Your tech career depends on preparing for the cloud

If you’re among the skeptics who dismiss cloud computing as a mere buzzword, take heed: Major organizations have already started their transition into the cloud. If you work in the IT field, you’d best prepare, as your very career could be at stake.

Critics of the cloud maintain it’s not sufficiently secure or reliable to truly become a major platform. What they don’t get is that their CEO gets cloud computing in a big way: It’s cheaper, and the bottom line rules the day for your average CEO, especially during a slow economic recovery. Your company sells widgets (or whatever) for a living. That’s the reason for its existence. Your company didn’t want a six-foot-high matrix of hardware sitting in air-conditioned, raised-floored, supercomputer room with a staff of a half-dozen people to manage each major app.

[ Master your security with InfoWorld’s interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld’s Security Central newsletter. ]

CEOs know they can get rid of all that additional IT expense, including both hardware investments and staffing costs, by outsourcing to the cloud. Over the past decade, IT jobs were outsourced to cheaper foreign lands; this time, they’re being lost to the even-cheaper Internet.

Still skeptical? Consider this: Even the security-conscious U.S. government has adopted a cloud-first policy through which federal agencies are required to default to cloud-based solutions whenever a reliable, cost-effective option exists. Even the General Services Administration is getting rid of its U.S.-only data storage requirements. For those of us with decades of experience in the public sector, this represents a huge mind shift from the federal government.

The move toward cloud computing will impact IT jobs significantly. For example, if you set up server hardware for a living or if your job is focused on a single application that can be moved to the cloud, you should start preparing for cloud and data center jobs.

Whereas I expect network security and IT security jobs will, in general, be in as much demand as they are now, the necessary skills will change. Security pros will have to learn to embrace external locations, in that most apps are going to reside in the cloud and run in the browser. Make sure your browser troubleshooting security skills and tools are top notch.

Network security specialists will probably have the easiest time during the transition, because networks are still crucial to any cloud decision. The big difference will be that the traditional DMZ (or perimeter) design is dead. There will be private clouds, public clouds, and hybrids. Employees will contact all three, and more than likely, you’ll have external customers and business partners coming into your private cloud.

You’ll also have to start rethinking how to defend your organization against attackers. Traditionally, a bad guy takes over a trusted user’s computer and, through it, accesses system resources. In the future, it’s likely that intruders will have their own authenticated identities and be able to roam around the cloud and its services. It will be harder to distinguish legitimate users from miscreants, as the latter will be employing cloud authentication and originating outside the physical enterprise.

You can liken it to the challenges Microsoft and Google face in providing Web-based email services. Who is and isn’t an authorized user? It’s much harder to tell when you can’t completely control the originating authentication checks.

This is the last call for nonbelievers. Cloud computing is here in a big way and will affect you soon, if it hasn’t already. Bone up on your cloud architectures and cloud authentication models. There are plenty of cloud computing resources on the Internet, if you take the time to read them.

This story, “Your tech career depends on preparing for the cloud,” was originally published at InfoWorld.com. Follow the latest developments in network security and read more of Roger Grimes’ Security Adviser blog at InfoWorld.com.