I have talked about managing the risks associated with cloud implementation in previous blogs. Now let’s take a deeper dive into the technology so that you can better understand which offering best suits your needs.
First, let’s take a look at the type of service, which, as described below, is generally classified into three categories depending on the “service” that is consumed, and the level of control desired by the organization.
Software as a Service (SaaS) – in this scenario, the Cloud Service Provider (“CSP”) provides all of the software, servers, storage capacity and infrastructure management. The cloud subscriber generally can control preference selections and limited administrative application settings. The tradeoff for simplicity and cost savings is that security provisions are carried out mainly by the CSP.
Infrastructure as a Service (IaaS) – is at the other end of the cloud spectrum. Cloud subscribers are able to maintain control of their software environment, but do not maintain any equipment. The basic computing infrastructure of servers, software and network equipment is provided to the customer as an on-demand service upon which a platform to develop and execute applications can be established.
Platform as a Service (PaaS) – is somewhere in between IaaS and SaaS. In this scenario, the vendor provides an operating system and database services in the cloud, on which the customer can deploy applications. This model is typically utilized when an organization wants to create and maintain control over their applications while reducing the cost and complexity of buying, housing and managing the underlying hardware and software components of the platform.
Once you have determined the type of service, the next step is to choose the mode of deployment of the cloud services.
Public cloud: The platform is managed for the client in a CSP data center. In a public cloud deployment, the infrastructure and other computational resources are made available via the Internet. The server hardware is physically located outside of the organization’s premises, and management of the cloud is fully outsourced.
Private cloud: The computing environment is operated exclusively for an organization. It may be managed either by the organization or a third party, and it may be hosted outside or within the organization’s data center. A private cloud gives the organization greater control over the infrastructure and computational resources.
Hybrid cloud: A hybrid cloud infrastructure consists of two or more clouds (typically a public cloud and another organization’s private cloud) that remain unique entities but are bound together by standardized or proprietary technology that enables unified service delivery while also creating interdependency.
Conclusion: Technology is just the first step
Once you determine the best technical platform you will still need to:
• Select a vendor
• Protect your interests with policies and procedures for your organization’s cloud computing initiative
• Prepare effective agreements with your CSP
• Look into the need for any additional technical protections such as firewalls
Stay tuned! More to come on these topics as we continue to explore the brave new world of cloud computing.