MongoDB hits 8.0; Microsoft's open-source data project
Today on Product Saturday: MongoDB focuses on performance and resilience, Microsoft tackles event handling with a new open-source project, and the quote of the week.
The shared-responsibility model is groaning under the weight of the modern security environment. Snowflake's ongoing nightmare should be a wake-up call for any infrastructure or SaaS provider that they need to do more to protect their customers, because the old model is no longer working.
Cloud computing's fundamental approach to security seemed like a great deal when it was first proposed to companies struggling to protect their self-managed infrastructure. The bargain was simple: we take care of the hard stuff, and all you have to do is control access to your account.
But the shared-responsibility model is groaning under the weight of the modern security environment, with its sophisticated threat actors, scarily good phishing scams, and automated attacks. Snowflake's ongoing nightmare should be a wake-up call for any infrastructure or SaaS provider that they need to do more to protect their customers, because the old model is no longer working.
Here's how Microsoft defines the shared-responsibility model, which is one of the better summaries of how cloud computing security has traditionally worked across its three major pillars: infrastructure services, platform services, and software services.
A diagram on that page outlines a sliding scale of responsibilities, from the on-premises world where the customer must manage everything to the SaaS world, where the customer manages very little.
For example, if you're a Microsoft Azure customer, you're not responsible for the physical security of the servers you're renting, but you are responsible for the security of any operating systems or homegrown applications you run on that cloud instance. A classic example of this model in action was the 2018 response to the design flaws in Intel chips that could have allowed attackers to access secure areas of those processors; cloud providers patched those instances with little or no disruption to their customers.
But no matter what level of cloud service you're buying, under the shared responsibility model, "you're responsible for protecting the security of your data and identities," according to Microsoft, and all cloud providers use similar language to describe the partnership.
Security experts have been sounding the alarm about that last statement for some time. While Snowflake did nothing wrong under the shared responsibility model, which holds that customers are responsible for properly securing access to their accounts, a growing number of people believe that cloud providers need to do more to protect their customers.
Leading that charge is CISA and its Secure by Design initiative, which all three major cloud providers have pledged to support but has not been adopted by the engines of the generative AI boom, Snowflake and Databricks. "Products designed with Secure by Design principles prioritize the security of customers as a core business requirement, rather than merely treating it as a technical feature," according to CISA.
For example, Snowflake customers who used multifactor authentication were protected against the attacks using stolen credentials, but Snowflake still doesn't require customers to use MFA and didn't even provide a way for customers to force their own users to adopt it until last week.
"If we give you the choice to do the right thing, and you can’t seem to choose to do the right thing, then maybe it just shouldn’t be a choice anymore,” Chester Wisniewski, director and global field CTO at Sophos, told CyberSecurity Dive.
But taking on more responsibility for account security will force enterprise tech vendors to accept more friction in the user experience of their products.
That could be a tough sell for vendors that have made onboarding and ease-of-use a big part of their product strategy. One reason why a lot of enterprise software companies haven't imposed stricter security policies on their users is because those policies can frustrate customers or break existing workflows.
And while every enterprise vendor promises that they take security very seriously, product teams tend to win arguments with security teams at companies that are desperate for revenue. At the very least, enterprise vendors need to provide easier ways for customers to detect anomalous login attempts or unusual activity, which is one reason why observability companies are thinking very hard about getting into the security market.
Security experts are hopeful that vendors can turn security into a competitive advantage, forcing everyone to follow suit. Google Cloud is trying to rebrand the shared responsibility model as "shared fate," and is reportedly willing to spend $23 billion on Wiz to double down on that strategy.
But it took legislation and a massive PR campaign to get car companies to provide seat belts, and even more effort to get people to use them. The path to a more secure cloud will likely be just as difficult.
(This post originally appeared in the Runtime newsletter on July 18th, sign up here to get more enterprise tech news three times a week.)