Should You Worry About Microsoft Azure’s SSL Certificate Snafu?

Should You Worry About Microsoft Azure’s SSL Certificate Snafu?

Just in case your head wasn’t in the clouds last week, you may have missed this story: the Microsoft Azure Cloud went down for hours, ostensibly as a result of a hacker attack, but in reality the side-effect of an expired SSL certificate. And if that weren’t bad enough, the SSL certificate snafu kept the site down for 12 hours.

Bonehead oversight, right? Everybody makes mistakes. Stuff happens. Fair enough. Should you be worried? Here’s some food for thought.

  • If Microsoft can’t get the simple stuff right, then can you trust them with the difficult stuff?
  • In particular, if Microsoft’s own governance infrastructure can’t enforce a policy as simple as “renew SSL certificates before they expire,” then how well does Microsoft handle governance overall?
  • When Amazon has outages, they provide detailed explanations of what happened, and what they’re doing to keep the same thing from happening again. I’ve poked around a bit, but I can’t find such an explanation from Microsoft. We’re waiting, Microsoft!
  • What were the techs at Microsoft doing for those 12 hours? Did it take them that long to figure out what the problem was? Or did they figure it out, but it took that long to fix the problem? Obtaining and installing an updated SSL certificate shouldn’t take more than half an hour.
  • What was Microsoft’s backup plan? The SSL certificate was a single point of failure. How many other single points of failure does Azure have?
  • Not using Azure? That doesn’t mean you’re immune. Who’s to say the same kind of bonehead mistake couldn’t happen at your Cloud provider?

The bottom line: Cloud Computing is still a work in progress. It may be amusing to pick on Microsoft, especially when they deserve it. But we could equally well heap our scorn on Cloud Computing in general. Expect and plan for failure — a best practice for all of IT, but especially in the Cloud.

Share the Post:
XDR solutions

The Benefits of Using XDR Solutions

May 24, 2023

Cybercriminals constantly adapt their strategies, developing newer, more powerful, and intelligent ways to attack your network. Since security professionals must innovate as well, more conventional endpoint detection solutions have evolved

AI is revolutionizing fraud detection

How AI is Revolutionizing Fraud Detection

May 23, 2023

Artificial intelligence – commonly known as AI – means a form of technology with multiple uses. As a result, it has become extremely valuable to a number of businesses across

AI innovation

Companies Leading AI Innovation in 2023

May 22, 2023

Artificial intelligence (AI) has been transforming industries and revolutionizing business operations. AI’s potential to enhance efficiency and productivity has become crucial to many businesses. As we move into 2023, several

data fivetran pricing

Fivetran Pricing Explained

May 17, 2023

One of the biggest trends of the 21st century is the massive surge in analytics. Analytics is the process of utilizing data to drive future decision-making. With so much of

kubernetes logging

Kubernetes Logging: What You Need to Know

May 16, 2023

Kubernetes from Google is one of the most popular open-source and free container management solutions made to make managing and deploying applications easier. It has a solid architecture that makes

ransomware cyber attack

Why Is Ransomware Such a Major Threat?

May 15, 2023

One of the most significant cyber threats faced by modern organizations is a ransomware attack. Ransomware attacks have grown in both sophistication and frequency over the past few years, forcing

data dictionary

Tools You Need to Make a Data Dictionary

May 12, 2023

Data dictionaries are crucial for organizations of all sizes that deal with large amounts of data. they are centralized repositories of all the data in organizations, including metadata such as

Show More