DOCSLIB.ORG

Cloud Security MODERNIZING ENTERPRISE IT

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cloud Security MODERNIZING ENTERPRISE IT DIGITAL SPOTLIGHT WINTER 2014 Cloud Security MODERNIZING ENTERPRISE IT Introduction 2 The leap of faith to the cloud 4 Identity management meets the cloud 9 Hanging on to cloud identity 13 Practical cloud encryption solutions 17 CLOUD SECURITY SPOTLIGHT DIGITAL Staying safe INSIDE Introduction 2 in the cloud BY ERIC KNORR The leap of faith to the cloud 4 HE CLOUD IS fast becoming an underlying assumption Cloud providers typically have better security defenses of computing, mainly because everyone wants the ability to than your own data center – yet risks remain. The Cloud provision and scale applications with minimal fuss. Often, Security Alliance flags the nine most likely threats. T public cloud services — from SaaS apps such as Salesforce to BY ERIC KNORR IaaS offerings such as Rackspace Cloud — present the best options. Identity management The problem for IT is that business managers frequently fire up meets the cloud 9 accounts with public cloud services and fail to think through the se- Organizations always wrestle with authentication and curity implications. That can lead to increased risk of data loss, indus- access control, but rapid adoption of cloud apps and services is complicating the problem. trial spying, compromised customer data, and more. In this Digital BY FAHMIDA Y. RASHID Spotlight on cloud security, we dive into the key security issues for organizations that — by accident or design — have moved a substan- Hanging on to cloud identity 13 tial portion of their computing workloads to the cloud. Organizations are embracing cloud-based apps – and incurring new risks in the bargain. We begin by walking through the nine most pressing cloud se- Identity management lowers the liability. curity liabilities. Next, we explain identity management, and delve BY PAUL F. ROBERTS into the ways organizations are using it to extend authentication and authorization to the cloud. Finally, we tackle data encryption and the Practical cloud encryption options cloud providers should offer to ensure your data stays safe. solutions 17 Encryption has become a huge issue, thanks to the NSA. Today, nearly all businesses have one foot in the cloud whether For cloud customers, this has already led to a wider array of they realize it or not. We hope this Digital Spotlight helps enable encryption solutions. you to assess your own exposure and reap the benefit of public BY ROGER A. GRIMES cloud services without creating worry or unnecessary risk. —Eric Knorr, Editor in Chief Digital Spotlight | CLOUD SECURITY | WINTER 2014 infoworld.com 2 STOP DANCING AROUND THIS GUY. Instead, face real security threats head on. NaviSite’s managed cloud services provides a holistic approach to enterprise-class data security. Learn more at NaviSite.com. A TIME WARNER CABLE COMPANY 3 CLOUD SECURITY SPOTLIGHT DIGITAL of faith The leapcloud to the Cloud providers have better security defenses than your average enterprise data center – as they should, since any flaw could affect many, many customers. The Cloud Security Alliance identifies the nine most likely threats. BY ERIC KNORR OT LONG AGO, the notion of en- trusting vital company data to a public cloud service would have struck most IT managers as mildly insane at best. My data? Out there on some shared platform in a data center I’ve never Nseen? You’ve got to be kidding me. Digital Spotlight | CLOUD SECURITY | WINTER 2014 infoworld.com 4 CLOUD SECURITY SPOTLIGHT DIGITAL That attitude has shifted. The risks is reckless at best. Fortunately, availability and security of cloud pro- Subscribing to cloud services there’s a nonprofit organization solely viders have continuously improved, without considering the dedicated to addressing the problem. to the point where you frequently hear that your own data center is potential security risks is The Cloud Security Alliance’s much more likely to experience reckless at best. “notorious nine” downtime or a successful malicious Formed in 2008, the Cloud Security attack than the hardened, redundant Alliance is dedicated to promoting fortresses of big-name cloud service best security practices for the cloud. providers. cloud customer data — but even default, deployed in such a way that Membership includes a who’s who True, cloud providers’ reputations that episode may ultimately work in outside, unauthorized parties will of tech companies, from traditional were dealt a damaging blow in 2013 cloud providers’ favor. In response to have a very hard time cracking it. software vendors Microsoft and Or- when reports surfaced that the NSA the NSA debacle, some providers are The truth is that today, evalua- acle to native cloud providers Ama- demanded and received access to already offering strong encryption by tions of cloud risk tend to occur in zon and Google. In 2013, the Cloud hindsight. With or without the bless- Security Alliance published what ing of IT, many line-of-business and it called its Notorious Nine cloud departmental managers have sub- computing threats based on a survey scribed to cloud services — in part of industry experts. Here are those to gain much-needed capabilities threats in order of severity, with my that IT departments can’t or won’t own interpretation of the implica- deliver, and in part because some key tions of each. cloud services are simply better than solutions obtainable on premises. It’s becoming a cloud world, to Data breaches the point where corporate CIOs are No surprise that data attempting to emulate the hyperef- breaches are the No. 1 ficient clouds of major providers in 1.fear, since anxiety over exposing data their own data centers. Nonetheless, has always been the chief inhibitor subscribing to cloud services without to cloud computing adoption. On considering the potential security one level, the antidote is simple: a Digital Spotlight | CLOUD SECURITY | WINTER 2014 infoworld.com 5 CLOUD SECURITY SPOTLIGHT DIGITAL full array of strong encryption op- ing it — and when they call on IT to through phishing or social engi- tions. Roger Grimes’ article “Practi- recover data from a cloud service, neering can result in compromised cal encryption solutions” walks you it may be too late. financial data, stolen intellectual through the options. Moreover, although top cloud property, and other dire conse- But locking down data with en- service providers have an excellent quences for any business. But stolen cryption is only part of the story. record when it comes to accidental cloud service logons incur a special Encryption keys can fall into the data corruption or loss, users some- set of risks. wrong hands. You need proper au- times select third-tier providers with- For one thing, security profes- thentication and access control to out making a realistic assessment sionals routinely use a specific set of ensure only those authorized can ac- of their viability. An SLA may be in tools to determine whether an orga- cess data. Plus, you need proper data place, but a subscription refund does nization has been compromised — governance to manage the lifecycle of not amount to adequate compensa- and few would be willing or able to data — and under which conditions tion for data lost by a dysfunctional use those tools to check cloud ser- data can be stored in a shared cloud provider. In addition, if either the vices. If a SaaS application is com- environment or in any other location. user or the provider practices lax ac- promised, for example, an intruder Another issue is data deletion. cess control, data could be deleted by might be able to monitor activity Over the years, occasional reports vandals, disaffected former employ- and peruse data over a long stretch have surfaced that customer data ees, or other malicious individuals. of time without being detected. that was supposed to have been de- In a 2013 study by the security Other risks can be incurred if a leted remained with the cloud pro- vendor Symantec, 43 percent of the malicious hacker steals logon cre- vider. Encryption obviously reduces 3,200 organizations surveyed lost dentials to a business user’s IaaS risk should that slipup occur. data in the cloud and had to recover account. In the past, infrastructure from backups. Data in the cloud clouds have been used to launch needs to be protected as you would new VMs for botnets, DDoS at- Data loss protect it on any system. tacks, and other malicious activity. Because cloud ser- That’s one reason cloud monitoring vices are often ad- is essential. 2.opted without IT’s permission, users Account or service may lose company data simply by traffic hijacking misplacing it or accidentally delet- 3. Logons stolen Digital Spotlight | CLOUD SECURITY | WINTER 2014 infoworld.com 6 CLOUD SECURITY SPOTLIGHT DIGITAL have now deployed rela- Insecure inter- tively effective, automated faces and APIs defenses against DDoS Cloud interfaces and attacks. Smaller providers 4.APIs enable integration with SSO may or may not have the (single sign-on) solutions, as well as wherewithal to mount such data or process integration with other a defense. cloud services or on-premises soft- ware. But those interfaces and APIs are also potential targets for attack. Malicious To secure APIs, providers give users insiders tokens or API keys that are validated In a 2013 in order for a client to connect. 6.survey by Forrester re- If an API is secured poorly, an search, 25 percent of re- attacker could launch a DoS attack spondents said that abuse and render a cloud service unusable. by a malicious insider was the most Second, due to the decentralized APIs may provide access to all sorts common cause of data breaches. pattern of cloud adoption typical of Abuse of cloud of cloud functions, including ac- The truth, however, is that no one many organizations, IT’s purview services count provisioning; if compromised, knows.
Load more

Recommended publications
  • Solving Top Business Challenges: Moving to the Cloud
    Solving Top Business Challenges: Moving to the Cloud How McKesson Did It with Rackspace Take every step with an expert team Business: Healthcare company McKesson needed that uses the latest methodologies and infrastructure and expertise layered with a provides you with personalized end-to- consultative approach to help its business units move complex, compliance-sensitive workloads end engagement. to public cloud. Challenge: Modernize applications; architect the Move Beyond the Data Center with Confidence right environment with a strictly defined security and The technology landscape is constantly evolving. As a result, regulatory approach; build the business case and get organizations that rely solely on traditional IT infrastructure are buy-in for public cloud; acquire an end-to-end cloud struggling to keep up with their competitors. Traditional infrastructure lifecycle strategy partner to accelerate deployment hampers engineering teams from being able to provide the agility, and to provide ongoing maintenance. flexibility and responsiveness their businesses need to thrive. Solution: Managed Public Cloud, Professional Across every industry, organizations are investing in cloud solutions. Services, Application Services and DevOps, These efforts require rethinking infrastructure, focusing on ways Microsoft Azure. to streamline and optimize operations, updating go-to-market strategies and modernizing applications to extract the most from Outcome: Reduced dependency on dedicated today’s technologies. data centers by moving dozens of applications across multiple business units to public cloud Desired Outcomes with a consultative approach to planning, assessment, execution and ongoing management, Cloud adoption has helped countless businesses drive efficiency through while maintaining stringent security and operations automation, grow revenue through innovation, and realize healthcare compliance.
    [Show full text]
  • University of Maine System Digial Migration Services - RFP# 2016-62 ADDENDUM #01
    University of Maine System Digial Migration Services - RFP# 2016-62 ADDENDUM #01 QUESTIONS 1. We do not understand this sentence: “By moving to a cloud storage system we eliminate the need to re-code the MySQL web application.” Explain cloud database services more. And, here’s a bit more info: Amazon Web Services has a variety of cloud-based database services, including both relational and NoSQL databases. Amazon Relational Database (RDS) run either MySQL, Oracle or SQL Server instances, while Amazon SimpleDB is a schema-less database meant for smaller workloads. On the NoSQL side, Amazon DynamoDB is its solid-state drive (SSD)-backed database that automatically replicates workloads across at least three availability zones. Amazon also offers a variety of auxiliary data management services, such as Redshift and Data Pipeline that helps to integrate data from multiple sources for easier management. Help us to understand what data cloud services you are referencing. Typically, moving MySQL to the cloud makes the database more redundant. Moving to the cloud does not have much impact on application coding. We agree that the database layer needs to be restructured and positioned into the cloud prior to any application coding work. In addition to Amazon, clients often use Google, Microsoft Azure, and the Rackspace cloud. ANSWER: The answer to this question can be found in section 1.1.3 of the RFP. We are looking for a two-phase solution. Phase one is migration of the website from U-Maine servers to a cloud hosted server (primarily for increased website speed and the ability to host high resolution images) and the migration from FileMaker to a new collections management database that will eliminate the MySQL web application by being able to link directly to the online display of the website with out the need of an intermediate web application.
    [Show full text]
  • Rackspace Service Blocks: Complex Cloud Operations Gain Advanced Operational Guidance and Support from Certified Cloud Specialists
    Rackspace Service Blocks: Complex Cloud Operations Gain advanced operational guidance and support from certified cloud specialists. Large organizations and businesses running highly complex cloud About Rackspace environments often require customized cloud architecture and access Rackspace is your trusted partner across cloud, to highly skilled cloud resources. Finding the right level of technical applications, security, data and infrastructure. expertise can be challenging, because talent is scarce, expensive and hard to retain. Rackspace® Complex Cloud Operations help you manage • A leader in the 2018 Gartner Magic Quadrant ongoing operational challenges and keep you informed on ever-evolving for Public Cloud Infrastructure Managed cloud features. Service Providers, Worldwide • 3,000+ cloud experts Experts Dedicated to Your Success • Hosting provider for more than half of the Rackspace is a next-generation cloud services provider that manages the Fortune 100 full cloud lifecycle. Complex Cloud Operations offers access to advanced technical resources to better manage public cloud operations and • 20+ years of hosting experience infrastructure architecture. • Customers in 150+ countries • 3,000+ AWS accreditations Key Features • 1,000+ AWS certifications Rackspace offers a range of robust features to support complex cloud operations including: • 1,300+ Microsoft certifications worldwide • 200+ Microsoft-certified professionals Expertise: Expert technical resources, including solution architects, lead engineers, container and Kubernetes experts, and DevOps professionals • 150+ Microsoft Azure certifications worldwide help optimize public cloud operations and architectural infrastructure. • 100+ Microsoft Azure-certified professionals Optimized Custom Configurations: Custom configurations include • 13 Microsoft partner certifications monitoring services, OS optimization, patch management, alert response • Five-time Microsoft Hosting Partner of the Year runbooks and deployment management.
    [Show full text]
  • Cloud Computing in Amazon Web Services, Microsoft Window Neu
    CHIMA DESMOND OPARADESMOND CHIMA CLOUD COMPUTING IN AMAZON WEB SERVICES, MICROSOFT WINDOWS AZURE, GOOGLE APP ENGINE AND IBM CLOUD PLATFORMS: A COMPARATIVE STUDY CLOUD COMPUTING IN AMAZON WEB SERVICES, MICROSOFT WINDOW NEU NEU WINDOW MICROSOFT SERVICES, WEB AMAZON IN COMPUTING CLOUD AZURE, GOOGLE APP ENGINE AND IBM CLOUD PLATFORMS: 2019 2019 PLATFORMS: CLOUD IBM AND ENGINE APP GOOGLE AZURE, A THESIS SUBMITTED TO THE GRADUATE SCHOOL OF APPLIED SCIENCES A COMPARATIVE STUDY A COMPARATIVE OF NEAR EAST UNIVERSITY By CHIMA DESMOND OPARA In Partial Fulfillment of the Requirements for the Degree of Master of Science in Computer Information Systems NICOSIA, 2019 CLOUD COMPUTING IN AMAZON WEB SERVICES, MICROSOFT WINDOWS AZURE, GOOGLE APP ENGINE AND IBM CLOUD PLATFORMS: A COMPARATIVE STUDY A THESIS SUBMITTED TO THE GRADUATE SCHOOL OF APPLIED SCIENCES OF NEAR EAST UNIVERSITY By CHIMA DESMOND OPARA In Partial Fulfillment of the Requirements for the Degree of Master of Science in Computer Information System NICOSIA, 2019 Chima Desmond OPARA: CLOUD COMPUTING IN AMAZON WEB SERVICES, MICROSOFT WINDOWS AZURE, GOOGLE APP ENGINE, AND IBM CLOUD PLATFORMS: A COMPARATIVE STUDY Approval of Director of Graduate School of Applied Sciences Prof. Dr. Nadire CAVUS We certify this thesis is satisfactory for the award of the Degree of Masters of Science in Computer Information Systems Examining Committee in Charge: Assoc.Prof.Dr. Fezile Özdamlı Committee Chairperson, Department of Computer Information Systems, NEU Prof.Dr. Nadire Çavuş Supervisor, Department of Computer Information Systems, NEU Asst.Prof.Dr. Damla Karagözlü Co-Supervisor, Department of Computer Information Systems, NEU Assoc.Prof.Dr. Hüseyin Bicen Department of Computer Education and Instructional Technologies, NEU Asst.Prof.Dr.
    [Show full text]
  • On High Performance Cloud Based File Synchronization with User Collaboration
    On High Performance Cloud Based File Synchronization with User Collaboration A THESIS SUBMITTED TO THE FACULTY OF THE GRADUATE SCHOOL OF THE UNIVERSITY OF MINNESOTA BY Mounika Chillamcherla IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE Haiyang Wang July 2016 © Mounika Chillamcherla 2016 Acknowledgements I would like to take this opportunity to sincerely thank Dr. Haiyang Wang for his enor- mous support and guidance, without whom this thesis would not have been possible. I am greatly indebted to him for his vital suggestions throughout the work. He is very kind, en- couraging, extremely supportive and always takes care of the well-being of all his students. I really feel blessed to have him as my thesis advisor. I would like to thank Dr. Ted Pederson and Dr. Yang Li for serving on my thesis com- mittee. A special thanks to Dr. Ted Pederson for teaching me the course Natural Language Processing and filling energy and enthusiasm in me, and for being my inspiration. Further, I would thank all the professors of CS Department, Lori Lucia, Clare Ford, Jim Luttinen and International Student Services for their timely help. I would like to thank all my friends in the class for all the fun, knowledge, encourage- ment, and for making my stay a memorable one. Thanks to SaiKrishna Peachara for taking the time to proofread my thesis documentation and for his indispensable support. Lastly, I would like to thank my parents who stood by me and motivated me at all times. i Dedication I would like to dedicate this thesis to my parents, Adinarayana Chillamcherla and Guru Lakshmi Chillamcherla and to my brother, Eshwar Sai Chillamcherla for their everlasting love and endless support.
    [Show full text]
  • Cloud Computing Bible
    Barrie Sosinsky Cloud Computing Bible Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2011 by Wiley Publishing, Inc., Indianapolis, Indiana Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-90356-8 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, 201-748-6011, fax 201-748-6008, or online at http://www.wiley.com/go/permissions. Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services.
    [Show full text]
  • Fanatical Support for Microsoft Azure
    PRODUCT GUIDE FANATICAL SUPPORT FOR MICROSOFT AZURE With Rackspace Service Blocks October 5, 2018 TABLE OF CONTENTS OVERVIEW . 3 AZURE REGION AVAILABILITY . 3 SERVICE OFFERS . 3 Cloud Foundation ............................................. 3 Architect & Deploy ............................................ 3 Manage & Operate ............................................ 3 Complex Cloud Operations .................................... 4 COMBINING SERVICE OFFERS . 4 SERVICE MATRIX . 4 HUMAN EXPERTISE . 5 Your Fanatical Support for Azure Team ........................ 5 How to Contact Support ...................................... 6 Microsoft Premier Support Escalations ........................ 6 SERVICE OPERATIONS . 6 Customer Runbooks ........................................... 6 Monitoring (Watchman) ....................................... 7 Incident Management ......................................... 7 Change Management ......................................... 9 Ongoing Management Services ............................... 9 Patching ................................................... 9 Backups ................................................... 9 Antivirus ................................................... 9 Operating System Support ................................ 10 Passport (Secure VM Access) .............................. 10 Boarding Pass (Secure Azure Portal Access) ............... .10 Service Reviews ............................................ 11 Response Time Guarantees ................................... 11 ADDITIONAL SERVICES
    [Show full text]
  • How Can Startups Make Use of Cloud Services
    California State University, San Bernardino CSUSB ScholarWorks Electronic Theses, Projects, and Dissertations Office of aduateGr Studies 4-2021 How can startups make use of cloud services Gauri Nade Gauri Nade California State University - San Bernardino Follow this and additional works at: https://scholarworks.lib.csusb.edu/etd Part of the Educational Technology Commons Recommended Citation Nade, Gauri and Nade, Gauri, "How can startups make use of cloud services" (2021). Electronic Theses, Projects, and Dissertations. 1262. https://scholarworks.lib.csusb.edu/etd/1262 This Thesis is brought to you for free and open access by the Office of aduateGr Studies at CSUSB ScholarWorks. It has been accepted for inclusion in Electronic Theses, Projects, and Dissertations by an authorized administrator of CSUSB ScholarWorks. For more information, please contact [email protected]. HOW CAN START UPS MAKE USE OF CLOUD SERVICES A Project Presented to the Faculty of California State University, San Bernardino In Partial Fulfillment of the Requirements for the Degree Master of Science in Information Systems and Technology by Gauri Rajendra Nade May 2021 HOW CAN START UPS MAKE USE OF CLOUD SERVICES A Project Presented to the Faculty of California State University, San Bernardino by Gauri Rajendra Nade May 2021 Approved by: Benjamin Becerra, PhD, Committee Chair Conrad Shayo, PhD, Reader Jay Varzandeh, PhD, Dept. Chair, Information & Decision Sciences © 2021 Gauri Rajendra Nade ABSTRACT The purpose of this project is to discuss the technical obstacles that small and medium-sized enterprises (SMEs) face, as well as how cloud computing can help to solve these issues. Cloud computing has the ability to radically change competitive environments by offering a new forum for generating and delivering business value and market development.
    [Show full text]
  • Cloud Storage: Adoption, Practice and Deployment
    Cloud Storage: Adoption, Practice and Deployment An Outlook Report from Storage Strategies NOW April 4, 2011 By Deni Connor, Patrick H. Corrigan and James E. Bagley Client Relations: Phylis Bockelman Storage Strategies NOW 8815 Mountain Path Circle Austin, Texas 78759 (512) 345-3850 SSG-NOW.COM Note: The information and recommendations made by Storage Strategies NOW, Inc. are based upon public information and sources and may also include personal opinions both of Storage Strategies NOW and others, all of which we believe are accurate and reliable. As market conditions change however and not within our control, the information and recommendations are made without warranty of any kind. All product names used and mentioned herein are the trademarks of their respective owners. Storage Strategies NOW, Inc. assumes no responsibility or liability for any damages whatsoever (including incidental, consequential or otherwise), caused by your use of, or reliance upon, the information and recommendations presented herein, nor for any inadvertent errors which may appear in this document. This report is purchased by Gluster for distribution only to its customers and prospects. Copyright 2011. All rights reserved. Storage Strategies NOW, Inc. 1 Sponsors ......................................................................................................................................................................................... 4 What is cloud storage? ....................................................................................................................................................................5
    [Show full text]
  • What Happens When the Science DMZ Meets the Commodity Internet?
    What happens when the Science DMZ meets the Commodity Internet? Presenter: Joe Breen Work done: Brian Haymore, Sam Liston University of Utah Center for High Performance Computing Boil and Bubble, Toil and Trouble, What do you get with a Science DMZ, That's mixed up with unlimited storage Fast and free? Image credit: http://www.zastavki.com/eng/Holidays/Halloween/wallpaper-24660.htm Start with a researcher Offer him candy (unlimited storage) Tell her its free Mix in a "frictionless" Science DMZ environment with 40G and 10G Data Transfer Nodes Image: https://fasterdata.es.net/science-dmz/science-dmz-architecture/ Mix in a well built commodity cloud service that can consume lots of data quickly Throw in an open source parallel tool that knows how to efficiently utilize a cloud provider’s API Google Drive Amazon S3 Openstack Swift / Rackspace cloud files / Memset Memstore Dropbox Google Cloud Storage Amazon Cloud Drive The local filesystem http://rclone.org/ What do you get? 14+Gig spikes, 5-8Gb/s of sustained traffic One 10G commodity pipe fills completely, traffic rolls to next available close peering point, and fills it too R&E routes yanked temporarily by Cloud vendor NOC to allow service to other commodity users and to better understand nature of congestion A call from a cloud provider NOC early in the morning asking to stop. (at least for a bit) Almost 100TB of data moved in 2.5 days Very happy researchers who want more What's an HPC center to do? Start mixing more... Multiple vendors now offering Apps/unlimited storage targeted at EDUcation *individual* users.
    [Show full text]
  • Should I Outsource My It Infrastructure?
    SHOULD I OUTSOURCE MY IT INFRASTRUCTURE? AN INSIGHTFUL TCO ANALYSIS OF ON-PREMISES VS. MANAGED HOSTING SERVICES TABLE OF CONTENTS SUMMARY . 3 INTRODUCTION . 3 OVERVIEW OF INFRASTRUCTURE ECONOMICS . 5 Total Cost of Ownership ............................................... 5 Modeling ABC Company’s Infrastructure TCO ......................... 5 Capex Vs. Opex in TCO Categories ..................................... 6 TCO SUMMARY . 6 TCO ANALYSIS DETAILS . 7 Server Hardware ....................................................... 7 Server Software ........................................................ 8 Network Infrastructure ................................................. 8 Network Bandwidth .................................................... 9 Storage ................................................................ 9 Backup Infrastructure .................................................. 9 Power and Facilities ................................................... 10 IT Labor Costs ......................................................... 11 System Administration Staff . 11. Training . .11 Staff Turnover. 11 Indirect Costs ......................................................... 12 ESTIMATING THE TCO DIFFERENTIAL OF MIGRATING . 13 MIGRATE TO MANAGED HOSTING, OR NOT? . 13 CONCLUSION . 14 APPENDICES . 15 Direct Business Costs Breakout. 15 Indirect Business Costs Breakout ...................................... 21 Security and Compliance Costs Breakout .............................. 25 RELATED READINGS . 26 2 WHITE PAPER :: SHOULD I OUTSOURCE
    [Show full text]
  • Chapter 1 Cloud Computing
    Contents 1 Cloud computing 1 1.1 Overview ............................................... 1 1.2 History of cloud computing ...................................... 1 1.2.1 Origin of the term ....................................... 2 1.2.2 The 1950s ........................................... 2 1.2.3 The 1990s ........................................... 2 1.3 Similar concepts ............................................ 3 1.4 Characteristics ............................................. 3 1.5 Service models ............................................ 4 1.5.1 Infrastructure as a service (IaaS) ............................... 5 1.5.2 Platform as a service (PaaS) ................................. 5 1.5.3 Software as a service (SaaS) ................................. 5 1.6 Cloud clients .............................................. 5 1.7 Deployment models .......................................... 6 1.7.1 Private cloud ......................................... 6 1.7.2 Public cloud .......................................... 6 1.7.3 Hybrid cloud ......................................... 6 1.7.4 Others ............................................. 7 1.8 Architecture .............................................. 7 1.8.1 Cloud engineering ....................................... 7 1.9 Security and privacy .......................................... 7 1.10 The future ............................................... 8 1.11 The cloud revolution is underway ................................... 8 1.12 See also ...............................................
    [Show full text]