the back of a taxi — that’s more common than you’d think.
So why is cloud safer than on-premise attempts to protect data? Well, the cloud was born in a public space so consequently has security baked into every layer of its design from the get-go:
This is what encrypted data looks like without the key. It’s harder to see the woman in the red dress.
When set up properly, cloud encrypts data at rest (i.e. when it’s stored somewhere) and in flight (i.e. when it’s moving around). AWS for example offers digital envelope encryption and complex rotating key management. Translated to English, this is like a safe where the code changes every minute. I’m simplifying but essentially just stealing the data isn’t enough to get you very far — you have to do an unreasonable amount of work to read it because the math makes A Beautiful Mind look like he was just typing “Hello” upside-down on a calculator.
Amazon’s Snowball lets you ship corporate data from your armed guards direct to their data centers using UPS. So hijackers could presumably hit the UPS truck and steal all your corporate data, right? Unfortunately not — the encryption’s so tight that even if you have access to the hard disks with the data, you’ll still need a few hundred years to figure out the contents because of the method used.
Access controls and auditing are granular and very robust. Since most hackers are actually disgruntled employees on the way out of the building (or well-meaning workers accidentally doing damage), a well-designed set of policies will prevent 99% of all typical data loss events. And recovering from snapshots in the cloud is elegantly simple.
Major cloud providers have a slew of secrets, proprietary tools, potions and tricks up their sleeves to catch bad guys before you even know about it. Since you’re already in the secure area of their environment, you benefit from the multiple levels of threat detection they use non-stop. It’s like having an invisible Secret Service watching your back all the time.
Encryption and hacking aside, much corporate data loss happens because backups fail or, more likely, were never made in the first place. Automation in the cloud makes it much easier to create policies where every byte of data is held somewhere forever and you don’t have a server farm that somehow got forgotten when the network guy was on vacation in Hawaii.
What about Google and Amazon reading your data?
That’s what you really want to know about, right? There are rumors that Jeff Bezos and Larry Page get together at the weekends, laughing at their customer’s funniest emails and selling their corporate secrets to Russian mercenaries. They really only invented cloud services just to lure you into sharing your secrets with them.
Yeah, none of that is even remotely true and they have built billion dollars clouds precisely because they don’t do this. If this sounds nuts, let me add this — one Chief Operating Officer I met at a very large retail company told me that he would never, ever allow cloud in his business because Google and Amazon would steal all their point of sale transaction data and learn about their margins. Okaaay…
Security is the number one priority for all cloud platforms. They are all very, very secure.
But really, is my data safe?
Alright, here are some random thoughts to make you feel a bit safer:
Files stored in AWS are really held on multiple seal-healing hard disks which means they survive natural failure. This makes durability so impressive (99.999999999% — 11 9s, count ‘em!) that for 10,000 files stored, you would expect to lose a single file every 10 million years. If that’s not good enough, you can automate replication to other regions or other cloud providers and get so close to 100% that Extinction Level Events on a planetary level will be your biggest worry.
Encryption is a complex subject but in many of the key management systems, if you lose your own keys, nobody can read the data — not you, me, Amazon, Google or the NSA. There is no backdoor. Your key was the only way in.
The US government stores a ton of sensitive data in AWS (GovCloud) so Jeff Bezos risks the wrath of people trained in waterboarding if the security isn’t great. I’d hazard a guess that plenty of foreign governments have thrown their best minds into breaking in.
Often, we’re just trying to guard against stupidity
Finally, in my twenty glorious years in this industry, security failures are usually typified not by Homeland-style hacking squads bent on stealing your information, but the mundane stupid things that happen.
We once lost a team’s entire codebase because the lead developer kept it on his laptop and never checked it into source control — that was expensive.
A helpful intern once ‘cleaned up’ the shared drive at a company and wiped out all their marketing collateral for the last five years.
A client’s office kept their triply-backed up files all in the same building and it was washed away by floods.
And a receptionist installed viruses on an entire network by plugging in a USB stick to help out a sales rep off the street. He said just wanted to print a file.
Cloud providers give you the best processes, tools and practices to truly beef up your security game and, with the correct configuration, become world-class. Nothing in the on-premise world even comes close.
Nothing is Safer than Cloud was originally published in A Cloud Guru on Medium, where people are continuing the conversation by highlighting and responding to this story.
from A Cloud Guru - Medium http://ift.tt/2o6XmZl
#A Cloud Guru - Medium
0 notes
Last Seen Blogs
deepjackinacidradio
DEEP Jackin' ACID! - R A D I O
ahmedl208
قصص إسلامية
mphclub
Exotic Car Rental Miami | mph club™
thandongbolero
Thần đồng Bolero
tzzuwi