4. W hat is Cloud? “ Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” NIST – National Institute of Standards and Technologies
5. Who is the owner of infrastructure? 1. Private Cloud – infrastructure owned or leased by a single organization and is operated solely for that organization 2. Community Cloud - infrastructure shared by several organizations and supports a specific community that has shared concerns, including security requirements 3. Public Cloud - infrastructure owned by an organization selling cloud services to the general public or to a large industry group 4. Hybrid Cloud - infrastructure is a composition of two or more cloud models that remain unique entities but are bound together by standardized or proprietary technology NIST – National Institute of Standards and Technologies
6. Essential characteristics of Cloud services • On-demand self-service - ability for an end user to sign up and receive services without the long delays • Broad network access - ability to access the service via standard platforms (desktop, laptop, mobile etc) • Resource pooling - resources pooled across multiple customers • Rapid elasticity - Capability to scale with demand peaks • Measured Service - Billing is metered and delivered as a utility service
7. Cloud Services Classifiction SaaS - applications designed for end-users, delivered on Web PaaS - set of tools and services designed to make coding and deploying those applications quick and efficient IaaS - hardware and software that powers it all – servers, storage, networks, operating systems
13. Software-as-a-Service SaaS Characteristics • Web access to commercial software • Software managed from a central location • Software delivered in a “one to many” model • Users not required to handle software upgrades and patches • Application Programming Interfaces (APIs) allow integration between different pieces of software
14. Software-as-a-Service Where SaaS Makes Sense: Pay for What You Use • Undifferentiated solutions – Ex.: eMail - competitors use the same software because fundamental technology is a business requirement, but does not itself confer an competitive advantage • Applications with significant interplay between the organization and the outside world . Ex.: eMail newsletter campaign software • Applications with significant need for Web or mobile access. Ex.: Mobile sales management software • Software to be used for a short term need . Ex.: Collaboration software for a specific project • Software with temporary demand . Ex.: Tax or billing software used once a month
15. Software-as-a-Service Where SaaS May Not be the Best Option While SaaS is a very valuable tool, there are certain situations where it is not the best option for software delivery: • Applications with real time data processing is required • Applications where legislation or other regulation does not permit data being hosted externally • Applications where an existing on-premise solution fulfills all of the organization’s needs
16. Platform-as-a-Service Characteristics of PaaS • Services to develop, test, deploy, host and maintain applications in the same integrated development environment. • Web based user interface creation tools help to create, modify, test and deploy different UI scenarios • Multi-tenant architecture where multiple concurrent users utilize the same development application • Built in scalability of deployed software including load balancing and failover • Integration with web services and databases via common standards • Support for development team collaboration – some PaaS solutions include project planning and communication tools • Tools to handle billing and subscription management
17.
18. Platform-as-a-Service Where PaaS May Not be the Best Option • Application needs to be highly portable in terms of where it is hosted • Proprietary languages or approaches would impact on the development process • Proprietary language would hinder later moves to another provider • Application performance requires customization of the underlying hardware and software
19.
20. Infrastructure-as-a-Service Where IaaS Makes Sense • Where demand is very volatile – any time there are significant spikes and troughs in terms of demand on the infrastructure • For new organizations without the capital to invest in hardware • Where the organization is growing rapidly and scaling hardware would be problematic • Where there is pressure on the organization to limit capital expenditure and to move to operating expenditure • For specific line of business, trial or temporary infrastructural needs
21. Infrastructure-as-a-Service Where IaaS May Not be the Best Option • Where regulatory compliance makes the offshoring or outsourcing of data storage and processing difficult • Where the highest levels of performance are required, and on-premise or dedicated hosted infrastructure has the capacity to meet the organization’s needs
24. Customer buying criteria Each provider is offering different services, pricing, delivery, and support capabilities. While cost, scalability, expertise, and operational stability are main criteria for a customer, there are other important factors that influence the decision, such as: - service and support - applications hosted in the cloud, information services, business process services - years of experience and customer portfolio - security services: - the protection of data during transit and in storage - encryption and decryption; disaster recovery; restricted access; intrusion protection and firewall services. - security documentation and certifications - performance, availability, provisioning time, and issue resolution - the billing model - the exit plan - provider's flexibility
25.
26. Security in the Cloud According some recommendations of Cloud Security Alliance: • Pay attention to application security architecture, tracking dynamic dependencies to the level of discrete third party service providers and making modifications as necessary • Use a software development life cycle (SDLC) model that integrates the particular challenges of a cloud computing deployment environment throughout its processes • Understand the ownership of tools and services such as software testing, including the ramifications of who provides, owns, operates, and assumes responsibility • Track new and emerging vulnerabilities, both with web applications as well as machine-to-machine Service Oriented Architecture (SOA) which is increasingly cloud-based
27. 10 Cloud Predictions for 2012 1. The Empowered Shall Lead Us 2. Try build a private cloud, even the first will fail 3. Hosted private clouds will outnumber internal clouds 3:1 4. Community clouds will arrive, thanks to compliance 5. Workstation applications will bring to the masses 6. Cloud economics gets switched on. Being cheap is good 7. The BI gap will widen 8. Information is power and a new profit center 9. Cloud standards still won’t be here – get over it 10. Cloud security will be proven, but not by the providers alone
28. BSA Global Cloud Scorecard A roadmap for the initiatives and policies that countries can — and should — take to ensure that they reap the full economic and growth benefits