- Up to 65% reduction in operating costs
- Up to 3x fewer administrators to run the solution
- Up to 70% faster provisioning time for new servers
What are the different types of Cloud Environments?
A public cloud is a publicly shared managed data center with limited visibility and control to the consumer. One of the most popular is the Amazon EC2 offering. Other large public cloud vendors include IBM, EMC, HP, Microsoft, Apple, and Rackspace. The public cloud model is typically a “pay as you go” service where an organization can pay by the usage hour or desired timeframe and virtual servers reside on physical hardware in one or more locations. The physically-shared, public nature of this model is a deterrent to many organizations that are concerned with information security risks. Therefore, we generally recommend that customers with small IT budgets or those with non-sensitive data storage and non mission-critical processing needs use this model, as it can be extremely cost effective and rapid to deploy.
A private cloud is an infrastructure that is solely controlled and managed by a single organization using in-house IT staff. New hardware and software must still be purchased or existing assets reused and repurposed. Once the infrastructure assets are established, the same virtualization benefits apply as with a public cloud, however there is no physical sharing of servers with external organizations. Hence the term “private” that removes the major information risk deterrent. A private cloud enables an organization to manage policy-based resources, define chargeback models to internal customers, and capacity plan with total control over the environment. These are expensive infrastructures and offered as an on-premise or off-premise model. Many hardware vendors such as Oracle and IBM now offer “cloud-in-a-box” appliances that address the physical server portion of this model. Additionally, vendors like Terremark (Verizon) offer hosted, private-cloud facilities. This model is recommended for organizations that are looking for a cloud-based solution where they have total control over the environment and information security and mission-critical processing is a large concern.
A hybrid cloud is an architecture that involves the federation between both a private cloud and public cloud and allows interoperability between both environments. Customers that use this model do not want the large investment of a complete private cloud solution. Instead they use a private cloud to host sensitive information such as Personally Identifiable Information (PII) and to host their collaboration tools, email, training materials, and development environments on a more cost-effective public cloud.
Community clouds are a form of private cloud shared within a single organization where multiple groups have similar requirements and their goal is to work together in achieving their business goals. The community-based model is not widely used, as it requires multiple groups to invest while demanding a strong governance model to ensure there are no conflicts between the consumer groups. Generally, this model is for groups that are working on joint projects, applications, or research where the common goal is the same.
What layers make up the cloud?
As organizations embark on making a decision to move to the cloud, they need to understand the major components that make up this type of offering. The cloud is a service-based model made up of three core layers: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
First, IaaS is the foundation layer of the architecture that encompasses the networking, compute power, and block storage areas. Second, PaaS is the guts of the cloud architecture where the database, runtime, object storage, identity management, and queuing reside. Third, SaaS is where application components reside and where a user accesses their software applications for collaboration, content management, monitoring, communication, and financial applications over the internet. With the three components in place, this defines a typical cloud-based environment that is accessible through a variety of devices such as servers, desktops, laptops, phones, and tablets.
Security in the cloud environment
One of the biggest concerns for organizations in deciding to move to cloud based architecture is information security risk. A very common phrase heard about moving to a cloud environment is that “it’s not secure enough.” Data and applications on cloud architecture can be secured and protected from unauthorized access. Since the architecture of the cloud is similar to a standard data center environment, once virtualized, the same security defenses apply. For example, back-end privileged users access to application data can be prevented. Implementations should and can still enforce the who, where, when, and how’s of data access. Encryption techniques for application data can still be applied and monitoring and logging access is a standard best practice. In addition, there are mechanisms used to protect the cloud, such as application isolation via firewall-like protection. These standard techniques prevent the use of a compromised administrator account to steal data, control database privileged-user access to application data preventing insider attacks, and monitor database activities for SQL injections. A selected cloud environment should also comply with federal regulations such as FISMA, HIPAA, SOX, or PCI. In addition, a SAS 70, SSAE 16, or equivalent Service Organization Control (SOC) designation should be mandatory when selecting outsourced, hosted cloud providers.
For organizations needing the highest level of security in a cloud based offering there is “Explicit Trust.” Explicit Trust is based on measuring an information-centric view focusing on a positive software reference image that only allows the “known good” to run. In essence, vendors baseline their software code and provide an authentic image. This image is then put into a trust repository within the cloud environment. Tools are used to monitor if there are any changes to the trusted image baseline and to detect any compromises. This trust model is demonstrated through continuous hardware and software measurements compared against trusted reference images, through a trust server. This ensures the hardware and software is operating and deployed as intended. A trust repository provides known-origin measurements of commercially available and open source software. The trust server leverages the trust repository to determine known-origin of references, and any deviations that occur from the reference providing the deepest level of hardware/software security.
The benefits of a cloud-based model
A perpetual challenge for technology executives is the under-utilization of expensive IT infrastructure. Another challenge is the speed with which available computing power and data storage is provisioned for peak period or high-priority processing. A cloud model can significantly improve operating efficiency because virtualization technology enables the logical partitioning of a physical server to run multiple operating systems and applications simultaneously. This immediately saves space and shrinks the IT infrastructure footprint, maximizes server and IT resource utilization rates. With the addition of automation, the organization will benefit from self-service of technology resources such as processing power, memory, servers, and being able to scale up and scale down on demand improving productivity. The automated provisioning of these resources accelerates the procurement process to minutes instead of days, weeks or months. In addition, the reduction in physical hardware and maintenance resources can save a company as much as 65% of their operating budget.
How to get to a cloud-based self-service operations center?
Unissant continuously works on developing roadmaps that can assist organizations from a 20th century data-centric environment to a 21st century cloud- centric environment utilizing key success factors. First, typically an organization standardizes by deciding on strategic vendors, decide on strategic versions of products, and then migrate to these applications. Second, create a shared and consolidated platform, develop clustering and virtualization, standardize pools, and enable multi-tenancy features to support multiple consumers. Third, analyze the application portfolio to determine workloads and shared resources, as well as, establish policies for application service levels. Last, after initial implementation, consider the next step of implementing self-service, metering and chargeback models. As a result, an organization will then possess a comprehensive “Cloud Lifecycle Management” platform to build, deploy, and manage applications.
For a business to frame out an efficient and effective IT service delivery model, it’s important to develop the roadmap and lifecycle adoption process for the cloud solution. Choosing the appropriate cloud model for your environment and migrating to the cloud must be carefully planned. Information security and application availability risks should be carefully considered, along with the resulting changes to internal processes and staff mix.
The benefit will address many aspects of the business including the demand across an organization for storage, compute resources, performance of applications, and remote access. In addition, the ability to virtualize computing resources can increase the organizational efficiency and ensure flexibility to meet the ever-changing demands of future business needs.
At Unissant, we understand the challenges and the complexities involving technology, business, and the value of going to a cloud centric solution. We help our customers realize the benefits and drawbacks of moving to a cloud based environment through continuous dialog and experiences. The cloud is not a place for all organizations. With our experience of implementing environments in the cloud, this enables us to be a trusted advisor to our clients. Unissant uses the latest cloud technologies with many of the major cloud vendors such as Amazon, Oracle, and Microsoft to provide our customers the right type of environment for their business needs.