Multi-tenant is the cloud's linchpin and it's disingenuous to pretend otherwise. The offerings of and outlook for cloud providers would be very different without multi-tenancy.
While single-tenant options may be available for some configurations, you'll pay through the nose, and there are many limitations (e.g., EBS-backed volumes attached to your single-tenant instances still run on multi-tenant hosts). Moreover, few if any of the managed cloud services, which are what really drive cloud adoption, have any concept of single tenancy.
Even after all this, the risk is only partially mitigated, because you're trusting Amazon's management toolkit and staff to respect these boundaries and to not have any bugs that may inadvertently expose access or data to third parties. Considering single-tenancy is such a small segment of their business, I doubt this is a major consideration, and even if it is, it's a lot of eggs to put into a basket that's completely out of your control.
There just isn't much of an argument for a group that's serious about security to commit hardcore to "the cloud", yet virtually every company I've encountered in the last few years is pushing this hard, and actively ostracizing anyone who tries to inject some moderation or sanity into it.
I appreciate the convenience of cloud offerings as much as the next guy, but it's out of control, and the complete disregard for the implications of hardware bugs that fundamentally undermine the supposed security model is a great representation of that.
While single-tenant options may be available for some configurations, you'll pay through the nose, and there are many limitations (e.g., EBS-backed volumes attached to your single-tenant instances still run on multi-tenant hosts). Moreover, few if any of the managed cloud services, which are what really drive cloud adoption, have any concept of single tenancy.
Even after all this, the risk is only partially mitigated, because you're trusting Amazon's management toolkit and staff to respect these boundaries and to not have any bugs that may inadvertently expose access or data to third parties. Considering single-tenancy is such a small segment of their business, I doubt this is a major consideration, and even if it is, it's a lot of eggs to put into a basket that's completely out of your control.
There just isn't much of an argument for a group that's serious about security to commit hardcore to "the cloud", yet virtually every company I've encountered in the last few years is pushing this hard, and actively ostracizing anyone who tries to inject some moderation or sanity into it.
I appreciate the convenience of cloud offerings as much as the next guy, but it's out of control, and the complete disregard for the implications of hardware bugs that fundamentally undermine the supposed security model is a great representation of that.