Cloud computing represents a major shift in information technology architecture, sourcing, and services delivery for a given IT organization.
There are three kinds of cloud –
Vendor cloud (External): Cloud computing services from vendors that can be accessed across the Internet or a private network, using systems in one or more data centres, shared among multiple customers, with varying degrees of data privacy control. Sometimes called “public” cloud computing.
Vendor cloud (External): Cloud computing services from vendors that can be accessed across the Internet or a private network, using systems in one or more data centres, shared among multiple customers, with varying degrees of data privacy control. Sometimes called “public” cloud computing.
Private cloud (Internal): Computing architectures modeled after vendor clouds, yet built, managed, and used internally by an enterprise; uses a shared services model with variable usage of a common pool of virtualized computing resources. Data is controlled within the enterprise.
Hybrid cloud: A mix of vendor cloud services, internal cloud computing architectures, and classic IT infrastructure, forming a hybrid model that uses the best-of-breed technologies to meet specific needs.
SME/MME Sector
Many IT applications and services can be structured and accessed as needed through virtualized architectures, either internally or through service providers. Since there is a possibility to procure the IT services/applications from a third party service provides, Indian SME/MME companies can now avail these.
Many IT applications and services can be structured and accessed as needed through virtualized architectures, either internally or through service providers. Since there is a possibility to procure the IT services/applications from a third party service provides, Indian SME/MME companies can now avail these.
Hitherto, these enterprise class IT capabilities were only available to large-cap companies as the upfront capital expenditure was not practicable for most of the Indian SME/MMEs. Vendor clouds can now act as a game changer.
Quick startup time; no capital investment required.
In managing in-house applications, enterprise needs to procure license and shell out cash to the implementation providers or maintain enough in-house IT specialists; thus, this constitutes a large part of capital expenditure (CAPEX).
However, in cloud computing, this becomes a recurring monthly license fee and not an upfront investment – thus it becomes a part of OPEX.
Allows outsourcing of noncore functions to a service provider; yet some enterprises may not be ready to turn over control of technical architecture.
Leverage highly scalable vendor infrastructure.
Gain access to best practices which might otherwise be costly to manage in-house.
Lower initial fees, variable costs, billed by usage; however, beware of vendor lock-in.
Vendor can provide best-in-class infrastructure and technology since they obtain economies of scale.
The Cloud and Security Concerns
The most common issue perceived by customers while adopting SaaS is the security/confidentiality of their data as the data resides outside their direct control.
The most common issue perceived by customers while adopting SaaS is the security/confidentiality of their data as the data resides outside their direct control.
Even SalesForce.com has been hit by high-impact data security issues with clients. These concerns are even more applicable in an Indian context, especially with financial/accounting data.
Some high-profile data security breach has been seen in the recent past, including leak/misuse of financial information of a large British bank and Citibank from some of the leading BPO companies of the country.
Possible solutions may be:
Enterprises must carefully manage trust, authentication, and authorization to applications and data in the cloud, especially with "cloud to cloud" and "hybrid cloud" inter – application authorizations
Enterprises must carefully manage trust, authentication, and authorization to applications and data in the cloud, especially with "cloud to cloud" and "hybrid cloud" inter – application authorizations
Enterprises that manage sensitive information, such as social security numbers, credit card numbers, and patient health information must implement protection measures and policies when using the cloud.
Financial institutions must protect consumers from fraud and identity theft.
Loss of confidential information can result in compliance infractions, lawsuits from customer and/or patients, potential identity theft, and significant harm to an organization’s credibility and reputation.
Compliance standards assurance will be needed: SAS70, ISO27001, SysTrust.
Enterprises need incident and breach response policies for cloud computing.
Records management and eDiscovery implications must be considered.
Portfolio Management and Data Governance requirements.
Looking at the above, it might be a good idea to put certain applications/data stores on the cloud and manage the rest in-house.
Types of information that must be closely managed when using vendor cloud service providers include:
Personal information
Patent or trade secret
Customer information
Corporate information
Medical information
Financial information
Other sensitive information
Personal information
Patent or trade secret
Customer information
Corporate information
Medical information
Financial information
Other sensitive information
No matter what the technology, enterprises need to adequately protect data throughout its life cycle in the enterprise and into the cloud.
1 comment:
really nice man... do post more...
Post a Comment