Scalability and Multi-tenancy in Public Clouds
Public cloud computing describes a computing architecture that extends the service-oriented approach (exemplified in such concepts as “utility computing,” “service-oriented architectures” and “software as a service”) into a marketplace model. Providers offer services that “run in the cloud”, as they are accessible using Internet Protocol and are location independent. This means that users have no need to know where the underlying IT resources exist.
Cloud services have two hallmarks: They are scalable (the required resources of storage and computing power can be increased or decreased according to customers’ needs), and they are multi-tenant (they provide simultaneous, secure hosting of services for various customers utilizing the same cloud infrastructure resources).
Perceived risks in the Public Cloud
Source: PWC IT Outsourcing and Cloud Computing Survey
The good news is…
While the biggest obstacle facing public cloud computing is security, the cloud computing paradigm provides opportunities for innovation in providing security services that hold the prospect of improving the overall security of some organizations. The biggest beneficiaries are likely to be smaller organizations that have limited numbers of information technology administrators and security personnel, and lack the economies of scale available to larger organizations with sizeable datacenters.
Potential areas of improvement from which organizations may derive security benefits when transitioning to a public cloud computing environment include the following:
Cloud providers, just as organizations with large-scale computing facilities, have an opportunity for staff to specialize in security, privacy, and other areas of high interest and concern to the organization. Increases in the scale of computing induce specialization, which in turn allows security staff to shed other duties and concentrate exclusively on security issues. Through increased specialization, there is an opportunity for staff members to gain in-depth experience, take remedial action, and make security improvements more readily than would otherwise be possible with a diverse set of duties.
The structure of cloud computing platforms is typically more uniform than that of most traditional computing centers. Greater uniformity and homogeneity facilitate platform hardening and enable better automation of security management activities such as configuration control, vulnerability testing, security audits, and security patching of platform components. Information assurance and security response activities also benefit from a uniform, homogeneous cloud infrastructure, as do system management activities, such as fault management, load balancing, and system maintenance. Additionally, many cloud providers meet standards for operational compliance and certification, which augments their credibility.
The scalability of cloud computing facilities allows for greater availability. Redundancy and disaster recovery capabilities are built into cloud computing environments, and on-demand resource capacity can be exploited for better resilience when facing increased service demands or distributed denial of service attacks, and for quicker recovery from serious incidents. When an incident occurs, an opportunity also exists to capture information more readily, with greater detail and less impact on production. In some cases, however, such resiliency can have a downside. For example, even defending against an unsuccessful distributed denial of service attack can quickly consume large amounts of resources and cause charges to soar, inflicting serious financial damage to an organization.
Part 3: Backup and Recovery…
By Gopan Joshi
Gopan is Product Manager: Cloud Computing Services, Netmagic Solutions Pvt. Ltd. and has expertise in managing products and services in various market scenarios and life cycle stages. His experiences ranges from introducing cutting edge innovations in existing products, existing markets to new technology, new markets
- Controversial Chinese Cybersecurity Law Under Review Again - June 28, 2016
- Data Protection and Session Fixation Attacks - June 27, 2016
- 15 Cloud Data Performance Monitoring Companies - June 21, 2016
- Cross-Site Scripting – Why Is It A Serious Security Threat For Big Data Applications? - June 21, 2016
- What’s Ahead For Predictive Analytics And Why It Matters For Businesses - June 17, 2016