1 Journey to Cloud 9 Navigating a path to secure cloud computing Alastair Broom Solutions Director, Integralis March 2012
2 Navigating a path to secure cloud computing 2 Living on Cloud 9 Cloud computing represents a fundamental shift in the way IT services are delivered. Cloud promises true utility computing where IT services can be dynamically provisioned, scaled according to demand and priced are clear: reduction in capital IT costs, reduced operational management costs, and improved agility. computing models including scalability, reduced infrastructure and operational management costs, increased agility and improved service automation. There are certain security risks associated with cloud computing. Embracing the cloud moves data and computing resources outside the corporate perimeter into a network provided by a third party. Workloads move dynamically based on resource utilization, load and performance requirements, requiring security policies to move with them. Virtualization, a key traditional, physical security devices so that certain customer and the cloud provider. Being able to answer the following questions is fundamental to achieving this trust: How can I securely export and store data in the cloud? How can I manage access to my cloud data? How do I retain digital ownership and control in a virtual environment? How do I maintain compliance? Over 60 % of enterprises, both large and small, plan to evaluate or pilot some type of cloud-enabled offerings within the next 18 months Gartner Hype Cycle for Cloud Computing, 2010 Forrester fully expects to see the emergence of highly secure and trusted cloud services cloud security will grow into a $1.5 billion market and will shift from being an inhibitor to an enabler of cloud services adoption Forrester Research The ability to scale resources up as well as down virtually instantaneously will put an end to the expensive practice of provisioning for peak demand Dr Radu Calinescu, Aston University How do you plan your journey into the cloud? What
3 Navigating a path to secure cloud computing 3 Terminology There are several variations on the cloud theme: Software as a Service (SaaS) party application service provider. Salesforce.com built its business on the SaaS model, but there are a growing number of providers who are beginning to offer applications as a service rather than as a license sale. For example, Microsoft now offers the Oracle On-Demand delivers applications such as Siebel and JD Edwards as a service. This enables organizations to pay for these enterprise applications as an operational expenditure rather than as a capital investment in hardware, operating system and application licenses, storage and data center costs. Platform as a Service (PaaS) platform delivered as a subscription service. It enables companies to develop their own applications using the resources of a third-party cloud provider, thereby reducing the cost of application development and enabling development costs to be more easily Infrastructure as a service (IaaS) IaaS provides a complete IT Infrastructure delivered as a service. Users pay for the computing power consumed over time and the service includes applications, hardware, and storage. IaaS provides a computing model that is relatively easy and cost effective to set up and that can expand across all areas of IT in response to business demands. Private Cloud A private cloud refers to a utility computing model that is either delivered from an organization s own data center or is delivered by a third-party provider using dedicated infrastructure. Public Cloud A cloud service delivered via a third-party service provider using shared resources. The service delivery model is as in SaaS, but may include infrastructure and storage in addition to the application. Hybrid Cloud A computing model that bridges public and private workloads may move from private, corporate data centers to a public cloud provider s network based on requiring unusual computing demands.
4 Navigating a path to secure cloud computing 4 Journey to the Cloud Many corporate networks continue to work around a physical infrastructure. Applications exist on individual, physical servers sitting in one or more data centers. Servers are sized to manage peak load, as is the infrastructure for switching, security and storage. New applications require new hardware, which in turn requires additional rack space, power and cooling. This traditional data center model lacks scalability and rates for enterprise servers are estimated at just data center environment is built to meet a peak load. maximum number of connected users;; maximum expected hits on a web site;; peak bandwidth. Most of the time, the infrastructure is delivering far below peak load, and capacity is sitting idle. physical servers to one virtual server, savings of up with reduced power consumption, and cooling demands. Finally, the cost of maintaining a piece times more costly than the original purchase price, so impact on the total cost of ownership. Cloud Security Checklist: Getting Started Baseline your network. Understand what you have and where, before virtualizing 2. Investigate and audit any existing cloud projects. These may be SaaS deployments, outsourced applications or test and development activities. Identify your cloud IT team and clearly define roles and responsibilities Be rigorous with your requirements definition, don t skip the evaluation stage just because this is a service and not expensive equipment 4. Do a thorough risk assessment Classify your data and determine what can be moved to the cloud and what must remain inside the corporate perimeter Carefully analyse SLAs and determine: