Академический Документы
Профессиональный Документы
Культура Документы
Table of Contents
Introduction .............................................................................................................................................. 3 What is Cloud Computing? ................................................................................................................... 4 Software as a Service (SaaS) ................................................................................................................................ 4 Utility Computing ..................................................................................................................................................... 5 Web Services in the Cloud..................................................................................................................................... 5 Platform as a Service ............................................................................................................................................... 5 Managed Service Providers (MSP) .................................................................................................................... 5 Service Commerce Platforms............................................................................................................................... 5 Business Applications of Cloud Computing ................................................................................... 6 Opportunities for Business ................................................................................................................................... 7 Changes in the Business Climate ........................................................................................................................ 7 Obstacles and Opportunities of Cloud Computing ...................................................................... 8 Business Continuity and Service Availability................................................................................................ 9 Data Lock-In............................................................................................................................................................. 10 Data Transfer Bottlenecks ................................................................................................................................. 11 Bugs in Large-Scale Distributed Systems .................................................................................................... 11 Data Confidentiality/Security .......................................................................................................................... 11 Software Licensing ................................................................................................................................................ 13 Reputation Fate Sharing ..................................................................................................................................... 13 Other obstacles to consider ............................................................................................................................... 14 Conclusion............................................................................................................................................... 15 References .............................................................................................................................................. 16
Introduction
The competitive nature of todays global business environment demands resourcefulness and innovation in all areas of business. At the forefront of modern corporate strategy is the notion of leading with Information Technology (I.T.). By its own merits, I.T. is not a replacement for strategy. However, when combined with effective processes and competent decision-making, it is possible to gain a substantial competitive advantage. Everyone in I.T. knows their industry is one of continuous change; it is simply a fact of life. In order to stay competitive, all I.T. professionals must keep their education current and constantly infuse their skill sets with new techniques to accommodate fresh technologies. As a result, the entire industry is hardwired to be skeptical of game-changers. The typical response is to learn the new technology, implement it, and move on with life. However, once in a long while, a groundbreaking technology arrives to alter the face of business and information technology beyond recognition. Today, that technology is cloud computing. Most everyone has heard of cloud computing; most are even utilizing cloud based applications, but few actually know what it means or how it works. While cloud computing has become a diverse strategic direction for the future of web-based computing, it is important to truly understand the technology for corporate preparedness. Cloud computing has become the catalyst for technological outsourcing and will have an impact on all industries from healthcare to education to business services. The broad reach of cloud computing is evident, but long-term cost benefits and business applications have yet to be realized. Regardless, being able to access I.T. resources on demand, similar to a utility, is likely to drive costs down. The companies that can embrace this technology stand to gain on their competitors. However, there are concerns and risks in any technology, and it is crucial to be prudent when choosing a provider and transitioning to cloud computing. In order to help facilitate a better understanding of cloud computing, the following paper discusses what cloud computing is, how it can be applied to business, and some of the obstacles and opportunities
that must be taken into consideration when a business is considering implementing cloud-based technology.
not able to change the software. This type of service allows companies to eliminate the investment in infrastructure and begin utilizing the services with little to no upfront cost. Great examples of this are Google Apps and SalesForce.com. Utility Computing This type of cloud computing allows individuals and businesses to get access to virtual servers, storage, or resources on demand. The scale of this use could be as small as a few gigabits of disk space to entire datacenters in the cloud. Companies such as Amazon and IBM offer these types of resources. Companies like SpotCloud provide a means for companies with excess resources to sell these resources through the cloud to other customers who could use them. Web Services in the Cloud Although very similar to SaaS, Web service providers offer APIs that enable developers to exploit functionality over the Internet, rather than delivering full-blown applications, (Knorr, 2011). These services are constrained by the limitations that the vendors place on their APIs. Platform as a Service Again, this is a service similar to SaaS, providing an application which creates a virtual platform for development. Essentially developers are able to plugin and create programs or applications on these platforms (Knorr, 2011). Managed Service Providers (MSP) This cloud-based service, an application used in monitoring of backend applications and processes, is designed for the I.T. team instead of being designed for the traditional end user (Knorr, 2011). Services such as Google Analytics, Spam Filters, and desktop management applications all fall into this category. Service Commerce Platforms This cloud-based platform is essentially a hybrid of SaaS and MSP, which offers a service hub that users interact with. The platform integrates with multiple vendors and services in order to create a central
location where a user can handle multiple tasks with one common interface and architecture (Knorr, 2011). Although each application can be used for many purposes, there are benefits which they all have in common. First, by utilizing cloud-based applications companies can simplify their network and resources and switch to online services. Second, leveraging the broad reach of cloud computing business users can reduce costs and better share information, due to the accessibility of the internet. Finally, since many applications can be connected, users can more easily share information across platforms. With so many applications for cloud computing and even the experts arguing over what cloud computing is, it is no wonder that people are still confused about cloud computing. Regardless, one thing is clear cloud computing is not going away anytime soon. Today we consider cloud computing any applications, services, [or resources] offered over the Internet but we will have to wait and see how it evolves (Tech Terms, 2011). Since these services are offered from data centers all around the world (Tech Terms, 2011) the possibilities are endless and the metaphoric cloud is ever expanding.
Drive, they are carving out a significant market share and leaving some heavy footprints. This is all contributing to a newfound acceptance (and perhaps even an appetite) for I.T. innovation and experimentation that will soon be the norm for successful companies. Another broad-reaching impact of cloud computing is the dwindling necessity of in-house I.T. personnel. As more and more services are outsourced (especially SaaS), companies simply will not need as much help from their I.T. departments, because they will be able to find their own solutions. Smaller infrastructure means less I.T. people to keep it running. The reductions in cost could lead to more in investment in research and development, marketing, or any number of revenue-generating pursuits. Finally, the adoption of cloud-based technologies will eventually become atactical necessity. At the moment, firms are still testing the waters and cautiously incorporating new cloud computing services. However, once they are able to move into full implementation and realize the sheer cost-cutting benefits, their competitors will be unable to ignore that a once strategic advantage has become a tactical necessity. Although the cloud computing industry is still young, there is a plethora of services available. CIO magazine (Brodkin, 2009) identifies a handful of cloud computing companies to keep our eyes on. High up in the list are Amazon with the Elastic Compute Cloud and Simple Storage Services, AT&T with Synaptic, Enomaly with SpotCloud (a cloud resource marketplace), Google with GoogleApps, and Microsoft with Azure. Additionally, websites like Cloudtrip.com list cloud services that people find, use, post, and vote on, such as JumboTask, Brix, and cronsync. Amidst the hubbub about cloud computing, one thing is for sure: it will revolutionize I.T., business, and fundamentally change the way we live our lives.
technologies, no matter how insignificant those technologies appear to be. It also means, from the outset, the organizations board of directors and senior leadership must be involved in the decision-making process. This decision-making process needs to include a review and/or an analysis of the obstacles and the opportunities to overcome these obstacles when implementing cloud technology. Armbrust et al (2010) identify ten obstacles to cloud computing and opportunities to overcome these obstacles. These obstacles and opportunities are shown in the table below and some will be explored in greater depth. Table 1: Top 10 obstacles to and opportunity for growth of cloud computing Obstacle Opportunity 1 Availability and business continuity Use multiple cloud providers Data lock-in Standardize APIs; compatible software to 2 enable surge or hybrid cloud computing 3 Data confidentiality and audit-ability Deploy encryption, VLANs, firewalls Data transfer bottlenecks FedExing disks; higher bandwidth 4 switches Performance unpredictability Improved virtual machine support; flash 5 memory; gang schedule virtual machines 6 Scalable storage Invent scalable storage Bugs in large distributed systems Invent debugger that relies on distributed 7 virtual machines Scaling quickly Invent auto-scaler that relies on ML; 8 snapshots for conservation Reputation fate sharing Offer reputation-guarding services like 9 those for email 10 Software licensing Pay-for-use licenses
Source: Armbrust et al; Association for Computing Machinery, April 2010
service. Armbrust et al (2010) suggest that cloud vendors could offer different service-level agreements which provide customers with the availability they need to compute. But they then go on to say that businesses that use only one cloud computing service dont align with the computing communitys mantra no single point of failure. Tisnovsky (2010) suggests that in times of heavy cloud usage and constraints, low-level users may get bumped from the cloud because they pay fewer fees for the service. Non-technical issues such as a cloud provider going out of business, regulatory issues, and inadequate back-up and restore practices performed by the cloud provider can also disrupt business operations (Armbrust et al, 2010; Tisnovsky, 2010). Regardless if problems are technical or non-technical in nature, customers may want to consider using multiple cloud computing providers to avoid business interruptions (Armbrust, 2010). In addition, customers want to make certain that their contractual agreements address being able to get access to their data should the cloud vendor go out of business or is purchased and for data redundancy across multiple sites (Tisnovsky, 2010).
Data Lock-In
The cloud increases the risk of data lock-in. This lock-in, or in other words portability, prevents customers from moving data and code from one cloud to another or back to the enterprise. This can be an important obstacle for businesses to consider when evaluating moving to the cloud. Because there are many differences between platforms, applications and operating systems, rewrites of code and reworking of data is necessary. Armbrust et al (2010) believe that, application program interfaces (APIs) should be standardized in such a way that a SaaS developer could deploy services and data across multiple cloud computing providers so that the failure of a single company would not take all copies of a customers data with it. This standardization of APIs would allow surge computing allowing an application to transition between a private and public cloud.
10
In contrast, Linthicum (2009) believes that there will always be a trade-off even with established standards. He believes that companies need to focus more on leveraging the inherent features in cloud applications rather than on portability. This will allow companies to be the best that they can possibly be on that particular platform.
Data Confidentiality/Security
Security is the most often reason I.T. executives and CIOs give for not adopting a cloud services model (Armbrust et al, 2010; Subashini & Kavitha, 2011) because of the number of players in the cloud such as the cloud user, cloud vendor and any third-party vendors that users would use for securitysensitive software or configurations. Challenges such as SQL (structured query language) interjection, issues related to data verification, issues with third-parties having control of the data, and data loss and theft are just a few issues that businesses need to consider when looking at the cloud-based business model. Subashini & Kavitha (2011) show just how complex the security risks are in a cloud environment; and this security risk complexity is shown in Figure 1 below. 11
Source: Subashini, S., Kavitha, V.; Journal of Network and Computer Applications (2011)
Virtualization is the main method businesses use for security in todays cloud environment. It is powerful and can protect against most attacks. Nevertheless, Armbrust et al (2010) state, Not all resources are virtualized and not all virtualization environments are bug free and its possible that some virtualized code can break loose to some extent there is also a problem with incorrect network virtualization. All these predicaments are not exclusive to cloud environments but still need to be considered. An alternate technique of assuring security is seen in a company called Quadron Data Solutions. This company believes that customer records and transactions can be safely put in the cloud to the tune of 30 million records per day which includes customer, transaction and revenue information for eight million customer accounts. The firms chief executive, David Fetter says, We've really nailed security and I can honestly say we've passed the audits of the biggest firms with flying colors. The secret to this companys success is not only the physical data centers 24/7 guards and a $10 million biometric scanning system that requires employees to scan their whole hand [hands shrink if they arent attached to the body], but also by 12
not using the terminology cloud computing and using the terminology of service bureau instead (SteinertThrelkeld, 2011). Whether it is called cloud computing or not, businesses need to do their homework when considering transitioning to a cloud-based business model. Organizations such as the Cloud Security Alliance (CSA), a non-profit organization formed to promote the use of best practices for providing security assurance within Cloud Computing (CSA, 2009); Open Web Application Security Project (OWASP, 2011), a non-profit organization focused on improving the security of application software; and Open Grid Forum (OGF, 2011), a community of users, developers, and vendors leading the global standardization effort for grid computing, can be tremendous resources when businesses are determining their cloud security solutions.
Software Licensing
The current software license model includes payment for the software upfront, annual license fees and restrictions on the location where the software will run (usually restricted to one computer). This poses a problem because many cloud providers originally relied on open source software because the licensing model for commercial software is not a good match for utility computing. Opportunities to correct this obstacle include continuing with open source or for software companies to change their licensing structure to better fit cloud computing. In fact, Microsoft and Amazon now offer pay-as-you-go software licensing for Windows server and Windows SQL Server on EC2 notes Armbrust, et al (2010).
13
14
Conclusion
After evaluating the technical aspects cloud computing, how it can be implemented in business, and the opportunities and obstacles it presents, one can clearly see its broad impact on business. In a complex and ever changing competitive environment it is essential for businesses to capitalize on every advantage possible. Cloud computing is one such advantage. Granted, cloud computing will not solve all of a companys problems. Strategy and processes are first and foremost; however, what cloud computing will do is help implement and streamline these ideas. Todays executives and managers need to understand that this technology is here to stay and it will be an integral part of everyday business. With the advent of cloud computing, capital can be spent on other projects, instead of expensive I.T. infrastructure that will be obsolete in a year. Although this technology is still in its infancy, the possibilities are endless. Companies that leverage cloud technology for their benefit will move ahead of their competition, until cloud computing inevitably becomes a tactical necessity Despite its revolutionary power, cloud computing is not without risk. Like any responsible business decision, research and practicality must be a part of the equation. Security and legal risks are real, but the benefits may far exceed the threats. As the modern business terrain weathers wave after wave of transformations, stalwart firms will emerge as icons of ingenuity, adaptability, and change leadership. The future holds only promise for those who can seize opportunities and capitalize upon them. Cloud computing is the next great frontier and we will soon see its pervasive influences reshape business as we know it.
15
References
Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., et al. (2010). A View of Cloud Computing. Communications of the ACM , 50-58. Brodkin, J. (2009, May 18). 10 Cloud Computing Companies to Watch. Retrieved April 13, 2011, from CIO : http://www.cio.com/article/492885/10_Cloud_Computing_Companies_to_Watch?page=3&taxonomyId=3 112 Cloud Trip. (2011, April 14). Cloud Trip. Retrieved April 14, 2001, from Cloud Trip: http://cloudtrip.com/ Cornell University. (2011, March 7). http://www.cit.cornell.edu. Retrieved April 15, 2011, from Cornell University: http://www.cit.cornell.edu/catc/cms/policies/cloud/whatis.cfm CSA. (2009). Retrieved April 10, 2011, from CSA - Cloud Security Alliance: https://cloudsecurityalliance.org/ Gartner. (2008, June 26). Gartner Says Cloud Computing Will Be As Influential As E-business . Retrieved April 14, 2011, from Gartner Newsrooms: http://www.gartner.com/it/page.jsp?id=707508 Goodburn, M., & Hill, S. (2010). The Cloud Transforms Business. Financial Executive , 35-39. Hinchcliffe, D. (2009, June 5). Eight ways that cloud computing will change business. Retrieved April 14, 2011, from ZDNet: http://www.zdnet.com/blog/hinchcliffe/eight-ways-that-cloud-computing-will-changebusiness/488 Knorr, E. (2011, April 15). What Cloud Computing Really Mean. Retrieved April 15, 2001, from Info World: http://www.infoworld.com/d/cloud-computing/what-cloud-computing-really-means-031 Linthicum, D. (2009, September 15). Cloud Computing. Retrieved April 9, 2011, from InfoWorld: http://www.infoworld.com/d/cloud-computing/truth-about-lock-in-and-cloud-computing-487 NIST Cloud Computing Program. (2011, April 8). Retrieved April 10, 2011, from NIST: http://www.nist.gov/itl/cloud/index.cfm OGF. (2011, April). Retrieved April 10, 2011, from OpenGridForum: http://www.ogf.org/About/abt_overview.php OWASP. (2011, February 16). Retrieved April 10, 2011, from OWASP - The Open Web Application Security Project: https://www.owasp.org/index.php/Main_Page Schultz, B. (2009, May 18). Cloud Computing: Pros and Cons. Retrieved April 10, 2011, from Network World: http://www.networkworld.com/supp/2009/ndc3/051809-cloud-pro-con.html Steinert-Threlkeld, T. (2011, March 22). Retrieved April 9, 2011, from Information Management Online: http://www.information-management.com/news/cloud_BI_security_storage_service_bureau_SaaS10020006-1.html
16
Subashini, S., & Kavitha, V. (2011). A Survey on Security Issues in Service Delivery Models of Cloud Computing. Journal of Network and Computer Applications , 1-11. Tech Terms. (2011, April 15). Cloud Computing. Retrieved April 15, 2011, from Tech Terms: http://www.techterms.com/definition/cloudcomputing Tisnovsky, R. (2010, November). Risks Versus Value in Outsourced Cloud Computing. Retrieved March 25, 2011, from Financial Executives International: http://www.financialexecutives.org
17