“Hey! Stop having your head in the clouds!”
This expression is very often used to refer to someone as either being absentminded, out of touch with the everyday world or simply having impractical ideas.
In this blog, I will illustrate that these days having your head in the clouds is a good thing and how being focused on the possibilities of the cloud will contradict the negativity so often associated with the expression!
The purpose of this blog will therefore be to enable the non-technical reader to have a better understanding and hopefully appreciation of what cloud computing entails or could potentially entail for their companies and also help address some of the compliance questions from a legal perspective.
So, first things first, let’s take a closer look at the definition of “cloud” …
What exactly is the cloud?
Whilst most people immediately associate a cloud as being made of a large collection of water drops floating in the sky, the definition for “cloud” computing is somewhat different!
Very simply put, in the context of cloud computing, different services are being delivered through the Internet (such as networking, data storage, services and databases).
Cloud computing services assist users such as yourself to store files and applications on remote services in a virtual space (known as the cloud) and the data can then be accessed via the Internet.
In essence, the Internet becomes the cloud-this virtual space where your files and applications can now be accessed from anywhere.
This enables the user to work remotely and means that there is no longer the need for the user to be in a specific place to have access.
I dare to venture that most of the readers already use cloud services to some extent: If your company subscribes to Gmail or Office 365, you are already in the cloud, so to speak.
Where is the cloud?
Well, the cloud is everywhere!
Proficient cloud providers have data centres worldwide. This goes a long way to ensure efficiency if there is a disruption in some of the other data centres. Depending on the regulations or the data residency requirements, some data centres may only be available for specific users. But more on this in the next blogs.
Whatever the case, the ideal cloud provider should strive to be able to provide efficient access to its cloud services whilst still complying with the newest compliance needs of each customer.
Types of “clouds”
Just like meteorologists refer to clouds as having different formations, there is also a distinction between different cloud computing types in the information technology space.
There are currently three main cloud computing service models for you as the potential user to choose from, allowing you to choose the level of control over the information you want to have and also the type of services you need to provide. Similar to everyday clouds, these cloud computing types are also built on top of one another and are therefore referred to as “the cloud computing stack”.
The first cloud computing type is known as infrastructure-as-a-service (IaaS) and refers to a system where users use IT infrastructure such as hardware and software storage on a pay-as-you-go format. Very similar to how water and electricity is purchased!
The second cloud computing type is known as platform-as-a-service (PaaS) and enables users and developers to build and host web applications by giving them access to the components they need without them having to worry about setting up infrastructure beforehand. Like IaaS this also includes infrastructure but also additional features for testing, deploying, managing, and updating as needed.
The third cloud computing type is known as software-as-a-service (SaaS) and enables the user to access the software by way of subscription in the cloud infrastructure instead of having to purchase the software and having to install it on personal computers. A good example of this would be cloud-based email such as Office 365.
Cloud deployment models
Here are the ways in which cloud computing can be structured based on the control and sharing of physical or virtual resources:
Public Cloud
This model is most used and essentially makes its cloud services available to any cloud service user. A public cloud is usually managed by governmental, academic or businesses or even a combination thereof and exists on the premises of the cloud service provider.
Private Cloud
This model is especially popular amongst large companies that desire to have more control over their infrastructure because cloud services can be used exclusively, and resources can be controlled.
Community Cloud
This model is mostly preferred by government or law enforcement agencies as data and resources often need to be shared across various agencies, but public access needs to be removed. It therefore differs from the Public Could model to the extent that only a specified group of customers can use it. This group is therefore more than the users of a Private Cloud model, but less than that of the Public Cloud.
Hybrid Cloud
This model makes use of at least two of the above deployment models and is becoming an increasingly popular choice for companies that want to use their existing data center resources but want it configured to interact with public cloud services. It is therefore best described as an integration of private and public cloud services that can provide a singular and combined experience for the users thus maximizing efficiency and combining the best of both models.
With the exception of the Public Cloud Model, these four models may exist on premises or off premises.
On-premise and off-premise
So, what does “on-premise” or “off-premise” actually mean?
Let us consider an example by comparing email services run on a company’s data center with that of a cloud scenario.
In the first scenario, the company has the added duty of obtaining the server and server software and must not only host the services in a secure environment but also manage operations and updates. As is often the case, the server could also be hosting database applications and other functions. The higher the number of users, the worse the performance! This is hardly an ideal situation for a company that wants to expand its reach on the market.
On top of it all, the company also has the added headache of managing spam control, cyber security and data compliance regulations and focusing on malware prevention.
This is not only costly, but also draining on manpower and inconsistent over the long run.
In the second scenario, the customer can focus on their prime business, whilst delegating the secondary worries of servers and its related issues to the cloud provider of their choice.
Consistency is within reach as the customer only pays for services used by each user. There is no added concern about back-end equipment or additional compliance concerns.
What’s next?
Now you have a better understanding of what the cloud entails and what it could potentially mean for you and your company. Tune in to the next blog, where we will look at the compliance tools that are available for cloud services.