• Community cloud - In this concept of Cloud, several organizations from a specific community with common concerns share infrastructure between themselves. They could be managed either internally or by a third-party and the hosting could be internal or external. The costs have are distributed among fewer users.
• Public cloud - This concept of Cloud is established when several organizations having similar requirements and seeking to share infrastructure are concerned. This definitely is more viable in terms of monetary benefit, as the resources (storage, workstations) utilized and shared in the community are used by a huge number of consumers.
The advantages of Cloud Computing offering in IT services include the following:
1. Transformation into on demand IT-as-a-service
2. Greater business agility, on-demand provisioning
3. Self-provisioning & deployment of applications
4. Significant savings in total cost of operations through right sizing and operational efficiency
5. Dynamic capacity on demand to reduce time to market
6. Strategically align the business on long-term opportunities while optimizing on operations
The transition to Cloud however, is accompanied by a number of data security issues that need to be looked into. Most organizations use relational databases to store the most sensitive data, hence the need of data security while moving to Cloud becomes all the more important and imperative. So, as the consumers work on migrating applications to Cloud, they need to be careful about three main attributes involving data security.
1. User access privileges: Any sensitive data that is processed outside the enterprise is prone to an elemental risk. As the services are outsourced, they kind of discount the physical, logical and personnel regulations which the IT departments could exercise over the in-house programs.
2. Server Elasticity: One of the key perks of Cloud computing is flexibility. So, keeping apart the fact about users having knowledge of the exact location of where their data is hosted, the servers hosting the concerned data can be provisioned and de-provisioned regularly to mirror the current requirement capacity. This evolving topology can be a challenge for the technologies banked on today and could be very hard for the management to constantly update configurations fitting to every such change.
3. Regulatory Compliance: Data integrity and data security are but the ultimate responsibilities of the organizations even if it is held by a service provider. The whole system of educating the auditors, demonstrating that their data is safe and secure even when there is no physical control over systems, is challenging. They need to provide them with the quintessential visibility into all activity.
Controlling access and monitoring of cloud administrators is a cutting point to make sure that sensitive data is secure. While the users may want to maintain background checks of their own privileged users and may also enforce significant physical monitoring, even if this be done by their cloud provider - it is a process which is not their own. Therefore that would mean compromising some element of power or control. These individuals may have almost unlimited access to the infrastructure, something they require in order to maintain and check the performance and availability of the cloud resources for all customers.
No comments:
Post a Comment