What is cloud?
“Describing a service offering as a cloud is like describing a female astronaut with a PhD in
astrobiology and an MD with specialty in cardiovascular surgery as a mammal” – Jim Stikeleather.
According to the Cloud Security Alliance (CSA), cloud enhances collaboration, agility, scaling, and
availability, and provides the potential for cost reduction through optimized and efficient computing.
SaaS- software as service (Consume)
This business model abstracts the underlying infrastructure and platforms even further to provide
direct functional access to the application and its capabilities. The process of scaling and managing
the resources is hidden from the consumers, e.g. salesforce, servicenow.
IaaS- Infrastructure as a service (Host)
This model offers basic compute, network or storage services (e.g. VM, block storage, firewall) and
sometimes software packages. These resources typically exhibit the core characteristics (e.g. they
can scale, are self-provisioned) for example: Rackspace, amazon ec2, amazon s3.
PaaS- Platform as a service (Build)
This model typically provides a computing platform along with necessary application build/run
environments (e.g. database, webserver, programming language framework and environment.).
Often, this method scales automatically in order to meet application demand. E.g. heroku, openshift.
Why use cloud computing?
It provides, Velocity, growth, cost reduction and consistency!
Velocity- service delivery (self-service)
Growth – On-Demand Resources (elastic)
Cost reduce – cost effective solutions (metered)
Consi – reduced risk (service orientated)
Deployed in three models
-open
Cloud resources are rendered over the internet or an open network. Public cloud is typically owned
and operated by commercial service providers who own and offer access to consumers for example,
AWS, Rackspace, and Salesforce.
-hybrid
A combination of one or more public or private clouds, bound together by a common fabric. This
model allows consumers many options to meet their business requirements and fits the cloud to
need.
-enterprise private
Cloud resources built specifically for an entity (group, org, company). Infrastructure can be hosted
internally or externally and also managed internally or by a third party.
Five key characteristics
1. Self-Service
a. Cloud consumers can provision and manage servers, systems and resources through
a single portal or developer API. There is also an On-Demand component, which
indicates that resources are always available to the consumers.
2. Broad Accessibility
a. Cloud services are delivered consistently. They are available and accessible through
standard, heterogeneous platforms ( for example laptops, desktops, mobile devices)
3. Shared
a. Cloud resources are pooled for maximum efficiency and then shared across many
consumers in a multi-tenant model. This model optimizes resource allocation and
financial efficiency.
4. Elastic
a. Resources can scale based on usage. Scaling up/down typically means that server
resource allocation (CPU/RAM/storage) can dynamically change. Scaling in/out is
thought of as adding or subtracting host nodes to an application based on demand.
5. Measured metered
a. Usage is calculated based on what is consumed by the user. This typically is referred
to as a ‘pay-as-you-go’ model and is similar in concept to your basic home utilities
(example being water and power).
ITaaS
Is an operational and organizational shift to running IT like a business and optimizing IT production
for business consumption?
-
New technology models
New consumption models
New operational models
Cloud is not a perfect solution and often comes with concerns and questions from the industry and
consumers
Five important areas with cloud
1. Security and risk
a. Provider security posture ( cloud companies must provide security
b. Governance
c. Application security
i. Users of public cloud run the risk of:
1. Collateral damage
2. Virus attacks
3. Service interruptions
4. Incident response may be slow
5. You may not be able to see what your provider is doing, or have
visibility to your resources running in the cloud.
6. Some cloud providers may actually be storing your data on a
different cloud providers platform.
2. Privacy
a. Will an unauthorized entity have access to my data?
b.
c.
d.
e.
How will my data be segregated?
How will my data be destroyed?
Where will it be physically located?
How will my data be treated during the move?
Cloud computing risk:
Data stored on third party servers
Limited control
Inadequate security
System breachers
Compromised data
Legal problems
3. Compliance
a. Can be an increased cost
b. May require a cloud service audit
c. Audit and compliance risks
d. Security risks
e. Information risks
f. Billing risks
g. Contract risks
4. Vendor lock-in
a. In which a consumer using a service can not easily transition to another business
service
b. Proprietary and compatibility
c. Inefficient processes
d. Contract constraints
e. Many customers stay with a provider that doesn’t meet their needs, just to avoid a
cumbersome migration process.
5. Performance
a. Nosy neighbour
b. Provider capabilities.
c. Resource disparity
“An enterprise IT organization acting as a cloud provider to users of its hybrid cloud needs to
guarantee service without the control over the performance of public cloud services in its
environment.”
Summary
-
An abstract yet complex concept
A foundational element
A defining force with the enterprise and a fundamental in future architectures
A disruptive technology with many opportunities to help IT organizations.
Questions
1. Cloud is a clearly defined technology delivery mechanism
a. True
b. False (Correct)
2. Which of the following is not a consideration with cloud?
a. Performance
b. Compliance
c. Limited Choices(Correct)
d. Privacy
e. Security and risk
3. IT as a service (ITaaS) is an operational and organizational shift to running IT like a business
and optimizing IT production for business consumption.
a. True(correct)
b. false