2. What are we discussing today?
◊ Introduction to Cloud Computing
◊ Security and Compliance
◊ Evaluating Cloud computing
◊ Business Cases
◊ Amazon Web Service (AWS) Lab
4. What’s this Cloud computing?
“Cloud computing is a model for enabling ubiquitous,
convenient, on-demand network access to a shared pool of
configurable computing resources (networks, servers, storage,
applications, services…) that can be rapidly provisioned
and released with minimal management effort or service
provider interaction.”
- NIST Special Publication
7. Service Models & Cloud Vendors
Software as a Service
(SaaS)
Infrastructure as a
Service (IaaS)
Platform as a Service
(PaaS)
8. Why are customers adopting cloud computing?
Variable expense Replace capital expenditure with variable expense
Economies of scale Lower variable expense than companies can achieve
themselves
Elastic capacity No need to guess capacity requirements and over-
provision
Speed and agility Infrastructure in minutes, not weeks and months!
Focus on business Not undifferentiated heavy IT lifting
Global Reach Go global in minutes and reach global audience
9. Benefits & Limitations
* Cost (pay per use, reduced hosting cost…)
* Automated (updates, backups…)
* Flexibility (On demand, scalable…)
* Multi tenant (shared resources, green comp)
* Mobility (Access from any Web device)
* Security
* Location of data
* Compliance and Privacy (regulations…)
* Internet Dependency / Speed
* Service Levels
* Migration / Vendor Lock-in
12. What should be secured in Cloud?
• All the components in
the Cloud – Network,
Storage, Database,
Operating System,
virtualization, load
balancing –
everything should be
secured.
• Cloud computing
security is no
different than regular
security.
13. Security Risks and Mitigations
Risk
• Data loss / leakage
• Shared technology /
vulnerabilities
• Insecure application
interfaces
• Malicious insiders
• Unknown risk profile /
accounts
• Account, service and
traffic hijacking
Mitigation
• Strong Authentication,
auditing etc.
• Operations procedure,
security practices etc.
• Secured design
(Firewalls…)
• Staff vetting
• Validation of
credentials, active
monitoring of traffic
14. Compliance
• Numerous regulations pertain to storage and use of
data - PCI DSS, HIPAA and Sarbanes–Oxley (SOX) Act
• Business continuity and data recovery
• Logs and audit trails
• Data or Datacenter location jurisdiction
• Legal and contractual issues
16. Evaluating Cloud Computing Implementation
Cost
Benefits
Business
SLA
Business Cases
Service
Supplier
Evaluation
17. Things to check/ask before implementing
• How good is the security of Cloud DC?
• How much will I save? (CapEx, Software licensing…)
• Time to build new system
• Maintenance strategies (outages, patches…)
• Latency comparison between Cloud and own DC
• Comparative study of various cloud providers
• Demand for trial period
• Compliance (ISO standards etc.)
• Service Levels (Uptime, time to resolution…)
18. Cloud Provider – Tenant Responsibility Matrix
SaaS PaaS IaaS Data Center
Data Provider Tenant Tenant Tenant
Application Provider Tenant Tenant Tenant
OS Provider Provider Tenant Tenant
Virtualization Provider Provider Provider Tenant / NA
Network Provider Provider Provider Tenant
Physical Provider Provider Provider Tenant
Broad network access: Cloud Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms such as mobile phones, laptops and PDAs.Measured service: Cloud computing resource usage can be measured, controlled, and reported providing transparency for both the provider and consumer of the utilised service. Cloud computing services use a metering capability which enables to control and optimise resource use. This implies that just like air time, electricity or municipality water IT services are charged per usage metrics – pay per use. The more you utilise the higher the bill. Just as utility companies sell power to subscribers, and telephone companies sell voice and data services, IT services such as network security management, data center hosting or even departmental billing can now be easily delivered as a contractual service.On demand self services: computer services such as email, applications, network or server service can be provided without requiring human interaction with each service provider. Cloud service providers providing on demand self services include Amazon Web Services (AWS), Microsoft, Google, IBM and Salesforce.com. New York Times and NASDAQ are examples of companies using AWS (NIST). Gartner describes this characteristic as service based Rapid elasticity: Cloud services can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be purchased in any quantity at any timeResource pooling: The provider’s computing resources are pooled together to serve multiple consumers using multiple-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. The resources include among others storage, processing, memory, network bandwidth, virtual machines and email services. The pooling together of the resource builds economies of scale (Gartner).
Salesforce.com has become the poster child of software as a service Customer Relationship Management (CRM) software solutions. Now the technology pioneer continues a push into the platform as a service (PaaS) market with its Force.com application platform.NetSuite delivers software as a service (SaaS) enterprise-wide business applications, including full-featured financials and accounting, Customer Relationship Management (CRM), inventory, and e-commerce software—all in a fully integration application.Oracle's on demand CRM software allows customers flexibility in how to deploy tehir CRM software based on their specific needs and budget requirements. Hosted and Managed Applications and Software-as-a-Service (SaaS) deployment models are all available.Enterprise Resource Planning (ERP) giant SAP is assertively pushing into the software as a service CRM and ERP markets with its Business ByDesign solution. The on-demand ERP system is showing strong global adoption from both customers and partners.=====================Google has made a name for itself with its Google Apps suite of business and consumer cloud applications and its Google App Engine, the developer platform that lets users build and host Web apps in the cloud in an effortless fashion.Microsoft's cloud platform, Windows Azure, is a little more than a year old and is still gathering momentum. Azure has blossomed into more than just a development play—it's a full-fledged cloud services operating system that also offers service hosting and service management.Flexiant's public cloud platform, FlexiScale, has made the company one of Europe's premier cloud players and an up-and-comer in the U.S. The platform is aimed at SMEs and startups looking to offer streaming video, social networking, IPTV, VoIP or SaaS.GridGain's open-source cloud application platform helps developers build scalable applications that can work natively on managed infrastructure, from a Google Android device to large grids and clouds. The software supports major OSes and provides native support for Java and Scala.=================Amazon Web Services has become the one to beat in the cloud game, and Amazon EC2, its compute capacity play, set the standard for spinning up and taking down cloud capacity quickly and affordably with a pay-as-you-go model.GoGrid prides itself on being the biggest pure-play Infrastructure-as- a-Service company in the world. Its infrastructure lets businesses deploy and manage apps in the cloud platform within minutes and with a flexibility that separates it from the Johnny-comelatelies.While formally known as Rackspace Hosting, Rackspace Cloud is taking over. And with Rackspace's Cloud Servers infrastructure play, the top cloud dog of Texas is rivaling the major players with its select-asize, customizable IaaS backed by Rackspace's own "fanatical support."Late last year, Savvis launched Savvis Symphony, its suite of enterprise-focused cloud solutions to let businesses break free from IT infrastructure. Savvis says its cloud infrastructure can reduce capital expense, improve service levels and keep enterprises at the forefront of cloud innovation.
Payment Card Industry Data Security Standard - PCI DSSHealth Insurance Portability and accountability Act - HIPAA