Misadventures in HPC Cloud Migration #2

Remember when you were a kid (or maybe more recently), and you played a game that started off with someone whispering something into the ear of the person next to them. Then that person whispers it to the next. And so on, till finally the last person says it out loud. Followed by much hilarity and everyone falling about laughing as it no longer bears any resemblance to the original.

That’s pretty much how implementing security and regulatory requirements works. Except people fall about crying not laughing. And with each whisper a more conservative interpretation of the requirements is invented. Till finally the poor development team at the end of the chain has an impossible task.

If the aim was to deliver security by ensuring nothing can move to #cloud, this is will get the job done. Especially as #HPC applications in #FinancialServices generally contain confidential, personally identifiable information, personally sensitive information, client identifiers and pretty much every other data buzzword that will fill up CISO’s bingo card.

Look, I get it. Azure losing keys that allowed hackers access to government email or Google losing months of files on Google Drive doesn’t exactly fill you with a warm fuzzy glow when moving your workload to the cloud. Dread maybe…

Making migration virtually impossible for applications though isn’t the answer. Time to find those big scissors used for cutting up red tape.