Please write a 1-3 page self-reflection paper on what you learned in class and w
ID: 3846413 • Letter: P
Question
Please write a 1-3 page self-reflection paper on what you learned in class and what you feel like you should improve upon further.
This will be worth up to 30 extra points depending on the content.
You should be able to write what you have lerant on:
Discuss what is cloud computing and what are key security and control considerations within cloud computing environments.
Identify various cloud services.
Assess cloud characteristics and service attributes, for compliance with enterprise objectives.
Explain the four primary cloud category “types”.
Evaluate various cloud delivery models.
Contrast the risks and benefits of implementing cloud computing.
Specify security threat exposure within a cloud computing infrastructure.
Recognize steps and processes used to perform an audit assessment of a cloud computing environment.
Weight the impact of improperly controlled cloud computing environments on organizational sustainability.
Course Outline:
PART 1
Cloud Computing Definition
What are Cloud Services
Cloud Service Attributes
Access to the Cloud
Cloud Hosting
Information Technology Support
Provisioning
Pricing
User Interface
System Interface
Characteristics of Cloud Computing
Rapid elasticity
Pay per use
Independent resource pooling
Network access
On-demand self-service
Virtual resource
Availability zone
Cloud Categories
Public Cloud
Private Cloud
Hybrid Cloud
Community Cloud
Cloud Delivery Models
SaaS
PaaS
Iaas
Cloud Architectural Models
Cloud Architecture Summary
Vendor Choices
Infrastructure Limitations
Cloud Scenarios and Considerations
The Evolution of the Cloud
Advantages
Savings
Benefits
PART 2
Security in the Cloud
Cloud Threats
Threat Mitigation
Cloud Security
Cloud Impacts
Realities of Cloud Services
vgh
Explanation / Answer
Cloud Computing Definition:
Delievery of hosted services over the internet.
Cloud Computing is the delivery of on-demand computing resources—everything from applications to data centers—over the internet on a pay-for-use basis.
What are Colud Services?
A cloud service is any service made available to users on demand via the Internet from a cloud computing provider's servers.
Cloud Services Attributes:
1. Reliability
Businesses cannot afford to have their IT services go down because an outage can impact the business significantly. Delayed quotes, missed calls or emails, and unshared documents can all affect top-line revenue as well as bottom-line costs. Reliability is about minimizing the probability of a service outage. Look for service providers that have a history of minimal cloud outages.
2. Availability
Availability is related to reliability. While reliability is an indication of how often a service goes out (or conversely stays up), availability is about the recovery time when a service actually goes down. Ideally, you want a service provider that has the fewest and shortest outages.
Together, this is generally expressed in a reliability/availability percentage, such as 99.9%. Look for vendors with the highest reliability/availability percentage, keeping in mind that even a 99.9% rating means that the service can go down for as much as 43 minutes every month.
3. Scalability
A huge benefit of cloud services is their ability to scale to whatever size you need and to be available wherever you need the service. Service providers need to be deployed in enough data centers around the world to support the connection of users from anywhere your company does business. Look for service providers that can meet the needs of your company's locations.
4. Security
One potential disadvantage of moving your IT services to an external cloud is poor security. If the cloud service provider does not have the appropriate and necessary security safeguards in place, security can be compromised. Look for cloud providers that have multi-factor authentication built into their service as well as full encryption in-transit and at-rest for content. Centralized security policies to manage remote/local devices are also important.
5. Quality of Service (QoS)
Just delivering a service is not good enough for most businesses, especially when the service has a real-time aspect to it, such as voice/video calls or web meetings. The key to QoS is to find service providers that control and manage as much of the solution as possible, including the service technology, bandwidth connectivity, and networking equipment. The more a service provider can manage and control, the better the QoS will be.
6. Service-Level Agreements (SLA)
With most legal agreements, the goal for both parties is to never have to resort to legal enforcement of the agreement. However, in many cases, a strong SLA can offset the impact on a business when a service does not perform to the guaranteed level. As recently as just this month, Microsoft had an extended outage on its Azure platform that triggered credit compensation in its SLA. Compare service provider SLAs to ensure that you get the best protection.
7. Support
Support is a key area that is often overlooked when evaluating service providers, but it remains a critical aspect of any service. The ability to contact support in real time through a call or IM at any time of the day is essential for companies that conduct business around the world or that have time-critical interactions with customers or prospects.
In addition, as companies become more mobile and employees more distributed to remote locations, the ability for the service provider to provide real-time 24/7 support becomes even more critical. Look for service providers that can provide 24/7 real-time support.
The transition to a cloud service is not easy, and moving multiple services at the same time can be catastrophic if not planned properly. Understanding these seven service-provider attributes and determining the minimum levels your company needs to run your business is key. By holding cloud service providers accountable and not compromising on these seven attributes, companies can take their IT to the next level while saving on opex and capex costs.
Characteristics of Cloud Computing?
On-demand self-service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops and workstations).
Resource pooling: The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state or datacenter). Examples of resources include storage, processing, memory and network bandwidth.
Rapid elasticity: Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
Measured service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth and active user accounts). Resource usage can be monitored, controlled and reported, providing transparency for the provider and consumer.
Cloud Categories:
Based on a cloud location, we can classify cloud as:
public,
private,
hybrid
community cloud
public cloud, we mean that the whole computing infrastructure is located on the premises of a cloud computing company that offers the cloud service. The location remains, thus, separate from the customer and he has no physical control over the infrastructure.
As public clouds use shared resources, they do excel mostly in performance, but are also most vulnerable to various attacks.
Private cloud means using a cloud infrastructure (network) solely by one customer/organization. It is not shared with others, yet it is remotely located. If the cloud is externally hosted. The companies have an option of choosing an on-premise private cloud as well, which is more expensive, but they do have a physical control over the infrastructure.
The security and control level is highest while using a private network. Yet, the cost reduction can be minimal, if the company needs to invest in an on-premise cloud infrastructure.
Hybrid cloud, of course, means, using both private and public clouds, depending on their purpose.
For example, public cloud can be used to interact with customers, while keeping their data secured through a private cloud.
Community cloud implies an infrastructure that is shared between organizations, usually with the shared data and data management concerns. For example, a community cloud can belong to a government of a single country. Community clouds can be located both on and off the premises.
Cloud Delievery Models:
Infrastructure-as-a-Service (IaaS)
Cloud Providers offering Infrastructure as a Service tout data-center space, and servers; as well as network equipment such as routers/switches and software for businesses. These data-centers are fully outsourced, you need not lift a finger, upgrade an IOS or re-route data. Although this is the base layer, it allows for scalability and reliability; as well as better security than an organization may have in a local co-lo or local datacenter. In addition, these services are charged as utilities, so you pay for what you use, like your water, electric and gas. Depending on your capacity or usage, your payment is a variable.
Because the IaaS vendors purchase equipment in such bulk, you, Mr. Customer, get the best gear for the lowest price. Hence, the financial benefits of IaaS are cheaper access to infrastructure.
With the pay-as-you-go model, instead of investing in a fixed capacity infrastructure, which will either fall short or exceed the organizational need, customers are able to save quite a bit of coin. Buying hardware that’s barely used is a waste of hardware, air conditioning, space and power.
Operational expenses versus Capital expenses: Cloud is better. Because these computing resources are basically used and paid for like a utility they can be paid via the operating expenditures budget versus being paid for via capital investments. In other words, instead of depreciating the gear over three years, you’re able to expense the monthly charge this year. And the next year. And the year after that. It’s an elastic service.
Platform-as-a-Service (Paas)
Provisioning a full hardware architecture and software framework to allow applications to run is the essence of Platform-as-a-Service. There’s a huge market for customers who require flexible, robust web-based applications. But, in order for these applications to run, there needs to be platform supporting it that is just as robust and flexible. Cloud providers offer this environment and framework as a service. Their developers can write their code regardless of the OS behind it. So instead of software being written for Apple, Linux or Windows, it’s being written for a development environment provided by Cloud Providers such as Amazon, Microsoft and Google.
Software-as-a-Service (SaaS)
Software-as-a-Service (which I’ll refer to simply as SaaS) is the process of provisioning commercially available software but giving access over the net. The customer doesn’t have to worry about software licenses, since they are handled by the service provider. The provider also handles upgrades, patches, or bug fixes. Some examples of this software might be office productivity software, which you may access online, like Google Docs. You can also essentially rent contact management software, content management software, email software (Google mail?), project management software, and scheduling software. It’s all online. All easily available on the internet. Why is this a big deal? Well, you no longer have to pay for expensive hardware to host the software, or get to the software (VPNs, dedicated links, etc.), you don’t need the employees (and their associated salaries, benefits, office costs, etc.) to install, configure or maintain the software. The application is handled on the back end by the SaaS provider. That’s sort of a big deal regardless the size of your business. Money is money. Your IT staff is then able to use its time and resources to work on other projects or you can simply eliminate unnecessary IT staff.
Just think about how many unnecessary resources can be eliminated when users no longer need all sorts of local applications on their local computers and the associated troubleshooting frustrations. And now, because it’s cloud based, there’s a Service Level Agreement for problems.
The other thing to think about is that by moving your infrastructure (IaaS) to the cloud, you no longer have the headache of building out and maintaining that infrastructure. It scales when you scale. By pushing the development platform out to the cloud (PaaS), development of software on a stable, secure, reliable environment allows resources to work on just that--development. And by putting software in the cloud and accessing the software through a web browser, applications are no longer bound by an operating system. The operating system platform becomes nothing more than a stage for a web browser to access the software to do the work. Work becomes device-agnostic. So, users who want to be on Linux workstations can do just that. Prefer a Mac? No problem. PC is your game? We can do that, too.
With the cloud, there are many ways to save money, as well as increase reliability and security. Understanding the options will help you do just that.
Advantages of Cloud Computing
Cost Savings
Perhaps, the most significant cloud computing benefit is in terms of IT cost savings. Businesses, no matter what their type or size, exist to earn money while keeping capital and operational expenses to a minimum. With cloud computing, you can save substantial capital costs with zero in-house server storage and application requirements. The lack of on-premises infrastructure also removes their associated operational costs in the form of power, air conditioning and administration costs. You pay for what is used and disengage whenever you like - there is no invested IT capital to worry about. It’s a common misconception that only large businesses can afford to use the cloud, when in fact, cloud services are extremely affordable for smaller businesses.
Reliability
With a managed service platform, cloud computing is much more reliable and consistent than in-house IT infrastructure. Most providers offer a Service Level Agreement which guarantees 24/7/365 and 99.99% availability. Your organization can benefit from a massive pool of redundant IT resources, as well as quick failover mechanism - if a server fails, hosted applications and services can easily be transited to any of the available servers.
Manageability
Cloud computing provides enhanced and simplified IT management and maintenance capabilities through central administration of resources, vendor managed infrastructure and SLA backed agreements. IT infrastructure updates and maintenance are eliminated, as all resources are maintained by the service provider. You enjoy a simple web-based user interface for accessing software, applications and services – without the need for installation - and an SLA ensures the timely and guaranteed delivery, management and maintenance of your IT services.
Strategic Edge
Ever-increasing computing resources give you a competitive edge over competitors, as the time you require for IT procurement is virtually nil. Your company can deploy mission critical applications that deliver significant business benefits, without any upfront costs and minimal provisioning time. Cloud computing allows you to forget about technology and focus on your key business activities and objectives. It can also help you to reduce the time needed to market newer applications and services.
Disadvantages of Cloud Computing
Downtime
As cloud service providers take care of a number of clients each day, they can become overwhelmed and may even come up against technical outages. This can lead to your business processes being temporarily suspended. Additionally, if your internet connection is offline, you will not be able to access any of your applications, server or data from the cloud.
Security
Although cloud service providers implement the best security standards and industry certifications, storing data and important files on external service providers always opens up risks. Using cloud-powered technologies means you need to provide your service provider with access to important business data. Meanwhile, being a public service opens up cloud service providers to security challenges on a routine basis. The ease in procuring and accessing cloud services can also give nefarious users the ability to scan, identify and exploit loopholes and vulnerabilities within a system. For instance, in a multi-tenant cloud architecture where multiple users are hosted on the same server, a hacker might try to break into the data of other users hosted and stored on the same server. However, such exploits and loopholes are not likely to surface, and the likelihood of a compromise is not great.
Vendor Lock-In
Although cloud service providers promise that the cloud will be flexible to use and integrate, switching cloud services is something that hasn’t yet completely evolved. Organizations may find it difficult to migrate their services from one vendor to another. Hosting and integrating current cloud applications on another platform may throw up interoperability and support issues. For instance, applications developed on Microsoft Development Framework (.Net) might not work properly on the Linux platform.
Limited Control
Since the cloud infrastructure is entirely owned, managed and monitored by the service provider, it transfers minimal control over to the customer. The customer can only control and manage the applications, data and services operated on top of that, not the backend infrastructure itself. Key administrative tasks such as server shell access, updating and firmware management may not be passed to the customer or end user.
It is easy to see how the advantages of cloud computing easily outweigh the drawbacks. Decreased costs, reduced downtime, and less management effort are benefits that speak for themselves.
More and more, small businesses are moving to cloud computing, signing up with private providers that make sophisticated applications more affordable as well as setting up their own accounts with public social media sites like Facebook. The trend is confirmed by Microsoft in its global SMB Cloud Adoption Study 2011, which found that 49 percent of small businesses expect to sign up for at least one cloud service in the next three years.
Private and public clouds function in the same way: Applications are hosted on a server and accessed over the Internet. Whether you’re using a Software as a Service (SaaS) version of customer relationship management (CRM) software, creating offsite backups of your company data, or setting up a social media marketing page, you’re trusting a third-party company with information about your business and, most likely, your customers.
Although cloud computing can offer small businesses significant cost-saving benefits—namely, pay-as-you-go access to sophisticated software and powerful hardware—the service does come with certain security risks. When evaluating potential providers of cloud-based services, you should keep these top five security concerns in mind.
1. Secure data transfer. All of the traffic travelling between your network and whatever service you’re accessing in the cloud must traverse the Internet. Make sure your data is always travelling on a secure channel; only connect your browser to the provider via a URL that begins with ”https.” Also, your data should always be encrypted and authenticated using industry standard protocols, such as IPsec (Internet Protocol Security), that have been developed specifically for protecting Internet traffic.
2. Secure software interfaces. The Cloud Security Alliance (CSA) recommends that you be aware of the software interfaces, or APIs, that are used to interact with cloud services. ”Reliance on a weak set of interfaces and APIs exposes organizations to a variety of security issues related to confidentiality, integrity, availability, and accountability,” says the group in its Top Threats to Cloud Computing document. CSA recommends learning how any cloud provider you’re considering integrates security throughout its service, from authentication and access control techniques to activity monitoring policies.
3. Secure stored data. Your data should be securely encrypted when it’s on the provider’s servers and while it’s in use by the cloud service. In Q&A: Demystifying Cloud Security, Forrester warns that few cloud providers assure protection for data being used within the application or for disposing of your data. Ask potential cloud providers how they secure your data not only when it’s in transit but also when it’s on their servers and accessed by the cloud-based applications. Find out, too, if the providers securely dispose of your data, for example, by deleting the encryption key.
4. User access control. Data stored on a cloud provider’s server can potentially be accessed by an employee of that company, and you have none of the usual personnel controls over those people. First, consider carefully the sensitivity of the data you’re allowing out into the cloud. Second, follow research firm Gartner’s suggestion to ask providers for specifics about the people who manage your data and the level of access they have to it.
5. Data separation. Every cloud-based service shares resources, namely space on the provider’s servers and other parts of the provider’s infrastructure. Hypervisor software is used to create virtual containers on the provider’s hardware for each of its customers. But CSA notes that ”attacks have surfaced in recent years that target the shared technology inside Cloud Computing environments.” So, investigate the compartmentalization techniques, such as data encryption, the provider uses to prevent access into your virtual container by other customers.
Although you should address these security issues with the cloud provider before you entrust your data to its servers and applications, they shouldn’t be a deal breaker. Cloud computing offers small businesses too many benefits to dismiss out of hand. After all, you already met many of these security challenges the first time you connected your network to the Internet.