Until recently, I was working at a company that was in the process of migrating their datacenters into the cloud. Their policies, written many years ago, stated that information had to go through their corporate firewalls. During the Covid-19 outbreak that saw 95% of the workforce working from home, this was nevertheless interpreted to include corporate e-mail (which was stored in the Office 365 cloud) and video-conferencing (hosted through Zoom, WebEx, and other cloud providers). This caused tremendous latency and led to poor transmissions. When I asked why we were forcing our users to route their WebEx and Zoom traffic through a corporate (on-premises) virtual private network (VPN), I was told simply that: “Because the Corporate IT Security Policy requires it.” Based on that, I wrote the following article. It was not published at the time, but a couple of the co-workers I shared it with did take up the cause to have the policy changed. –MDG
I used to live in a part of Glendale, California called Adam’s Hill… thusly named because yes, we were on a hill. If you are at all familiar with the topology of the Los Angeles area, you know that there are several hills and mountains to it; when I looked out from my patio (which was essentially the top of Adam’s Hill), I could see in the distance – maybe five miles away – the next hill. Traffic in Los Angeles can be extreme, so it is likely that for me to get to the next hill, through all of the side-streets and with all of the traffic and streetlights, it would take me an hour… which is to say, I would get there at a rate of about five miles per hour.
Imagine I needed to get to the next hill on a daily basis, and I had all the money in the world… I decide to build a highway overpass that reaches from the bottom of my driveway right to my destination on the other hill. At a reasonable clip of seventy-five miles per hour, I have now cut my trip from one hour to four minutes… at a tremendous cost, but for whatever reason I thought it was worth it.
The federal government sees me working on this project and determines that I cannot just build a road straight through, but I would have to build inspection booths at either end to make sure of whatever they want to make sure of. They determine that each inspection – source and destination – will take five minutes. Okay, my initial one-hour drive what had initially dropped to four minutes is now up to fourteen minutes. This is a little frustrating, but it is still a tremendous savings.
The state government gets involved, and they determine that every highway must be patrolled by California Highway Patrol, and because the road is only thirty feet wide, they are imposing a maximum speed limit of fifty-five miles per hour. I am, of course, a law-abiding citizen, so I will never exceed the speed limit. Okay, what could have been a four-minute trip is now a fifteen-and-a-half-minute trip. This is getting a bit silly…
The municipal governments look at my road and determine that my road goes through several residential neighbourhoods, and because of that, both to protect our children and to limit noise pollution, they have decided I need to install speed bumps that will limit my car’s ability to exceed ten miles per hour. Now what would optimally have been a four-minute trip has now expanded to a forty-minute trip.
There are two ways to look at this:
- 40 minutes, down from 60 minutes, represents a 33% time saving; every work week I will have saved 100 minutes in commuting.
- With the tremendous amount of investment dedicated to this project – including time, manpower, cost of materials, cost of labour, permits, and such – we could have expected as much as a 90% time saving, and the mere 33% saving is paltry indeed.
So, where did our project go wrong… if at all?
It is easy to say that all of the levels of government had valid points to make about the road. They have, after all, been building and managing roads for many years. However, if this is a new style of road, using completely new technologies and accepting only the most modern cars, is it still true that all of the legacy rules that were important in the past should still apply to our road?
If we are building a solution using new technologies, rather than standing our ground firmly stating that the rules (and technologies) we have always implemented should be equally implemented here, would it not make sense to reevaluate each of these? This is not to say that all of our old rules and technologies should immediately be discarded… but is it not worth reviewing to see if they are still relevant to modern infrastructure?
As an example, do municipal speed limits that protect pedestrians matter on a road that is inaccessible to pedestrians? If the noise created is undetectable to anyone who is not at the same level as the road, is it important to manage it?
I ask these questions because we, as the IT Professionals managing our organizations, have for many years done an outstanding job of protecting our datacenters. However, in an era where the datacenter is becoming less relevant, and where cloud tools have modern tools that can protect them, should we not look at these, rather than focus on what worked well in the past?
As did most of us, I grew up in the datacenter. It was not always easy, but I have learned to let go of a lot of what was, in favour of what is now. Can we keep these questions in mind as we continue to migrate our company into the cloud?