1. Cloud Computing What are you afraid of? Copyright 2011 The Word & Brown Companies
2.
3. Copyright 2011 The Word & Brown Companies At its most promising, Cloud Computing is about evolving IT to enable greater responsiveness to business needs while at the same time driving greater efficiencies. Successful Cloud computing requires a re-thinking of IT in a way that’s fundamentally different from how we’ve approached IT over the last 30 years. There are some reasons to be cautious and you can’t simply move existing applications to a cloud infrastructure without understanding the significant differences in the environments.
7. Copyright 2011 The Word & Brown Companies Optimizing Cost of Capacity SOURCE: The Open Group, May 2011
8.
9. Copyright 2011 The Word & Brown Companies Reason to be Wary of Cloud Computing SOURCE: The Open Group, May 2011 Response to the question: “What is your biggest concern with Cloud Computing?”
10.
11.
12.
13. Delivery Models Copyright 2011 The Word & Brown Companies = Managed for You SaaS PaaS IaaS Applications Runtimes Database Operating System Virtualization Server Storage Networking
14. Cloud Concepts & Terminology Copyright 2011 The Word & Brown Companies
15. Concerns about Security Copyright 2011 The Word & Brown Companies Customer Admin Users Tenant Tenant External Web Site
16.
17.
18.
19. Security Models have to change for the Cloud Copyright 2011 The Word & Brown Companies
20. Security is a shared responsibility Copyright 2011 The Word & Brown Companies On Premises In The Cloud Physical Network Host Application Data Physical Network Host Application Data Customer Responsibilities Cloud provider Responsibilities
21. Security – on premise Copyright 2011 The Word & Brown Companies
22. Security – in the Cloud Copyright 2011 The Word & Brown Companies
23. Security – in the Cloud Copyright 2011 The Word & Brown Companies
29. Copyright 2011 The Word & Brown Companies Organizations are moving forward Question: “ What best describes where Cloud Computing fits into your organization’s IT roadmap?” SOURCE: The Open Group, May 2011
30. Copyright 2011 The Word & Brown Companies How does a cloud deployment change my risk profile? A cloud computing deployment means you are no longer in complete control of the environment, the data, or the people. A change in control creates a change in risk. Ultimately the data and its sensitivity level will dictate if a cloud model makes sense. What do I need to do to ensure my existing security policy accommodates the cloud model? A shift to a cloud paradigm is an opportunity to improve your overall security posture and your security policies. Ideally you can extend your existing security policies to accommodate this additional platform. Will a cloud deployment compromise my ability to meet regulatory mandates? Cloud deployments shift your risk profile and could affect your ability to meet various regulations. Some cloud applications give you strong reporting and are tailored to meet specific regulatory requirements, others are more generic and cannot or will not meet detailed compliance requirements. Cloud Security: Questions to Ask Before You Jump In
33. The Scale is amazing - Microsoft Copyright 2011 The Word & Brown Companies
34. The Scale is amazing - Google Copyright 2011 The Word & Brown Companies Each Container has 1160 servers and power consumption that can reach 250 kilowatts
35. Copyright 2011 The Word & Brown Companies Some lessons from Amazon's outage (or Microsoft’s or Google’s) Read your cloud provider’s SLA very carefully Amazingly, this almost four-day outage has not breached Amazon’s EC2 (Elastic Compute Cloud) SLA, which “guarantees 99.95% availability of the service within a Region over a trailing 365 period.” Since it has been the EBS (Elastic Block Storage) and RDS (Relational Database Services) rather than EC2 itself that failed the SLA has not been breached, legally speaking. Don’t take your provider’s assurances for granted Many of the affected customers were paying extra to host their instances in more than one Availability Zone (AZ) which are supposed to be physically separate and protect from virtually any failure. Unfortunately, this turned out to be a technical specification rather than a contractual guarantee. There are ways you can supplement a cloud provider’s resilience Decompose resources into independent pools, build in support for quick timeouts and retries, and have interfaces that allow multiple retries of failed requests. Can be difficult if all your experience is in designing tightly-coupled enterprise application stacks that assume a resilient local area network. Successful cloud apps are not your in house apps simply hosted in the cloud .
36. Copyright 2011 The Word & Brown Companies Some lessons from Amazon's outage (or Microsoft’s or Google’s) Building in extra resilience comes at a cost Choices about the length of outage you can tolerate have cost consequences. Understanding the trade-offs helps you frame what to ask A good question to ask Cloud vendors — “Do you take down production infrastructure to test your failover?” (Amazon apparently didn’t and it didn’t work as expected) Amazon’s lack of transparency made recovery harder Several affected customers complained of the lack of useful information coming from Amazon during the outage - “Our people can’t read from the tea-leaves how to organize our systems for performance, scalability and most importantly disaster recovery. The difference between ‘reasonable’ SLAs and ‘five-9s’ is the difference between improvisation and the complete alignment of our respective operational processes …” Remember - an inherent transfer of control Most customers will still forgive Amazon its failings However badly they’ve been affected, providers have sung Amazon’s praises in recognition of how much it’s helped them run a powerful infrastructure at lower cost and effort. In many cases their businesses might not be able to exist at all without a similar infrastructure.