Cloud Computing; What is it, How long has it been here, and Where is it going?

Similar documents
IS PRIVATE CLOUD A UNICORN?

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station

OWASP Chapter Meeting June Presented by: Brayton Rider, SecureState Chief Architect


Cloud definitions you've been pretending to understand. Jack Daniel, Reluctant CISSP, MVP Community Development Manager, Astaro

See Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.

Technology & Business Overview of Cloud Computing

Cloud Computing. Course: Designing and Implementing Service Oriented Business Processes

White Paper on CLOUD COMPUTING

Managing Cloud Computing Risk

Cloud Computing Technology

Cloud for Credit Unions Leveraging New Solutions to Increase Efficiency & Reduce Costs Presented by: Hugh Smallwood, Chief Technology Officer

Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit

Cloud Computing. Bringing the Cloud into Focus

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Where in the Cloud are You? Session Thursday, March 5, 2015: 1:45 PM-2:45 PM Virginia (Sheraton Seattle)

The NIST Definition of Cloud Computing (Draft)

Cloud Computing for SCADA

CHOOSING THE RIGHT CLOUD COMPUTING SOLUTION FOR YOU

East African Information Conference th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

Kent State University s Cloud Strategy

Validation of a Cloud-Based ERP system, in practice. Regulatory Affairs Conference Raleigh. 8Th September 2014

CHAPTER 8 CLOUD COMPUTING

ITL BULLETIN FOR JUNE 2012 CLOUD COMPUTING: A REVIEW OF FEATURES, BENEFITS, AND RISKS, AND RECOMMENDATIONS FOR SECURE, EFFICIENT IMPLEMENTATIONS

Cloud Computing. What is Cloud Computing?

Cloud Computing in the Federal Sector: What is it, what to worry about, and what to negotiate.

Security Issues in Cloud Computing

Essential Characteristics of Cloud Computing: On-Demand Self-Service Rapid Elasticity Location Independence Resource Pooling Measured Service

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

Outline. What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages

Cloud Services Overview

Cloud Computing in Higher Education: A Guide to Evaluation and Adoption

Cloud Computing Submitted By : Fahim Ilyas ( ) Submitted To : Martin Johnson Submitted On: 31 st May, 2009

The NIST Definition of Cloud Computing

A COALFIRE PERSPECTIVE. Moving to the Cloud. NCHELP Spring Convention Panel May 2012

Cloud Computing in a Regulated Environment

Incident Handling in the Cloud and Audit s Role

Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD

What is Cloud Computing? First, a little history. Demystifying Cloud Computing. Mainframe Era ( ) Workstation Era ( ) Xerox Star 1981!

4/28/2014. What's the Scoop on Cloud Computing. Agenda. Why you are here?

CLOUD COMPUTING DEMYSTIFIED

Cloud Computing Overview

Why Private Cloud? Nenad BUNCIC VPSI 29-JUNE-2015 EPFL, SI-EXHEB

How To Understand Cloud Computing

Bringing the Cloud into Focus. A Whitepaper by CMIT Solutions and Cadence Management Advisors

Topics. Images courtesy of Majd F. Sakr or from Wikipedia unless otherwise noted.

The Cloud Opportunity: Italian Market 01/10/2010

Clinical Trials in the Cloud: A New Paradigm?

Electronic Records Storage Options and Overview

How cloud computing can transform your business landscape

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab

Flying into the Cloud: Do You Need a Navigator? Services. Colin R. Chasler Vice President Solutions Architecture Dell Services Federal Government

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

Private Cloud 201 How to Build a Private Cloud

INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS

What Is The Cloud And How Can Your Agency Use It. Tom Konop Mark Piontek Cathleen Christensen

CLOUD COMPUTING OVERVIEW

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

A.Prof. Dr. Markus Hagenbuchner CSCI319 A Brief Introduction to Cloud Computing. CSCI319 Page: 1

Federal Cloud Computing Initiative Overview

Security & Trust in the Cloud

Cloud Computing An Elephant In The Dark

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Orchestrating the New Paradigm Cloud Assurance

SCADA Cloud Computing

6 Cloud computing overview

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled

Enhancing Operational Capacities and Capabilities through Cloud Technologies

CSO Cloud Computing Study. January 2012

Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1

All can damage or destroy your company s computers along with the data and applications you rely on to run your business.

Cloud Courses Description

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Commercial Software Licensing

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University

A Hotel in the Cloud. Bruno Albietz

OVERVIEW Cloud Deployment Services

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.

Everything You Need To Know About Cloud Computing

SURVEY OF ADAPTING CLOUD COMPUTING IN HEALTHCARE

Lecture 02a Cloud Computing I

Cloud Computing. Cloud computing:

Transcription:

Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013

Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where is it going? 2

A catch phrase that describes outsourcing, used by marketing folks around the world. 3

Where did the Cloud come from? The Internet 4

Definitions of Cloud Computing Term used to describe any service available on the Internet. More specifically, cloud computing refers to a hosting environment that leverages pooled computing resources by way of virtualization. The practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server. (Google) General term for anything that involves delivering hosted services over the Internet. In its simplest form, cloud computing is performing computing tasks via a network connection while remaining isolated from the complex computing hardware and networking infrastructure that supports it. 5

Definitions of Cloud Computing (continued) Updated version of utility computing: Virtual servers available over the Internet. Anything consumed outside the firewall, including conventional outsourcing. Computing used as a service rather than a product. Internet-based model for groups to become more efficient through sharing. (BusinessInsider.com) The Management and provision of applications, information, and data as a service. (Independent.co.uk) The delivery of computing and storage capacity as a service. (Wikipedia) 6

NIST Definition As defined by the National Institute of Standards and Technology (NIST) cloud computing is: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. 7

Essential Characteristics of the Cloud The NIST cloud model is composed of five essential characteristics, three service models, and four deployment models. Characteristics 1. On-demand self-service 2. Broad network access 3. Resource pooling 4. Rapid elasticity 5. Measured service Deployment Models 1. Private cloud 2. Community cloud 3. Public cloud 4. Hybrid cloud Service Models 1. Software as a Service (SaaS) 2. Platform as a Service (PaaS) 3. Infrastructure as a Service (IaaS) 8

Cloud Service Models SaaS (Software as a Service) Running an Application through the Internet User of a provider s application running on a cloud infrastructure. Applications are accessible from various client devices such as web browsers. Examples include web-based e-mail and Internet-based payroll applications. Formally known as Application Service Providers. IaaS (Infrastructure as a Service) Getting IT Operations through an outside third party through the Internet Provides capability to provision servers, disk space and network devices rapidly when needed and scale back when not needed. Customer can load applications and other software devices needed on infrastructure. Cloud IaaS provider is just supplying hardware and related services. Examples include Amazon web services and Perimeter Technologies. PaaS (Platform as a Service) The Developer s Cloud / Develop and deploy applications you created or acquired using the PaaS provider s development tools Designed for developing use. Examples include Google App Engine, Salesforce.com, and Force.com. 9

Essential Characteristics of the Cloud On-demand self-service Customer can use the service at anytime, however they wish. Broad network access Service is network based, and accessible from anywhere, from any standardized platform. Resource pooling Computing resources in the cloud are shared. This means numerous clients may be using the same set of resources at the same time. Rapid elasticity Customer of a service can activate more resources on the fly. Measured service CSP (Cloud Service Provider) acts like an electric utility measuring the amount of service provided and reacting accordingly. 10

Cloud Deployment Models Deployment Method Description Private Cloud Operated solely for an enterprise May be managed by the enterprise or a third party May exist on or off premise Public Cloud Community Cloud Hybrid Cloud Made available to the general public or a large industry group Owned by an organization selling cloud services Shared by several enterprises Supports a specific community that has a shared mission or interest May be managed by the enterprises or a third party May reside on or off premise A composition of two or more clouds (private, community or public)that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds) 11

Why the Rush to the Cloud? Small & Medium Business need to establish resources to maintain an IT infrastructure that meets their business needs; these resources include money, time and expertise. Save on up-front costs with no Capital Expenditure. They are also able to substantially reduce the cost needed to maintain and upgrade hardware. Reduce the costs needed to maintain and upgrade hardware. No need to install software, upgrade hardware or maintain file servers and networks. Rent what you want as you want. No need for in-house Computer Technicians every time a computer or the network fails. Outsource Enterprise level virus and intrusion protection, well beyond the capabilities of any small business. Outsource data loss or failed backups concerns. Scalable so you can grow and contract your IT as the business needs. 12

Why the Rush to the Cloud? Optimizing Server Usage Cost Savings Smaller Data Centers Outsourcing Non-core Competencies 13

Old Clouds vs. New Clouds Old Cloud Companies New Cloud Companies 14

All this is great however, I am an auditor. How does the Cloud affect me? 15

Cloud Statistics More than 8 in 10 companies currently use some form of cloud solution. By 2014, 1/3 of small businesses will use some form of IaaS. By 2015, spending on cloud services will be approximately 46% of all new IT spending. 16

Risks of Going Into the Cloud Where is my data? Who can see my data? Is my data backed up properly? Can I switch providers easily? 17

Cloud Concerns Data Location Co-mingled Data / multitenancy Cloud security policy/procedure transparency Cloud data ownership Lock-in with CSP s proprietary API s CSP business viability Record protection for forensics audits Penetration Detection Screening of other Cloud Computing clients Compliance Requirements Public cloud server owners due diligence Data erasure for current SaaS or PaaS applications Disaster Recovery Identity and access management 18

Before Putting Data on Cloud Understand the public cloud computing environment offered by the cloud provider. Ensure that a cloud computing solution satisfies security and privacy requirements around your data. Ensure that the client-side computing environment meets organizational security and privacy requirements for cloud computing. Maintain accountability over the privacy and security of data and applications implemented and deployed in public cloud computing environments. Ask for a SSAE 16 from the Cloud Provider. Read the Contract!!! 19

Questions To Ask a Cloud Provider What will it take to migrate your systems and data back in house or to another Service Provider? How does the provider ensure that legal actions taken against other tenants will not affect access to your data? What will happen to your applications and data if the provider goes out of business? How can the provider ensure they won t become the property of creditors? What visibility will the provider offer your organization into security processes and events affecting your data? What notice will the provider offer when it changes its data center locations or security practices? 20

So.. Where is All This Going? Adaption of cloud technology and concepts will increase, but pace will be slow to noticeably impact back office business functions. Concepts around IT as a Service will continue to grow. Measured Services concept will have big impact. Ideas and changes around data storage will be most impacted first. The Cloud will begin to fade and..as a Service concepts will be increased in vernacular. Applications on tablets and smartphones are already in development or are being used that incorporate or work with back-office applications. Most of us are already in the clouds and don t know it! 21

Questions? David Losacco david.losacco@stinnett-associates.com 918.728.3300 22

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information