Cloud computing

CLOUD COMPUTING 14

Table of content

Thesis statement

Research Questions

Literature review

  • Cloud characteristics

  • Cloud service models

  • Deployment of cloud services

Benefits of cloud computing

  • Cost effectiveness

  • Security benefits

Vagueness on security issues

  • Security risks

Findings and summary

Conclusion

Recommendation

References

Thesis statement

Thesis statement

Research suggests that migrationto Cloud Computing is more cost-effective than in-house serverhosting because it virtually eliminates infrastructure costs, thereare no software licensing expenses and maintenance expenditures aregreatly reduced.

The recent past has seen cloudcomputing gain massive popularity in the technology domain. Fiveyears ago, Velte and Velte (2010) described cloud computing in itsinfancy stages stating that it would transform in the next decade.Half a decade later, the impact of cloud computing is being feltgreatly. Many IT players including Microsoft, Google, Amazon amongstothers are now offering and developing cloud services. According toIDC firm research 2013, the global revenue from public IT cloudservices exceeded $21.5b in 2010. The sum is expected to reach $72.0bthis year. Evidently, the shift and growth of cloud computing isinevitable and irreversible asserts (McAfee, 2011). It has changedthe use of computers and internet in almost every organization. Thechange relates to information storage and the application use wherebyin cloud computing information is stored in cloud rather than desktopcomputers.

Miller (2009) describes cloud as anebulous assemblage of servers and computers accessed through theinternet. Users can access data, applications, documents and anyother services as long as you are connected to the internet. Cloudcomputing gives users the freedom to surf anytime, anywhere withoutbeing tied to desktop computers. At a time when organizations arelooking to reduce computing costs, many are able to do so byconsolidating IT operations and implementing virtualizationtechnology. The capacity of servers to store and process data isoptimized with this type of technology by hosting the servers ontheir own premises. has made it possible fororganizations to reduce additional costs by improving utilization,reducing infrastructure, eliminating administration costs andcreating faster deployment cycles. According to Boss, Malladi, Quanand Hall (2007), cloud computing provides virtualization, highavailability and dynamic resource pools.

This research paper will use thequalitative method of study to examine the essential benefits ofcloud computing over in house server hosts exploring its costeffectiveness, decreased software licensing expenses and the reducedmaintenance expenditures.

Research questions

  • To investigate the benefits of cloud computing over in-house servers

  • To explore any vagueness on cloud computing in organizations

Literature review

No universal term gives a completedefinition on the nature of cloud computing but a variety ofdefinitions has been developed with time to explain this interestingphenomenon. The US National Institute of standards and technologydefined cloud computing as a model of enabling ubiquitous, convenientnetwork access to a shared pool of configured computing resourcessuch as servers, network, services and applications that can berapidly released with minimal effort management or service providerinteraction and data storage (Mell and Grance, 2011). The term cloudcomputing describes a type of application and platform where user andorganizational data storage occurs in a physical or virtual machine.The provided servers are configured and reconfigured by the cloudcomputing platform while cloud applications are stored in large datacenters on powerful servers hosting web applications and services.Through cloud computing, organizations are able to use hardware andsoftware investments efficiently by overcoming the physical barriersof isolated systems and automated management of groups as a singleunit. The technology is a virtual system that constitutes theevolution of data centres naturally asserts Boss at al. (2007).

Cloud characteristics

has severaldistinctive features, deployment and delivery models. Thosecharacteristics and models are imperative to understanding the cloudconcept and its organization for service delivery. According to cloudsecurity (2009), cloud computing appeals to consumers due tocharacteristics such as

  • broad network access

  • Resource pooling,

  • on demand self service,

  • rapid elasticity and

  • measured service

Broad network access also referredto as omni-channel access refers to its capabilities andaccessibility over standard mechanisms that promote heterogenousclient platforms such as mobile devices, laptops, home appliancesamongst others. It can be accessed anywhere significantly enhancingmobility to consumers. Consumers can get server time and networkstorage applications automatically without interacting with theservice provider making it very convenient. When it offers computingresources like storage, processing, network bandwidth, memory,virtual machines all pooled together to serve multiple consumers itbrings resource pooling to serve multiple consumers. Using a multi-tenant model, cloud computing pools a provider’s computingresources to serve many consumers.

offers on demandself services through meeting the needs of consumers such as networkstorage, server time and applications, which can be accessedautomatically without human interaction. Its rapid elasticity isevident through dynamically providing computing resources such asstorage and virtual machines. The rapid elasticity allowscloud-computing providers to scale computing resources quickly. Cloudservices are also measured in a sense that cloud systems optimize,monitor, control and report automatically asserts Cloud securityalliance (2009).

Cloud Service models

It has four main deployment modelspublic, private community and hybrid. The four models differ in termsof cloud infrastructure, location and how or by whom they aremanaged/owned. That implies a different users control over the dataand its security. The cloud infrastructure that is available to thegeneral public and owned by the organization that sells cloudservices is public cloud. Is the most appropriate model for caseswhere high levels of data confidentiality are not required as an openmodel. The opposite of public model is private model which is themost closed model. Its infrastructure exists on premises or offpremises used by a single organization and managed by theorganization.

Communitycloud is offered to organizations that are willing to share concernssuch as policy, compliance considerations, missions and securityrequirements. Hybrid cloud, is composed of two or moreinfrastructures such as public and private or private and communityas long as they are linked to standardized technology that allowsdata application portability asserts CSI, (2009).It enablesorganizations to combine ad use the best from previous models.

Deployment of cloud services

Software (Saas), Platform (Paas)and infrastructure as a service (Iaas) are the three delivery modelsof cloud computing. They differ in levels of consumer control,security and cloud resources. Depending on the delivery model chosen,Saas allows consumers to use applications running on the provider’scloud infrastructure only. That means that it is impossible tocontrol and manage the underlying cloud infrastructure such asstorage, servers, network and operating systems. It also concernsindividual application capabilities with a possible exception oflimited user specific application configuration settings (CSI, 2009).

The level of integrated security isrelatively high and the provider responsible for security. Theconsumer gets the least control over security. With Paas, thecustomer can deploy cloud infrastructure and manage underlying cloudinfrastructure. Integrated security declines as compared to Saasgiving the consumer an option to add security. In Iaas, the greatestcontrol over cloud resources and security are given to a consumer.They can control main computing resources and deployed applications.It is also the model with the least integrated security capabilitiesof the three making the consumer fully responsible for security, dataand operational systems.

Benefitsof cloud computing over in house servers

Cost effectiveness

The above characteristics of cloudcomputing illustrate why organizations utilize it. It is argued thatthe main attraction to cloud computing is cost effectiveness, reducedmaintenance expenses and no licensing expenses as compared to othershosts making it largely sought after by organizations. Numerousorganizations prefer cloud computing due to its cost benefits whichenable them to reduce their hardware costs. According to Miller(2009), when using cloud services, high powered and high pricedcomputers are no longer needed for a processing power and storagespace. Running cloud applications requires computers with less memoryand smaller hard discs because there is no installation software.This significantly reduces the costs and makes it possible topurchase lower priced computers. reduces highinvestments that organizations would have had to go through for ITinfrastructure. Larger organizations are especially concerned as theydon’t have to spend huge sums of money on powerful servers and ITdepartments with cloud computing. The organizations don’t have todeal with the peaks and non peak times, in computing power demandsthrough purchasing new equipment like cloud servers that can handlepeak computing.

Software costs are significantlyreduced by cloud computing. According to Miller (2009), organizationsdo not have to buy separate software packages for each computer asthe employees can access a particular application. This means thatthe installation and maintenance cost is also saved. Less computersand servers mean lower maintenance costs. Paying for a softwareupgrade becomes another forgotten expense as the providerautomatically upgrades all applications in the cloud.

From the customer’s perspective,cloud computing is seen as a means of increasing organizationalproductivity and effectiveness leading to increased income.Increasing cloud computing power enforces productivity in theorganization as they are no longer limited to a single desktop butcan utilize the power of thousands of computers and servers.Efficiency is also enhanced. The administrative costs aresignificantly reduced by cloud computing to offload three kinds ofadministration asserts Rosenthal et al. (2009). To start with itoffloads the responsible administration for system infrastructuresuch as hardware/software maintenance, adding new machines and spareparts. Secondly after the backup policy is specified, the providerexecutes it and thirdly after it is installed the application becomesavailable to all authorized users. Cost savings from softwarelicenses are a great relief for organizations with cloud computing.

Security benefits

Apart from the security risks,cloud computing has benefits that must be examined such as datasafety. Research carried out and opinions collected from surveysrevealed that customers feel that data is more secure in the cloud.They were grateful that the cloud had reduced their financial andrisk management efforts regarding security. For another interviewee,the clouds are more secure than in house data servers. Moreover,cloud computing provides easier security control to customers. Theyfind it more convenient to direct their security efforts to onelocation enhancing security capabilities. The main security benefitsare improved hardware and soft ware maintenance as cloud providershave the ability to develop software that is more sophisticated. Nothaving to care about security maintenance is a great advantage forcustomers. Better security, data safety, back up to protect data andreduced costs make clouds very attractive for customers as comparedto in house servers.

Vaguenesson cloud computing in organizations

Security risks

Despite its popularity, manyorganizations lack a broader understanding of implementing andutilizing cloud computing for operational or business purposesfollowing existing vagueness issues like security effects. Securityrisks of cloud computing are classified as dangers that organizationsshould address as they migrate. Pearson (2012) argues that securityis the greatest concern for organizations migrating to cloud. Thesecurity challenges are associated with the abstraction ofinfrastructure resulting to lack of capability and visibility tointegrate many familiar security controls at the network layer (CSI,2009). The challenges also arise from the ambiguity regarding partiesresponsible for cloud APIs yet to be standardized. Security risksdiffer according to deployment and delivery models that organizationsemploy.

The security risks that cloudcomputing presents to organizations are related to confidentialityand data privacy. Having a sense of preservation and protection ofthe processed data how it is stored and transferred while using cloudapplications is therefore crucial. According to Dimitrov and Osman(2012), security risks regarding data security include losing data,data being collected and used by other parties as a result ofinadequate data handling and protection by cloud providers. Anotherrisk is related to service level agreement between the provider andorganization or customer. A greater challenge is the lack ofagreement and no clauses to ensure security levels.

The cloud environment necessitatesan inappropriate level of data access and control (Pearson, 2009). Asa result, a risk of unwanted access to confidential information bythird or unauthorized parties resulting to compromised and stolendata. The unauthorized parties may be anyone from the internal staff,data thieves, hackers, attackers, the government or customers of thesame cloud service. Customers may do so due to inadequate isolationof different customer data. The multi tenancy feature of the cloudwhere one software application serves many customer organizationincreases the risk of customers stealing data from otherorganizations.

If software mechanisms fails toseparate data virtually a tenant can access and steal or compromisethe data of other tenants. Another channel through which data can becompromised is the management interface applying mostly to publicclouds where management interface is remotely accessed through a webbrowser. A remote access vulnerability endangers the customer’sdata.

Inadequate deletion of customerdata remains a great risk of cloud computing. Customers want to besure that the data is erased from their systems and unrecoverable.Lack of evidence for that and urging customers to put trust in theirproviders is not enough proof of deletion of customer data. Withmultiple back up of data on different servers the deletion processbecomes more complex and difficult as some back up may be held up insome different entities. The backup data poses as a threat tocustomers. It can be retrieved, hacked, by attackers or compromisedin an unrecoverable manner. The process is more complex as theprovider may risk deleting other customers data thus need to be verycareful.

Findings and summary

Interesting findings werediscovered from the study regarding cloud computing. The table belowwill present empirical findings and opinions obtained from interviewscarried out on IT professionals and cloud customers.

Benefitsof cloud computing over in house servers

Cost effectiveness

Interviewee

Opinion

A

The reduction of costs drives many organizations to cloud computing. With so many expenses, we need a cost effective system that can be shared and easily maintained

B

Companies and organizations can rely on powerful servers to do their calculations leading to cost savings. Investments for a private cloud are justified to large companies

C

Cloud computing is a good option for flexible cost model allowing us to pay only for the time and scale we have used.

D

Reduced operational, administrative and maintenance costs decreasing the financial commitments

E

Cloud computing is seen as a means of increasing organizational productivity and effectiveness leading to increased income.

(Dimitrov and Osman, 2012)

Security benefits

Interviewee

Opinion

A

There is no other place that my companies data can be stored that safely

B

The financial and risk management costs are both cut down incredibly

C

Easier security control, security centralization, less security maintenance costs

D

Several back up for data recovery and retrieval

(Dimitrov and Osman, 2012)

  • Vagueness on cloud computing in organizations

Security risks

Interviewee

Opinion

A

Cloud computing is great but security risks are the greatest concern for us

B

The main problem is trust issues between providers and customers

C

Risks like exposure, deletion, compromising of business data

D

The backup system of cloud makes retrieval of stored data by other parties possible

E

Risk of unauthorized access to sensitive data by unknown users

Conclusion

The thesis of this paper examinesthe benefits of cloud computing in terms of cost effectiveness,reduced maintenance expenses and no licensing expenses. Past researchstudies have stated that the main attractiveness of cloud computingis reduced costs. Through this study as well, it is evident thatmigration to Cloud Computing is more cost-effective than in-houseserver hosting. Examining the security benefits and risks were alsocrucial to have a well rounded research paper that informs the prosand cons. Security benefits are mentioned as reduced financial andrisk management efforts. In their study Dimitrov and Osman (2012),the security benefits include security centralization, increasedsafety of data, lower financial commitments, improved softwaremechanisms and less security maintenance and support. Despite itsnumerous benefits, clouds security risks remain outstanding in makingit a great challenge to organizations and consumers who want toinvest in clouds. There is vagueness on the security concerns withcustomers feeling that clouds only offer trust for security but novalid proof that their data is safe. Other risks like data lose anddata breach remain critical for many organizations that feel they arerisking exposure to unknown or unauthorized parties. They alsosuggested that there is a need for establishing internationalregulatory frameworks and standards on supranational levels asessential for creating secure cloud computing environment.

Recommendation

can be thegreatest invention in technology if the security challenges are dealtwith. Security risks can be avoided through developing morerestrictive access to network systems to reduce data breach or dataloss. Organizations can support cloud security efforts throughpurchasing the appropriate clouds. For large organizations, forexample, the private cloud can be used while medium and smallorganizations use the hybrid cloud.

References

Boss, G., Malladi, P., Quan, D., Legregni, L. &amp Hall, H. (2007).Cloud Computing. IBM Corporation.

Cloud Security Alliance. (2009). Security Guidance for CriticalAreas of Focus in Cloud Computing. Fromhttps://cloudsecurityalliance.org/csaguide.pdf

Dimitrov, M. and Osman, I. (2012). The impact of cloud computingon organizations in regard to cost and security, Department ofInformatics IT, retrieved fromhttp://www.diva- portal.org/smash/get/diva2:728880/FULLTEXT02

IDC. (2013). IDC Cloud Research. Fromhttp://www.idc.com/prodserv/idc_cloud.jsp

McAfee, A. (2011). What Every CEO Needs to Know About the Cloud.Harvard Business Review.

Mell, P., &amp Grance, T. (2011). The NIST definition of cloudcomputing. National Institute of Standards and Technology, U.S.Department of Commerce. (Special Publication 800- 26 145).http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

Miller, M. (2009). Cloud Computing: Web-Based Applications ThatChange the Way You Work and Collaborate Online. Que Publishing.

Pearson, S. (2012). Privacy, Security and Trust in CloudComputing. Springer.

Rosenthal, A., Mork, P., Li, M., Stanford, J., Koester, D., Reynolds,P. (2009). : A new business paradigm for biomedicalinformation sharing. Journal of Biomedical Informatics.http://www.sciencedirect.com/science/article/pii/S1532046409001154

Velte, A. T., Velte, T, J. &amp Elsenpeter, R. (2010). CloudComputing: A Practical Approach. McGraw-Hill.