Cost, efficiency, scalability and availability are the main drivers in the discussion regarding cloud computing. Security and privacy are the main issues, which needs to be dealt with when using services in the cloud.
“Trestle group consulting” made a Group research publication which talks about the Technical Evolution that’s under Cloud Computing. The below articles says all about it.
Over the last decade, sourcing has become one of the most commonly used methods for a business to acquire services. The expression Cloud Computing is widely used in IT and business circles. Many users, however, are confused as to what the underlying service actually is and how it can be integrated into their IT and business process landscape.
The organizations see Cloud Computing as a model that enables access to a configurable computing resource, which is easily accessible with no or only minimal Service Provider input. It is a “Flexible and on a need-based IT service”.
One of the many advantages for the user is the fact that instead of high upfront Fixed cost investments, most if not all, costs are variable and can be spread over the duration of the usage. Cloud Computing can be seen as the next level of sourcing.
In the following section, we summarize the different types of Cloud Computing options depending on services delivered.
Cloud Computing Layers
Cloud computing itself can be separated into three service models, also defined as service layers.
Layer 1: Infrastructure as a Service (IaaS), offering virtual IT infrastructure (i.e., hardware, storage)
Layer 2: Platform as a Service (PaaS): offering virtual application infrastructure services (i.e.. database and middleware)
Layer 3: Software as a Service (SaaS): offering virtual application services (i.e.. applications and processes)
As in other service offerings, Cloud Services cover those specifics supplied by the service provider for a user or a specific set of users. The diagram below shows how users access the Cloud.
Cloud Services and Participants
Trestle Group Recommendations
Based upon the experience gained during reviews at customer locations, Trestle Group recommends the following points to be considered when evaluating Cloud as an IT- and/or Business-driven solution.
Before engaging in Cloud Computing, initiate a project that reviews existing processes and products. The review process should go through the following steps in order to optimize use of Cloud Services:
Evaluate the actual level of process automation within the business being serviced.
- Identify the opportunities (from an IT and process perspective) within the existing operating model to virtualizes services.
- Analyze level of automation of processes and identification of potential by using the Cloud for virtualized processes.
- Introduce those selected services into the Cloud and define how to integrate the Cloud services into the existing IT/Process Environment.
Within Cloud Computing, a variety of technically innovative solutions are combined and can deliver the potential for an innovative business approach leading to cost reduction, cost structure improvement, variability of cost, flexibility of services and ultimately entire new business models.
Security, Legal and Regulatory Aspects of Cloud Computing
Within the Cloud, users expect to find an identical security framework as generally available in traditional IT environments. Items such as controlled access, data security and data protection need to be ensured and not assumed.
The following points are considered when it comes to Security under Cloud Computing :
- Between the supplier and the user, SLAs need to be defined to ensure transparency of services supplied, especially in the case of outages.
- In principle, Cloud Computing, as a new form of sourcing, does not lead to new challenges on a legal and regulatory basis.
- The importance of reviewing the security and the legal & regulatory aspects increases significantly when Public Clouds are being used.
- It is up to the providers to set-up the necessary frameworks that guarantee the user a secure processing environment adhering to the legal standards, rules and regulations within the country the user is registered in.
- Prior to using Cloud Services, organizations should obtain a clear and transparent overview from the supplier which services are performed under which conditions.
- The definition of clear, agreed upon SLAs and KPIs covering availability, quality of service and adherence to data security and legal/regulatory requirements is essential.
- Once the overall structure of the services is defined, details should be documented in a contract defining duration of the services, payment cycles and clauses for termination and liability in case of non-delivery.
- Additionally, organizations should include what needs to be done when services are taken out of the Cloud or obtained from a different supplier.
All major providers offer services in the Cloud, which can bring enormous advantages to large, small and midsized companies when properly implemented and used. A clear understanding of the different types of Cloud Services and their advantages, disadvantages and related risks need to be evaluated prior to making a decision on how to use the Cloud.
There are challenges in implementing Cloud services, which are similar to those inherent in IT sourcing engagements and can be successfully dealt with when addressed in a structured way.
The recommendations outlined in this post should serve as a starting point to effectively address a number of challenges under industries which enables to evaluate to which extent the available cloud services can be used in an optimal and secure manner.