In the US? Using Medicaid? There's a good chance DXC is about to boot your data into the AWS cloud Wonderful news for some US Medicaid patients: king of the cost-cutters DXC is planning to shunt their data into Amazon's cloud. In a memo seen by The Register, software, services and severance outfit DXC said it has signed off on migrating systems that are used by millions of US state Medicaid recipients to AWS from its …
Given the chaos that DXC appears to be, putting data into the cloud is practically a guarantee that there will be a ginormous cockup that will leave millions of private people's data for the world to see.
That decision is going to cost a lot more than DXC is ready to budget for, I am sure.
Incorrect, not just poor people. Almost every medical insurance policy in the USA requires all policy holders which are of Medicaid age to file all claims with Medicaid FIRST. Then the private insurance pays the leftover. Thus, except for the fabulously rich 1%, every other person in the USA over 65 years of age will have their data in DXC.
Cloud or not, I think it’s fair to say that if you’ve given any part of your infrastructure to DXC, that boat has already sailed (with the exception of the multi-user bit).
I’ve seen a lot of on-prem infrastructure in organisations large and small, and it’s been almost universally horrible. Inflexible, poorly designed, poorly maintained and offering only the most basic services. DXC have been near the epicentre of some of the worst of this, but it’s true for other suppliers and internally managed data centres too.
On the other hand, using AWS provides access to probably the most sophisticated virtual data centre infrastructure in the world, built by some of the best engineers in the world, with a wide breadth of pre-canned services that can be accessed in minutes with a few lines of Terraform rather than a multi-week/month procurement/design cycle. And then run by a company that has a track record of generally delivering on its promises.
So while it’s technically true that you’re running on someone else’s computer, in the sense that most of AWS is software, it’s kind of missing the point. Your “that others are using” comment is also mostly irrelevant nowadays; noisy neighbours haven’t been a problem for ages. If you’re worried about the sort of attacker profile that could pull off attacks through hypervisor escalation etc., fair enough, but you probably should be completely airgapping your entire desktop and server infrastructure from the Internet in that case. Rowhammer was fixed in AWS before it was even public, was your on-prem vSphere? It’s a somewhat niche requirement.
Most organisations, IMHO, would be better off concentrating on fixing their “crap” that they’re deploying rather than trying to replicate AWS internally, badly, with a fraction of Amazon’s resources and starting from where Amazon was circa 7 years ago. Perhaps where you work is the exception...
You do need platform engineers good enough to not leak keys via public GitHub repos, though. And a fair amount of up-front thinking/design on the foundational design. This is hard, but not as hard as the equivalent on-prem.
I am going to be controversial and state that after 25 years in the IT industry working for some very large Red and Blue companies and looking into some of the largest government and commercial IT teams and facilities I can state that giving the infrastructure component to AWS to manage is probably a good idea as there is less chance of AWS stuffing it up :-) As to the Application Layers and the Migration Project in the "Shared Responsibility Model" I am sure that there are many El Reg readers with a better insight into this organisation.
https://www.investopedia.com/articles/personal-finance/081114/medicaid-vs-medicare.asp
>Medicare is an age-based federal health insurance program that guarantees coverage for individuals ages 65 and over and some younger people with disabilities. By contrast, Medicaid is a public assistance program for needy Americans of all ages.
In other words, 1 of the 2 is considered politically expandable. Yes, the DXC-bound one, why do you ask?
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2022
