Few technologies have had throughout history such a rapid acceptance among enterprises, including small and medium-sized (SMEs), as cloud computing. This model, which allows the use of different kinds of software as a service, is increasingly adopting facilitating innovation in companies and at the same time, enabling them to be more agile.
Cloud computing drives innovative attitudes within a company and, in some cases, can be considered as a first step to be a beneficial organizational culture of innovation. Companies of all sizes are increasingly taking business processes to the cloud.
This is because the new generation of business applications that run on cloud brings with it not only the flexibility needed by business lines (purchasing, HR, marketing, sales, etc.) to operate and turn, but also the integration that is necessary to automate and connect all the organization’s processes with each other. The cloud solutions boost efficiency, reduce costs and accelerate the adoption of technology trends such as mobility, data analysis (including real time) and big data.
Investing in a cloud solution adds new values to companies that can operate in real time, sharing information efficiently and securely between company employees. The agility and the ability to access real-time information are not just that cloud computing can provide.
Working in conjunction with other strategies, the use of cloud software brings the short and long term benefits such as greater analytical potential and agility in business application databases to add, compare and evaluate several possible scenarios and information within the company; access via mobile devices to detect changes, and share information with employees without thinking about their location.
The cost is also an important benefit that the cloud offers to the companies. Cloud computing allows companies to incorporate the latest innovations in the field of information technology without having to bear the extremely high software license acquisition costs and not to the implementation of an infrastructure (systems and hardware) specific to rotate applications. In this software acquisition system, are only subject to payment of a monthly fee for the specific applications being used and that are hosted on the cloud server.
Other Advantages: The solutions running in the cloud tend to be flexible enough to be configured according to the demands of each company in a very reasonable time. In addition, the cloud software interfaces are often similar to applications that people use every day on their smartphones or tablets. Therefore, no need to train staff to use the tool.
Finally, I highlight the cloud breaks a paradigm related to consumption by SMEs technology. The technology allows these companies to really focus on the conduct of its business and not worry about the acquisition and management of IT. It is also a pioneer in giving access to the latest innovations without having to fiercely consume budgets. So now that the market is more competitive than ever, SMBs can better compete with large companies.
You just have to add cloud in your business. What was once trend now shows a key tool for the growth of any organization.
What you’ll do? Wait a little longer and run the risk of leaving your competitors in front or anticipate them to be more agile, innovative and competitive?
Moving email in the cloud is one of the most crucial tasks businesses need to think about. Since, cloud computing services are new to most of the businesses, its necessary for them to understand the term “cloud computing”, services and its benefits to compete with their rivals using cloud services.
Often people describe the term “cloud computing” in many different ways. In simple words, cloud is a computing model which offers applications, software’s, storage and resources over a network (typically the Internet). Comparing virtualization and cloud, you will find that cloud expects world without barriers. It offers various benefits to all sized businesses, despite these facts businesses still have high concerns in regards to the security and privacy of data as well as the possible unavailability of the services offered by the providers that prevents access to the data.
In the market, there are four deployment models of cloud available that are private cloud, public cloud, hybrid cloud & community cloud. Each have its own characteristics and applicable to a different requirements.
Basically, a private cloud is used by an organization that requires more security and privacy. The organization has to bear the costs of control, support and building the private cloud infrastructure in their organization.
Public cloud is an ideal solution for SMBs, as it is cost-effective and most of the services and web-based applications rely on it such as voicemail, free email services, free social networks, and more.
The hybrid cloud is a model where the organization can make use of both private and public as per their requirements. Whereas, the community cloud is a deployment model which contains a number of companies that are known to each other and shares the cost of the infrastructure. The community is quite common in some market, where companies are of same group.
Market Share of Cloud Computing Technology
The cloud computing based cloud hosting services are considered as the best IT solutions of the 21st Century. In order to save green, reduce energy consumption, carbon emission, and to minimize the investments on the IT resources, most of the U.S. companies are are planning to adopt the cloud-based services. It is revealed from the study by Carbon Disclosure Project that the adoption rate will accelerate from 10% to 69% by 2020. It is also clear that Latin America is leading the adoption of cloud computing.
Despite the benefits, all the legal aspects like risks posed by cloud technology and the country where the data will be stored must be taken into account before implementing the cloud services.
One of the important reason for moving email in the cloud environment is the notable efficiency attained by this computational model. Many of the corporations doesn’t have users in hundreds and thousands nowadays. However, a cloud service provider has an ability to offer these services to millions of users at cost-effective rates. Furthermore, due to limited budgets it is common to have limited internal email storage, however, an email in the cloud doesn’t have such limits. Since, the cost is minimal and is determined per usage, even small and medium companies can afford greater storage capacity in much lower costs.
However, when it comes to migration of your corporate emails in the cloud, you need to be more careful as most of the businesses depends on their data, be it emails or any other kind of data. Considering the legal aspects, the cloud model which you are going to implement must be in legal compliance, adhering to the rules of the country where your data would be stored by the provider. The territorial issue is much much more important as you can easily take required actions against the company in an event of data loss.
Therefore, it is vital to give attention towards the small print of “Terms & Conditions” and “Service Level Agreement” before deciding to opt for the email in the cloud solution. Also, its customers responsibility to make sure that the cloud provider offers everything required and provide necessary guarantees and systems for security control. When moving email in the cloud various things like hidden costs, legal issues, security aspects must be considered and ensure that all the legal aspects are included in the terms and agreement print.
It seems that all organizations are analyzing what can be moved – or should be moved – to the cloud. However, the cloud is clearly not the answer for all; As with any technology, there are advantages and disadvantages. Thus, it is important that all professionals understand how and when the cloud is advantageous for their applications.
In the assessment and planning of migrating applications to the cloud process, the databases are usually the most difficult element to understand. Of course the data is the heart of every application, so it is essential to know how databases can function reliably in the cloud.
Here are some ideas and recommendations to keep in mind when thinking about moving databases to the cloud:
1. It All Starts With The Performance
If I had a penny every time you hear “the cloud is very slow for databases”, sure I would have enough to buy a double cappuccino. The uncertainty of the performance is the main concern that prevent traders to move their databases to cloud or virtualized environments. However, concern is often unjustified, since many applications have performance requirements which are easy to fit in a number of different architectures of cloud. The cloud technology evolved over the past three years and today already offers several deployment options for databases, some of them with very high performance capabilities.
2. Visibility Can Help
The easiest way to solve performance problems is putting a lot of hardware to run, but obviously this is not a good practice and it is not very profitable. A monitoring tool for database can help you understand the true requirements of the database and resources of your application. We can think about things like CPU, storage, memory, latency and throughput of storage (IOPS can deceive); planned growth requirements and backup storage; oscillation of resources based on peak usage or application in batch processes; dependency and connection data – beyond connectivity applications, there may be other requirements for data exchange between applications, backups or data stream input.
One advantage of the cloud is the ability to dynamically scale resources vertically or horizontally. So, instead of being a source of uncertainty concerns of the performance, it can really give you the peace of mind because the right amount of resources can be allocated to your applications to ensure proper performance. The key, however, is to know what those requirements are.
3. Take a Test Drive
One of the obvious benefits of the cloud is the low cost and accessibility. Even if you are not already developing a migration plan is a good idea to play with cloud databases to familiarize yourself, test and learn. In an hour of your time, you can put a database running in the cloud. Set it up, play a little and then throw away. The cost is minimal. With a little more time and a few rupees more, you can even move a copy of a production database to the cloud, testing, deployment options and learn how your application and the database will work in cloud.
4. Carefully Plan Your Deployment Model
The cloud offers several deployment options that should be considered. For example, the Database as a Service (DBaaS) offers simplicity in deployment, automation and a managed service. Leverage Infrastructure as a Service (IaaS) is an alternative to running instances of the database in cloud servers, which provides more control and that looks like a traditional physical deployment. There are also multiple storage options, including storage block units SSD , IOPS guaranteed, dedicated connections and optimized instances of databases. Cloud is primarily a shared environment, it is also important to understand and test the uniformity and variability of performance, not just the theoretical peak performance.
5. Take The Step
There is not a single migration plan covering all use cases. Instead of trying to use a formula to make the move to the cloud, I recommend talking to your cloud provider, explaining your environment and getting the proper guidance. In general, it is also a good idea to create a duplicate environment in the cloud and make sure it works well before changing the production application. And, beyond the requirements of recovery and data backup, is also important to consider the replication servers or waiting in a different region from which its major servers are.
6. Monitor And Optimize
As with deployments in place, it is important to monitor and optimize your cloud environment, then it is working. Optimization tools for database provide analysis of the waiting time, and the correlation of features can speed up database operations significantly, alert you when there are problems (before they become big problems), increase application performance and monitor resources to help with planning. The database administrators, developers and IT operations can benefit from a tool for performance analysis that enables them to write good code and identify the root cause of everything that might be leaving slow the database, as queries, event storage, server resources etc.
The cloud is evolving rapidly. It’s getting better, more reliable and more flexible all the time. As occurred five years ago, when most people could not imagine the transformation that would promote the cloud today, we should expect that technology continues to evolve at the same pace over the next five years. This is one more reason to start experiencing the cloud today. It is not just a journey that requires to break some paradigms and change your way of seeing things, but also a journey that can provide meaning to the applications and benefit at work.
The expression “Being in the Clouds” brings us comfort and a sense of superiority. Cloud computing – cloud hosting – is moving increasingly to a destination with no return: the consolidation as an essential tool for the future existence of the internet world.
According to a report recently published: “The cloud will be more important than the internet”. The perceptions we had about the internet in the 90s were minimal compared to what is available to us today. We believe that same will happen with cloud computing.
Cloud computing is already a reality
In a few years cloud computing will be essential for the continuity of the Internet itself as a whole.
The need for physical space, high energy costs and especially the ideology that we can have a better economy and technological harnessing idle resources to work with, will – and already do – that cloud computing is a global reality.
A survey conducted found that only 10% of the people interviewed were using cloud computing solutions, while in July this year the same question was asked and the number surprising: 66% of people interviewed already use cloud computing solutions. These numbers represent the power of evolution and impact of cloud computing for individuals and corporations around the globe.
Arguments in favor of the use of Cloud Computing
There are several lines of argumentative reasoning in defense of Cloud Computing, but all are consolidated on a few points:
Elasticity Demand: Unlike physical servers hiring, as there are already a pool of machines, ie, a structure of computers ready for use, cloud computing allows you to increase or decrease the resources of your server in seconds. Compared to dedicated servers, for example, this type of change could take hours, maybe even days;
Cost Savings: There is a better use of server resources, which, once working together, allow the full use of memory, processing, disk space, etc.
Speed: The more we enter the digital world, the more we realize that speed is critical for decision making, whether positive or negative. Everything in cloud computing is connected and allows immediate interaction, changes are applied at the time sent and a better use of time is also felt.
Basically cloud computing consolidates three major needs of our century technology: Autonomy with high agility and cost reduction, a phrase that everyone likes to hear!
As the discussion about cloud computing becomes more intense, one question becomes clear: companies do not want to get locked into a single cloud provider. Seek freedom to move between private and public clouds, and switch vendors according to computing needs, whether they are growing or shrinking. Another great desire of the business owners to move applications and workloads according to business requirements.
But users and cloud providers are at different stages in relation to this issue and the integration will likely take to happen, or may never happen.
Standards are emerging now and can take years to be fully developed
In the opinion of Gartner research institute, even on an open cloud computing legislation closes, each provider will continue to implement their own standards to differentiate their offerings and products of the competition. Expert from Gartner team points out that vendors do not want the clouds become commodities only because they do not want to compete based on price.
It is unlikely that the industry reaches a point where there is some format that allows applications to “magically” move to different clouds. In part, this situation is driven by the fact that “there is so much innovation going on right now”.
Hitherto, the lack of standards is not preventing customers migrate to the cloud, although it is perhaps an inhibitor. The company’s strategy has been to demonstrate that the internal migration of applications to public clouds is possible.
For this, the executive set up two scenarios for proof of concept, one for disaster recovery and other technical support. Selected the eNlight Cloud software to migrate applications, because of the safety and ease of use. And the initial tests were successful and managed by internal IT staff.
After doing research for a couple of days, we learned that it takes a little longer than we thought to make the communication between the clouds, mainly because it was migrating physical applications to the cloud and it was necessary to convert them to a virtualized version before moving them to the cloud of destiny.
The feasibility of migrating an application to a cloud destination has to do with the maturity of the application, legacy applications are costly to be virtualized. Virtualization is the first step to move applications to the cloud and this is a point that most experts agree.
Legacy applications do not always work well or consistently when virtualized and this increases the complexity of migration. The strategy chosen was to select the executive non critical applications for day to day as a way to validate the cloud model and also the internal gain.
Defining integration in the cloud and why getting there is difficult
Like the word cloud, integration can have different meanings. You could say, for example, which is the ability to move applications from one environment to another, running the right way at the two sites. Or it may mean applications running in different clouds, but sharing information, which may require a set of interfaces in common.
For still others, cloud interoperability refers to the ability of the client to use the same management tools, server images and software, with a variety of cloud providers.
The essence of the problem, however, is that the environment of each cloud provider supports one or more operating systems and databases. Each cloud contains different features like hypervisors, processes, security, storage, a network model, a cloud API and licensing models. Rarely, if ever, it is possible to have two service providers implement their clouds exactly the same way and with the same characteristics.
As in traditional software and hardware world, interoperability in the cloud will occur first in the lower layers. In the infrastructure layer, there is the Open Virtualization Format (OVF) and the rules for XML, HTML and other protocols. A laborious process.
If you are only moving parts of the application, and then the other, it may be that the company is returning to the cloud of origin and the data interface and then switch Application Programming Interface (API). After that, there will be questions about security, performance and latency. If you are moving heavy applications – like database, middle-tier software, user interface software, and so on – then you will not need to worry about any of these points.
Versions of operating system and hypervisor that do not correspondence, can produce conflicts that are not easy to solve. The application may have been designed to use specific storage technologies to achieve performance targets – storage technologies that target the cloud does not use.
Nearly every cloud has a unique infrastructure for the provision of network services and applications between servers and storage. The differences are sensitive to network addressing, directory services, firewalls, routers, switches, identity services, naming services and other resources. Other cloud providers may have a different network architecture of cloud origin.
Cloud providers make their own choices about security policies: who has access to what resources, software update rules, policies for use of data and records and so on. Application users and owners often have little choice in terms of security in the cloud. Applications must operate within certain areas of security and cloud providers cannot support them, or they can make changes that impair the safety requirements of the application.
Familiar management tools often are not available in the cloud destination or work in a limited way. Differences between the drivers, tools, operating system configuration or version of each play key role at this point. Upgrade solutions and software used on original cloud need to be adapted to the target cloud. Encryption also need to be present in the “bridge” between the cloud and the source destination.
Gartner firm explains that even if there are integration issues in the cloud, these are resolved over time, the movement of large volumes of data between the clouds will still be a challenge because of latency issues and the time required for migration them. When you move an application usually has to take the store with him.
While many people weigh the costs of sending data between the clouds, do not like what they see.
Migrating an application cloud to cloud means separate it from the original ecosystem. Each company must decide whether this action is appropriate for the business, since it can involve the reconstruction of applications of cloud origin. Are you willing to redo the application to send it to another cloud? The differences between the clouds can trigger a series of problems of integration.
Standards are close
What is needed to eliminate these concerns is the creation of standards for the cloud, similar to TCP / IP, targeted networking. It would be something like an API implemented on all products and cloud services, providing seamless interoperability.
But for Forrester Reaserch analyst, a common cloud API is not part of the future plans of the suppliers. It sees pressure creations of patterns far from where the market is at the moment.
Some cloud vendors are creating their own APIs with open standard. VMware, for example, submitted its vCloud API to the Distributed Management Task Force (DMTF) that molds and Red Hat also showed his Deltacloud platform. Now the VMware vCloud is VMware for use in private clouds and public cloud partners, offering users some options for interoperability in the environment.
The only cloud pattern that exists yet is the Open Virtualization Format (OVF). However, it only refers to the packaging of virtual machines for easy mobility.
As interoperability standards between cloud platforms are not yet defined, what to do when adopting the hybrid cloud model?
For starters, do not expect interoperability standards are established or changed. While you wait, you lose the benefits of cloud computing. In an environment of large changes in the potential benefits can be great, the best decision is to study and make a choice.
Market consultants recommend two steps to developing a flexible architecture in this scenario. The first is to make sure that the application and its supporting components do not rely on operating system and infrastructure. Ie, use mature languages of fourth-generation, such as Cognos, Focus, Clipper and other systems or as Java, to improve application portability.
The second is to find a management platform for applications that can support in any other environment.
Some cloud users indicate that they will use a set of strategies to select the provider of cloud. They plan to mix and match the best suppliers to ensure that the company will receive all the innovation that is available in the market. But even if this works out for mixing software on premise, there may be significant problems in integration and other issues related to cloud.
For a given supplier, the company will have to pay higher operating costs to manage this type of implementation strategy. It is likely that the company still needs to rely on multiple management tools and a group of people dedicated to the operations of tools and still may be a need to manage multiple contracts. Without standards, the overhead with the approach best-of-breed can be very high.
Know the three types of Cloud Computing and the main characteristics of each one.
Currently, the importance of Cloud Computing around the world is undeniable. The attention that the topic has received at conventions, fairs technology, among others, shows that this business model is here to stay.
In cloud computing, there are three types of organization for service delivery, infrastructure, data storage, and software platforms: Private Cloud, Public Cloud and Hybrid Cloud. They all follow a basic principle which is to promote the virtual work environment based on the collaborative aspect of technology.
The model of Public Cloud is a service provided by a supplier to ordinary users or businesses via the Internet. This service provider is responsible for protecting, hosting, maintenance and data management in a company or for client, charging only for the resources used, whether application infrastructure, physical infrastructure or software.
This service is shared with other companies or users. With this, the company has full control over what does and records in the cloud, but not on the actions of others in the environment. You can use this service effectively, however, your company may face potential safety problems due to the public nature of this Cloud.
It is a model that has as one of its benefits to reduce costs and thus is a good alternative for companies with a limited budget or other priorities. However, if your company works with a large volume of confidential data, this may not be the best solution. The Public Cloud is suitable for small and medium-sized businesses working with less sensitive data.
Private clouds are cloud services provided within a company and they offer all the basic functions of Cloud Computing such as increased productivity, flexibility and scalability, remote access, among others, but with restricted access to only one company or a specific group without IT resource sharing with other companies or users outside the corporate environment. In this format, the very company that integrates all departments and areas with the Cloud Computing model, with the installation and maintenance of infrastructure and the platform for the company that provides the Private Cloud system.
With this, the private cloud using an intelligent and flexible network that provides an experience of reliable use, enabling storage and access to information and corporate data safely. Companies that operate in highly regulated sectors or working with sensitive information, such concerns have that need to be met. Choosing a private cloud can be the right option in this case because its main purpose is just to provide more stability for the storage of corporate data in the cloud, ensuring total control over the environment with less risk of threats from third parties, and providing access wherever the employee is.
Another advantage of a private cloud is high customization capabilities, it is possible to increase the efficiency of servers and data centers, reducing deployment costs and increasing the company’s productivity and streamlining operations and infrastructure. However, the price of deploying an internal cloud can be a hindrance for some small and medium businesses.
The hybrid cloud model allows keeping systems in private and other public cloud simultaneously. For example, critical systems that handle sensitive information or can be hosted internally while other systems that do not deal with sensitive data, can be used on a public network.
A well-built hybrid cloud can meet safe processes that need more care because the private cloud ensures safety through an exclusive network installed in the company. A hybrid cloud can also meet the demands of scalability, for example, when a company needs the extra capacity of a server only during a busy period in particular, and soon after to no longer use most. Hybrid cloud can more easily meet its irregular demand, due to its dynamic scalability.
This format of cloud allows a company to establish the best training for the business model as it enhances the internal control of applications for the business needs, analyzing what is the best option. Due to new technological and economic realities, the hybrid cloud model has been the most used in the corporate market.
Despite all the risks that are reported on the cloud computing, the cloud business solutions have proven to be beneficial for companies to generate competitive value compared to its competitors who are not in the cloud.
Though the answers to the question “My business should adopt the cloud” are always “it depends”, there are reasons to be considered by businesses of all sizes to make the cloud your “vehicle” toward higher productivity, lower IT costs and greater growth. Here are 3 reasons why you should consider migrating your business – or at least many of its functions and processes – to the cloud:
Reason # 1: Optimizing Workforce
Reason # 2: The Cloud Helps Leverage Resources of your Business and Implement the rule of 80/20
The cloud can help you leverage your business, since it is linked to increased productivity – time, energy, money. An example is the possibility of increasing the capacity of entrepreneurship, to enable the owners of organizations do more with less: You can manage multiple companies with cloud.
Piyush Somani, Managing Director and CEO of ESDS says, the biggest advantage is being able to access the cloud completely from anywhere in the world using any Internet connected device, which can mean a savings of hundreds of thousands of dollars per year. According to the law 80/20, he explains that the cloud solutions enable companies to manage 80% of the business processes, which include the basic needs: sales, payroll, costs, services, etc.
Reason # 3: Migrating to the Cloud is a Business that is Low Risk Investment and can Generate ROI
With regard to investments, the adoption of the cloud is a low-risk move, which can generate a high return on investment (ROI) in terms of money saved. The operating costs of the cloud decreased 40% in energy costs, and increase business efficiency.
If your company does not use cloud computing as part of daily operations, there is a good chance to break into the model in the coming time.
One of the main benefits of the cloud is its ability to outsource the infrastructure and management of complex applications and data services, allowing data center managers to purchase computing cycles and storage capacity in a more granular fashion, on demand. Instead of spending capital in bulk for large servers and storage solutions, you can buy time based computer on actual usage of CPU cycles and the amount of gigabytes or terabytes in storage used.
Migrating critical data and applications to the cloud can be significantly more cost effective than maintaining the hardware at the company. As your data is stored on the service provider’s infrastructure, there is no need to invest in the purchase of equipment, maintenance or upgrade the web hosting server.
In addition, as data and software are under the responsibility of a provider, the contracting company can reduce the number of IT employees or contractors needed to keep the hardware running on premise, directing them to more strategic activities that add value to the business.
When migrating data from the company to a company that specializes in providing cloud computing solutions, the organization is not only investing in a solution of off-site storage, but also buying a little tranquility. This is because providers of cloud solutions as Amazon, IBM, Cisco, Microsoft and ESDS have trained staff which is ready to respond to emergencies, frustrations and failures 24 hours a day, 365 days a year, ensuring that the company and employees have access to files and business applications. Furthermore, they give the necessary assistance when requested. By default, cloud computing offers a backup solution instant off site that is running. In cases of disasters in the office, for example, business continuity is assured, thanks to the fact that information is replicated to another location.
Having a solution of cloud computing means to grow rapidly and meet the demands of employees and customers. As businesses grow, the cloud-based solution can quickly be scaled to meet the growing needs. Such movement may be especially important for businesses that rely on web sales as a significant representation of the recipe. The lack of server capacity can quickly result in lost sales.
In essence, the cloud changes its cost structure and managing IT from the purchase of equipment, hiring professionals and operation of internal data centers to service-oriented paradigm on which you buy just what you need when you need. Becomes someone else’s problem to make sure everything is secure, available and reliable.
However, there are always advantages and disadvantages to surrender control of IT to another person. You need to make sure it is worth it, and it works.
Here are ten points to consider before adopting the cloud:
All these factors are important and must be considered when you evaluate whether cloud computing makes sense for your organization or not!!
The cloud as a concept has become ubiquitous in all technological news blogs, newspapers, etc.. So much so that we tend to lump it services or functionality we use for years or even decades. Most people ask but do you really what is this cloud? or what do you have again? If the end is all easier …
The cloud is basically flexible, they have the ability to increase and decrease in resources based on the needs you have for a project at all times. Traditional servers are limited to the hardware installed and of course, any extension of RAM, disk space or processor involves turning off the server and manually replacing parts. On the other hand, create an additional VPS to meet peak demand is a matter of seconds, while always ready to maintain a physical server these cases is costly.
How have ESDS focused on Cloud?
The first is developed its own eNlight Cloud Hosting Solution to ensure our independence when going to implement new features and improvements. In fact we are the only company in India using a solution developed in house and certainly in ESDS, we prefer to maintain control over the platform without relying on third parties.
Another point is the problem of storage. First Cloud (and many today), lacked stability and performance for virtualization was performed on conventional storage structures. Moreover, as it is not possible to virtualize on demand access to disk solutions like Amazon tarifican the number of requests to cabins with high capacity storage.
In that sense we have been clear that the utility of Cloud had to rely on the speed of response and processing power and network. Why we use the highest quality hardware servers, faster Gigabit connections … and drives: SAS in RAID in compact and efficient cabins, otherwise it would not be possible to offer a useful tool!
Whether you realize it is a classic consumer computing lifetime and not much different from a mail service for IMAP or file repository. The hosting companies offer this service since they exist, for example in ESDS we developed eNlight Platform. With the proliferation of the first laptops and mobile devices then, has been imposed demand to centralize photos, music, documents, etc..
Another classic converted, but this time very common in the 90 companies and universities: networked applications. The jobs are simple terminals, “stupid computers” that are connected to a centralized software, eg. a project manager or an office suite … has been and still is a good way to lower licensing costs.
For our part we think it’s not worth giving up the power that gives you any conventional PC or laptop to run desktop software connected to a central server. In fact, offering more specific applications is gaining licenses cheapest room in the market … For this segment, we have chosen to focus on giving a good infrastructure to develop your own solutions based on your specific needs.
Companies that think about moving their websites or applications to cloud computing, think about the most important part and that is security issue. But not everyone knows that selection of cloud services can improve the level of protection of their data. As it turns out in practice, the provider offers a higher security level than the one that you can provide within your own infrastructure. The fact is that, the solution of problems is related to security and the service providers. Serving businesses with a turnover of billions of dollars, cloud providers are doing their utmost to ensure the safest possible environment. Nevertheless, cloud computing are a host of new risks to potential users.
Before you trust cloud, you should make sure that you really ensure a level of reliability required for the safe handling of applications and data storage in the cloud. Fortunately, the increasing competition in the market of cloud computing services has improved the level of service for the users that is more flexible and provides organizations with the best security for cloud computing services.
But before we dive into cloud computing, the client must define a complete list of requirements for the computing platform, including the level of security. In this case, you can ask your question, and ask for the platform that meets your requirements. In order to not make the wrong choice, it is important to decide the questions and ask for the satisfactory answers that you are looking from the provider.
Who is on your side?
To date, the best experts in the field of security is cloud computing security Alliance (CSA). This organization has produced a guidance, including a description of hundreds of recommendations that should be taken into account when assessing the risks of cloud computing. The manual includes 76 pages, but you don’t need to read this document because we have selected the most important recommendations and tried to make a series of questions that a potential provider of cloud computing services should be asked in the first place.
Cloud computing: Questions and Answers
The following points are key questions that you need to ask the cloud computing service provider whose services you plan to use.
Each issue is one of six specific areas, as shown in Figure.
Before addressing the issues you must understand the benefits of using the solutions that are based on standards. And this applies to all areas of security. Proprietary systems are less trustworthy than systems based on standards, as the market players, government agencies, and standards bodies agree with this. That is why the widespread Advanced Encryption Standard (AES) and Transport Layer Security (TLS) have implemented such standards. They have undergone years of analysis and improvement. Moreover, using standards-based security system, the customer receives an additional advantage – if necessary, the customer will be able to change the service provider, as most service providers support the standardized solution.
Another thing that stands clear: how to make sure that the provider performs the data they promise? This will help you to conclude the Service Level Agreement (SLA), or contract on a written document, which will be clearly stated commitment by the cloud service provider. Thus, a series of questions from general to specific, that you need to ask potential providers of cloud computing services, begins here.
1. Preservation of stored data.
Does the service provider ensure the safety of stored data?
The best measure of protection located in the data warehouse is the use of encryption technology. The provider should always encrypt the customer information stored on their servers for preventing unauthorized access. The provider must also permanently delete the data when they are no longer needed and not required in the future.
2. Protecting data in transit.
How a cloud service provider ensures data integrity during transmission (within the clouds and on the way from / to the cloud)?
Transmitted data must always be encrypted and available for the user after authentication. This approach ensures that data is not changed or read by any person, even if it is accessible to them through unreliable nodes in the network. Mentioned technologies were developed during the “thousand person-years led to the establishment of reliable protocols and algorithms (such as TLS, IPsec and AES). Providers should use these protocols, rather than inventing their own.
Does a provider know the authenticity of the client?
The most common method of authentication is password protected. However, service providers offer higher reliability, more powerful tools, such as certificates and tokens to their customers. Along with the use of more reliable means to breaking the authentication, providers must be able to work with standards like LDAP and SAML. This is to ensure interaction with the system provider’s user identification and authorization of the client in determining the powers that are granted to the user.
Worst-case scenario – when a customer of the ISP is in the concrete list of authorized users. Typically, in this case, when an employee leaves or is moved to another position may be difficult.
4. Isolation of users.
How data and applications are separated from one customer data and applications from other clients?
Best option: when each client uses an individual Virtual Machine (VM) and virtual network. Separation between the VM and, consequently, between the users, provides a hypervisor. Virtual networks, in turn, are deployed by using standard technologies such as VLAN (Virtual Local Area Network), VPLS (Virtual Private LAN Service) and VPN (Virtual Private Network).
Some providers put data from all clients into a single software environment and due to changes in its code, it try to isolate the customer data from each other. This approach is reckless and unreliable. First, an attacker could find a breach in a non-standard code that will allow him to gain access to data that should not be seen. Second, the error in the code can lead to what one customer accidentally “see” in others data. Therefore, to distinguish between user data, use different virtual machines and virtual networks for a smart move.
5. Legal and regulatory matters.
How the providers apply laws and regulations that are applicable to cloud computing?
Depending on the jurisdiction, laws, rules, and any special provisions may vary. For example, they may prohibit the export of data, require the use of well-defined measures of protection, the availability of compatibility with certain standards and the availability of auditing capabilities. Ultimately, they may require, if necessary, it could be access to government agencies and the courts information. Negligent treatment from the provider to these points may cause its customers a significant costs arising from legal consequences.
The provider is obliged to follow strict rules and stick to a single strategy in the legal and regulatory sectors. This concerns the security of user data, export compliance, auditing, retention, and deletion of data, as well as disclosure of information (this is especially true when a single physical server can store multiple clients). To find out, customers are urged to seek help from professionals, who will study the matter thoroughly.
6. The reaction to the incident.
How provider does responds to the incident, and how much is the involvement in the incident of clients?
Sometimes, not everything goes according to plan. Therefore, service providers are required to adhere to specific rules of conduct in the event of unforeseen circumstances. These rules should be documented. Providers must focus on identifying incidents and minimize their consequences, informing users about the current situation. Ideally, they should regularly provide users with information from the highest level of detail on the issue. In addition, clients themselves must assess the likelihood of problems related to safety and take appropriate action.
The Future of cloud computing security
Despite the fact that today we have a much broader set of tools for security than ever before, the work is far from over. In some cases, to bring to market a technology that helps to solve a new task takes time, even though it had already developed. Here are some of the latest technologies: the data with built-in (Intrinsically Safe Data) and trusted monitors.
Intrinsically Safe Data (self-protected data) – it’s encrypted data, which is integrated with security mechanism. Such mechanism includes a set of rules which may or may not meet the environment in which there is intrinsically safe data. When you try to access the data, the mechanism checks on for safety and disclose them only if the environment is safe.
Trusted Monitor – this software is installed on the provider’s cloud server hosting. It allows you to observe the actions of the provider and send the results to the user who can make sure that the company operates in accordance with the regulations.
When all the research and development of new technologies will be completed, the next step is to implement the service provider. When this happens, customers will be with great confidence that refers to the concept of cloud computing.