The Cloud On A Clear Day Neal Juern
Alternate Titles The Cloud So what is it anyway? Why is it so cloudy? How To Keep Your Head Out What are the risks? Is it all just marketing fluff?
What is The Cloud? Definition (Wikipedia): Cloud computing, or the cloud, is a colloquial expression used to describe a variety of different types of computing concepts that involve a large number of computers connected through a real time communication network such as the Internet. Cloud computing is a term without a commonly accepted unequivocal scientific or technical definition. In science, cloud computing is a synonym for distributed computing over a network and means the ability to run a program on many connected computers at the same time. The phrase is also, more commonly used to refer to network based services which appear to be provided by real server hardware, which in fact are served up by virtual hardware, simulated by software running on one or more real machines. Such virtual servers do not physically exist and can therefore be moved around and scaled up (or down) on the fly without affecting the end user arguably, rather like a cloud.
What is The Cloud? Servers Accessed Over the Internet Datacenters of Physical and Virtual Servers I claim there really are almost no companies in the world, just a handful, that are really investing in scaled public cloud infrastructure, said Ballmer. We have something over a million servers in our data center infrastructure. Google is bigger than we are. Amazon is a little bit smaller. You get Yahoo! and Facebook, and then everybody else is 100,000 units probably or less. So the number of companies that really understand the network topology, the data center construction, the server requirements to build this public cloud infrastructure is very, very small. Steve Ballmer July 8 th, 2013
Cloud Applications List of Cloud Services I Use DropBox Evernote Gmail Google Apps Online Banking VoIP Phones (Fonality) Network Management (Meraki) Online Backups (Datto & Ctera) Managed Services Dashboard Screen Sharing / Remote Control Google Music / itunes Pocket Safewallet WriteThatName Kylook Smartsheet Caspio
What has Gone Cloud Examples of Cloud Services Email Office 365 (Outlook.com) / Google Apps Phones VoIP Systems (cloud hosted) File Storage Anywhere Access to Files Backups Offsite Storage / Disaster Recovery Collaboration Google Docs Social Networking Could Not Exist Without the Cloud Software Software as a Service (SaaS) Microsoft Office 365 (Word, Excel, Powerpoint) Adobe Creative Cloud (i.e. Photoshop & Illustrator) Autodesk 360 (AutoCAD 360) Quickbooks (Desktop, Enterprise, Online) Salesforce CRM (Never Existed Separate from the Cloud) Basecamp (Project Management) Note: Some cloud software does not have all the features of their desktop/server counterpart.
Proprietary & Confidential
Proprietary & Confidential
Proprietary & Confidential
What about costs? Old Model Large Capital Expenditure Up Front Cost Hardware / Software / Maintenance Purchased Separately Little to No Monthly Costs Annual Cost for Maintenance Difficult to Budget with Surprise Costs Technology Gets Out of Date Typically Less Cost Over Time New Model No Large Capital Expenditure Hardware / Software / Maintenance Often Packaged Together Monthly Costs Maintenance Included in Monthly Fees Easy to Budget Technology Stays Up to Date Typically Higher Cost Over Time
Why The Cloud Makes Sense Reasons to Use The Cloud Costs Preferred Cost Model Collaboration Geographic Diversity of Users Less IT Management Needed Locally Automatic Software Updates Less Space and Electrical Requirements Easier to Grow or Downsize a Business Applications That Don t Exist For the Premise (i.e. Salesforce) Reasons Not to Use The Cloud Part Way Through a Depreciation Schedule With Existing Technology Specialized Applications with No Cloud Equivalent (i.e. Line of Business Applications) When Specialized IT Maintenance is Needed More Robust Internet Requirements Security and Privacy Issues Potential Legal Issues
What is the risk? Cloud Security Online data breaches have been frequent in recent years with top sites like DropBox, Sony PlayStation, Amazon Cloud, and many more. Real example of a journalist for the website Wired.com who was hacked using social engineering and bad policies in place at cloud services companies, Apple and Amazon. In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iphone, ipad, and MacBook. Mat Honan @mat
Security vs. Convenience Two Opposing Forces How do you provide top level security and ease of use? In the banking world, Security Tokens are one way to dramatically increase security, but that doesn t always equal ease of use. Security Tokens are an example of two factor authentication which is something you have + something you know. This alone can prevent a high percentage of security breaches due to social engineering. Many cloud providers today now offer two factor authentication for your account, including Gmail, Facebook, and Outlook.com.
Security Posture What do I look for in cloud security? 1. Encryption Data in Transit Data in Use Data at Rest 2. Who Holds the Keys? Who has the private keys to unencrypt your data in the cloud? Preferably this will only be you and not the cloud services provider. 3. Regulatory Compliance Does the cloud services provider meet the standards as set by any compliance requirements you operate under? Sarbanes Oxley PCI HIPAA
Backups / Business Continuity Don t Assume Your Data In The Cloud Is Safe 1. Schedule Test Restores of Data Do this on a regularly scheduled interval or there will be a high probably that your data can be lost. 2. Data In The Cloud May Not Be Archived Just because your data is stored in the cloud, doesn t mean that you have historical backups of that data. Most cloud service providers have a limited amount of archival capability. 3. Have a Business Continuity Strategy Best scenario is being able to virtualize your backups locally and in the cloud.
Hybrid Cloud Part Premise Part Cloud Servers from the premise work with servers in the cloud. Well suited for specific types of applications like VoIP Phones and Backups (BDR). Example of a Hybrid Cloud Solution
Questions??
Thank you!