I’ve been following cloud computing for some time and every day I see that it is accelerating the ripening process and trying to understand its concept and technologies. Today it is clear that, in its various forms, cloud computing has the potential to significantly change the way IT operates, and manages and allocates its budget, and pays for its use by users. Of course it is a change that does not happen abruptly, but gradually.

Public clouds, for example, while still generating fears of security and privacy, which are in my opinion, largely unfounded, no doubt put pressure on the structure of IT. Why keep a set of dedicated servers often idle, and a staff dedicated to operations that do not add value to upgrades of operating system releases if I can transfer this activity to a trusted provider?

Moreover, when analyzing the portfolio of applications in a company, we found that most of them are not strategic or critical to profile data that is not sensitive in terms of security. And we also observed that most of these applications could operate in an environment of less than 95% availability. However, these applications can be moved to public clouds without any major scares. In fact, a public cloud can offer a level of security and availability much higher than that offered in many of today’s data centers to small and medium enterprises.

The topic cloud also begins to permeate discussions of strategic companies. In a meeting with business executives and the CIO of a large company it became clear that they were already considering that a significant portion of its future computing power would be served by public clouds, with a consequent impact on the IT budget,  which will shift the costs of “Capital Expenditure” to “operational Expenditure”.

On the other hand, the concern of disintermediation by IT users in many areas also appeared at the meeting, as they begin to look for other solutions, cloud, SaaS, without even interacting with the CIO. This is a challenge that IT has to face because uncontrolled spread of a cloud for the organization can create problems of integration, lack of adherence to security policies and increase the risk of audit to identify issues of governance.

The CIO has to play a proactive role in the process of adoption of cloud. Indeed, the question is not whether or not to adopt cloud, but what is the pace of adoption. The first step is to identify which applications exist, which may at first go to public cloud and / or private and create a catalog of services and applications that will be available in the clouds.

For example, the CIO can begin reviewing applications available today under two points of view, a level of criticality and the other how they are strategic to the business. Most applications will be below of the critical level and can be transferred to public clouds.

The pressure for cost reduction is constant and note that it is increasing every year. At the same time the complexity of the business environment demands faster responses and increasingly complex IT solutions. Seems an equation without answers, but if we analyze the potential of cloud, we can immediately identify:

1) Move non-critical (and not strategic) applications and not strategic to public clouds,
2) Implement private clouds for certain controlled environments such as development and testing, increasing the cycle
3) Create service catalogs that allow the user to operate in self-service, with minimal interference from IT.

These actions help to better understand what is cloud and its potential while allowing the organization to adjust and refine their governance processes, already contemplating cloud computing. It also helps to more accurately implement charge back processes that are indispensable when it comes to cloud computing.

Services to create a catalog that includes internal and external applications (SaaS), similar to an Apple AppStore is an innovative and highly efficient way of providing services to users. The IT department can and should define the rules of the game: Which applications can enter the catalog? The IT department should establish an approval process that can evaluate cloud providers and SaaS applications available. Thus, IT does not become a bottleneck and at the same time clearly shows that it is actively driving the process of “cloudification” in company.

The important thing is that, IT understands that its role does not disappear with the cloud computing model. It remains responsible for providing the best services in the lowest possible cost.

Cloud changes the context: IT is no longer the only provider of the service and should leave this monopoly role and assume a new role. So sometimes the best solution is built, developed and operated by IT and other best alternative is to operate in a public cloud. IT should be at the center of these decisions and for that, the mindset must be changed.

Although it is a very broad concept and too broad to be answered in a few lines, the question of preparation of national firms to the paradigm of cloud computing begins at the outset to be dependent on the type of cloud that is spoken – private or public – and the level of security that the customer wants.

The concept of cloud computing solutions is directly related to the provision of services outside the corporate network from a client (hence the cloud) services which may be translated into software, infrastructure or platform (Software as a Service – SaaS, Infrastructure as a Service – IaaS, Platform as a Service – PaaS).

A private cloud, by definition, provides a higher level of safety, since the very corporate network (private) serves as the infrastructure, where the above services will be hosted  in their own data center. In the case of non-existence of data center network business customer, a supplier may offer its infrastructure backbone (as well as all SLAs agreed with the client) as an “extension” of the corporate network from the client. We are here to speak about technologies / protocols such as MPLS VPNs, and the Data Center of external provider (or a Data Center “rented” to another company for this purpose) will host the services so that the end client intends as being in the cloud – not on the corporate network itself.

The public cloud, on the other hand, it all depends on the customer’s perspective and security that he wishes – an additional level of security, particularly at the level of encryption of data for confidentiality, since the Internet is the infrastructure used for the provision of services in the cloud. We all know examples of this. Even social networks, GoogleMail, SalesForce. In practical terms, the services in the public cloud need only an Internet connection, while in the case of private clouds, it may not be (and usually is not) enough so dedicated lines, operator services, including MPLS VPNs are required.

On the other hand, a time as we are experiencing today in the budgetary restraints are compelling, there may be doubts about the ability of enterprises to bear the initial costs of cloud computing.

But in my opinion, companies are always ready to adopt solutions which have advantages for operating business. When adopting a particular technology or solution, so important is its cost, such as maintenance, but we should also know the return on this investment and how long it will take place. That is, we must make a “business case“!

On the other hand, am not convinced that the initial costs have to be higher than those companies contract cyclically to renew or refresh their IT infrastructure. It is the time that companies should ask about new ways. Only then, we can protect and maximize investments.

Studies now indicate that about 75% of banking organizations will use Enterprise Cloud Computing, or hybrid solutions for cloud computing.

The technology resource with elements of applications, processors, storage capacity and data center in a cloud on the Internet, has also became a key theme and will be much discussed in the financial and insurance sectors. In India, data center providers are expanding their investments in infrastructure to meet the new wave, while IT executives, who confirmed to be not going back, argue that the application that is most appropriate and safe at this moment is a public cloud, private cloud or hybrid cloud.

The year 2012 will undoubtedly be the year where Cloud Computing will take the first steps to the movement that actually will become a reality in organizations. Outside India, the emerging trend, driven mainly by the advantage of cost savings, according to experts, it is the logical evolution in the banking sector. Studies now indicate that about 75% of banking organizations will use enterprise cloud computing, or hybrid cloud computing solutions, which implies the existence of a private cloud and through other means which are more open, in which any employee could have access.

The main issue, even debated in international forums is, “Is the Cloud Computing a valuable hedge for banks?” And the answer is “Yes“. In ’70s and ’80s, financial institutions already had a central computer, such as a mainframe terminal, whose main advantage was the saving of time, it was possible to keep all data centralized. The big difference is that, the cloud computing today relies on the fact that the information ends up being “hung” in the cloud.

The contribution that cloud computing can bring to the banking sector is very high. And beneficial as well. The main one is the flexibility that this technology can provide to the banks. In addition to allowing, among other benefits, “pay per use“, that is, offer a way to measure and manage the service network of computers in a more efficient and flexible way, the model will allow the bank to establish its variable costs and adjust their own real needs within their gains, the number of clients, etc..

Cloud Computing provides a model in which the payment is linked to the service that is used, it helps to increase or decrease capacity utilization. This new structure makes the planning of the different departments in a condition that is more flexible and agile, this is another added advantage.

For now, this trend began to take its first steps, especially because today, even if they have noticed the need for migration to this type of technology, there remain some issues to resolve before putting the whole process into practice. The need for legislation and regulation to adjust and establish how to act in case of catastrophe or disaster, which protocol is most appropriate at certain times or will be subject to audits. It is difficult to ensure that the banking sector will use a cloud computing which is open and transparent.

Hence, the service providers are investing all their efforts and financial resources to provide a flexible means of the use of internal and external solutions.

The more the confidence, the greater the opportunity to use private means that are based on two core values: integrity and availability of information privacy, two prerequisites for the confidentiality of user data is not lost, regardless of the technology.

There are many definitions of public clouds, but in essence we are talking about approach, in which IT is not placed on your site, and users connect through a network of infrastructure that is not yours. We can distinguish cloud services in three models.

“Software as a service” (SaaS): This model is as old as the networking technology. Application is hosted in a third-party data center, users can connect to it and pay for its use as a public service – in proportion to consumption. Customers do not own any licenses to any equipment. They are connected to the application through a public or private network. SaaS makes sense for applications such as payroll, email or sales force automation. But this is not a complete list of applications needed to conduct business. If you like public clouds and if you can find the right solution, use SaaS. But we should not think that this is a complete strategy that satisfies your needs for IT. Very few companies will find a complete SaaS strategy to use IT.

“Platform as a Service” (PaaS): PaaS model means that servers, storage and IDE for a specific client applications reside with a particular vendor. For example, it may be owned by e-commerce platform. Customers write their applications and place them in the provider network, paying for megabytes and CPU. Various models of PaaS are most suitable for specific niche applications. In addition, they can be used to develop and test new software. However, this model is not sustainable and scalable solutions for strategic and other critical corporate applications. In addition, the promised supporters of this model reduce costs in the long term is very doubtful.

“Infrastructure as a service” (IaaS): This is a virtualized infrastructure without the physical, sometimes even without an operating system. You connect to it and do everything that you need. In essence, IaaS is a strategy for placement on another site, where IT assets are virtualized and made available to you according to your needs. This model is close reached to use other people’s insanity grounds in the 1990′s and early 2000′s. What is new is the extraction service providers economic advantages of virtualization technology. As it was the case with SaaS and PaaS, there are several very effective ways of using this model. However, it is in any case is not a panacea, does not guarantee cost savings or simplify the management needs of corporate IT.

Security: To share information in the public cloud is all the same like sending children to kindergarten without teachers, but still do not know where it is located. Parents will never do this. Likewise, the enterprises should not be placed in the public cloud environments for a 10 percent savings in operating costs. The risks are too great, and the economic effect is too small. This does not mean that the cloud providers do not take measures to protect your data. However, you as a customer must realize that whenever you no longer control the data, the security is at serious risk.

Economic aspect: Using public clouds, the company simply shift money from one pocket to another. Whatever is promised, service providers face the same problems of scalability, service quality and efficiency that arise within the enterprise. In addition, service providers are known for their inaccuracy in billing. This inaccuracy comes to the fact that any company whose sole task is to search for companies with which service providers charge excessive fees.

My advice: Enjoy the benefits of public clouds, but create private clouds on the basis of its own infrastructure in the media that have a full control.

When two years ago we started to talk intensely about cloud computing, you looked at this technology as something very abstract, so that the same hosting provider did not see any reason to start to become interested in something that would come to a finished product after years. So it was not, and even at the expense of those who did not believe it, the cloud services today, is a “race” for many providers  convinced that they can reuse their hardware or their marketing, even with this new product. Many are taking it seriously, with advice and targeted investments, mainly aimed at creating its own private cloud, and not the use of a public cloud, obviously considered too “far” from the property.

Yet there are also opportunities to wonder. A provider of the Indian scene claims to use a solution of a cloud as well-known Indian company, came in first with the reality term cloud services in the Indian  market. The most observant will know who we speak, for others simply search on Google. This is an interesting piece of news, because in fact marks the transition from dedicated server, up to now, seen as the only solution for hosting providers that want to offer shared hosting, the ability to accommodate all its customers on cloud instances, expandable and scalable so as to decrease the load or the customers.

The cloud services today provides everything that you need, with a management certainly greater than that of a dedicated machine. The potential for increasing the resources allocated in real time, including the band, is certainly a feature of interest to those who provide shared hosting or have clients with unpredictable traffic.

The costs are definitely lower, but in this case we are talking about an investment that can make sense only if all its infrastructure migrates in a cloud outside. The choice of a public service for a hosting provider sets conditions of assurance on it that could turn up their noses a lot , but it is clear that the implementation of a solution of much higher costs than private cloud has an initial investment and all hosting providers will not be able to afford this.

The transition from dedicated server to cloud computing will obviously be easier for hosting companies, when they exist standard platforms, then move one instance of a large provider to another will not be a problem and will give technical and economic opportunities that will not be indifferent.

With the growth of the value of clouds for some IT solutions providers are beginning to take an interest in what exactly it meant. In the end, many of you have long offered clients to use host-applications, which, in essence, cloud services are under another name.

So you already know what are the benefits that are provided by cloud computing services to your customers: a small initial capital costs, or complete absence, pay only the actual services received, scalability and flexibility. For you, the main advantages of cloud services are a constant revenue stream, deep penetration in the business of clients and flexibility to tailor services to customer needs.

So if you have some time provide Hosted Exchange services with or related to backup and restore data, you are completely forgivable to ignore the talk about clouds as the next hype in the IT industry. Or unforgivable?

Enough to have in its arsenal, one or two services such as SaaS, although they could well help you prepare for the era of cloud services. Looking to the future, customers will increasingly move their infrastructure into the cloud. And if all that you can offer, is the e-mail host system, you face the loss of customers.

Since virtualization, private clouds and services based on public clouds every day are becoming more popular. IT has a long history of adaptations and innovations, and cloud is a important chapter in this story. If you skip this chapter, it can have fatal consequences for your business.

Large corporations such as Verizon and Google, end users are bombarded with advertisements on its cloud products. As this onslaught of more and more customers will be prepared to cloud computing and would like to have more services.

Fortunately for solution providers, you have plenty of options to create a full set of cloud services. Let’s say you have to offer Hosted services through Exchange. What can you supplement them? It makes sense to explore other products Hosted on Microsoft, such as server, database and maintenance of desktop systems, to create a cloud menu.

Of course, you are not limited to products of Microsoft, Cisco and Dell. You and all the solutions provider should also not be overly suspicious of large corporations. In particular, although Microsoft has achieved record sales through the channel, the manufacturer has caused some confusion among its partners on their role in providing cloud services, such as Azure and BPOS. However, Microsoft’s strategy in connection with the clouds deserves a separate article.

Solutions providers should also pay attention to host the infrastructure and services such as “platform as a service” (PaaS), as well as to private cloud using virtualization technology and reminding the public clouds, which allow you to take advantage of the cloud environment inside the network perimeter.

Many manufacturers also offer in addition to its virtual cloud product technical support. This means that you can give it to function manufacturer partners and focus on growing your business.

So when it comes to clouds, then, yes, there is no shortage of publicity. But this does not mean that solutions providers cannot simply ignore it and do its routine. Clouds are a source of change, and therefore require that providers of solutions once again adjusted to the ongoing large-scale shifts in the industry.

The Path To Efficiency Is Through The “Cloud Computing“

Economic turmoil in 2008 led many companies to restructure their costs and focus on a more rational use of resources. Primarily, the companies began to reduce funding of non-core activities, which are often among the maintenance and development of its IT infrastructure. This wave came into vogue terms such as “consolidation”, “virtualization” and “cloud services”. But if the first two concepts were generally well accepted in business, then the cloud for many managers are still somewhat abstract and intimidating.

The most familiar and common definition of cloud services sounds like “providing end users with remote dynamic access to services, computing resources and applications (including operating systems and infrastructure) over the Internet.” Usually it is the mention of the word “Internet” discourages managers, creating a feeling of insecurity of their information assets. It is necessary to replace the phrase “through the Internet” to “anywhere”, implying, in particular, and the enterprise network, it becomes clear that the company is already in the cloud. As a rule, in large and medium-sized organizations key business applications have already been consolidated within a single data center or central office, are accessible from both the local network or from remote offices. This is also a cloud, it is simply a small and their own – so-called private.

Private or public cloud providers?

Types of clouds, by and large, only two – both private and public. To the public include proprietary platform clouds major IT players (Google, Microsoft, IBM, HP, Amazon, etc.) and cloud services offered by various independent service providers (typically, service providers and broadband providers). Private clouds are managed by its own IT services and provide services for internal use and for use by customers and partners.

From the perspective of the end user, it is not much different from what the clouds get service  from, the private or public. If you watch from the owner of information resources, it should be to seek a reasonable balance between convenience and cost. Creating a private cloud will allow the company to form their own directory services and their quality indicators, full control over information assets. But this organization must bear the related costs (personnel, equipment, software, etc.). Use of public clouds allow the enterprise to reduce the cost of maintenance and IT infrastructure, but the range of services will limit the opportunities for cloud providers.

According to studies, revenue in the area of  “cloud computing” technologies in 2013 will amount to 150 billion dollars. Many businesses have already implemented the transfer of corporate data in the cloud, many more companies are going to do it soon, but a lot of people are worried about the security of data stored in the cloud. Of course, no one can guarantee absolute security in any computing environment, however, the transition to “cloud” technology can take certain measures to help in reducing the risk of data loss to a minimum. For example, when choosing cloud providers, it is important to look not only at firms’ pricing power, but also implemented its security protocols. It is important to understand that the transition to “cloud” technologies may be safer than the standard internal solutions as the industry has invested billions of dollars in information security.

In public, the cloud system end-user has a high level of automation. Customers can place their applications in the cloud and manage all the user settings of your services. Public “cloud” has no such visibility as a private cloud has. If you are using a public “clouds” you give the placement of computing resources in to control. In particular the “cloud” resources are used by fewer people and they have a higher level of management. Depending on these differences to safety management in these environments, specific practices.

The first and most important step is the installation procedure of authorization. For the selection of the password, it requires randomization procedure and the need for strict adherence to protocols that create passwords for all staff. It’s amazing, but many people still use words like “password” or a combination of digits “12345″ as a password to access key data sources. Application of the standard LDAP and administrator credentials you can really protect your information.

Having dealt with the internal procedures of authorization, you should pay close attention to outsourcing partners. Whether they are holding your security protocols and perform background checks, whether they are complying with any other measures that protect and control the transmission of information. Information sharing is crucial, especially in the case of public computing environments. Providers must use the best encryption tools to keep your information safe and in usable condition. They must also provide administration services to the highest level, including installing firewalls and advanced detection of network attacks.

Legal aspects of data storage in the cloud hosting

There are many legal problems connected with the storage of information, especially data identifying a person. Despite the fact that information is in the cloud, it is still somewhere to be placed and there are rules that govern its movement. In some countries, such as India, imposed very strict requirements for safety information, which limit the storage and movement of information. Choose a provider who is knowledgeable about these rules, and could, if necessary, too quickly move your information to comply with these requirements. According to a study, more than forty states have official regulations governing the methods of protection of personal data (PII). Should give preference to well-known providers of cloud services, which have systemic means of controlling the movement of PII under its “cloud” network.

Many cloud providers enter the market, not having sufficient experience in the field of human resources policies and technologies. That is why in order to obtain a comprehensive understanding of the work of a company, should ask more than a dozen issues. One of the most important – the question of who will have the right to access and transfer your information. Whether they will notify you about any breach of security, or just hide them.

Does this outsourcing company allow you to optionally create an emergency data center for disaster?

The contract may provide higher levels of encryption standards for data storage. In addition to this “cloud” provider should be familiar with the work of any other suitable provider of SaaS and its technologies. Your business depends on many different outsourcing companies, one way or another address with your information, so it is important that the information management system have no weak links.

Outsourcing companies need to adhere to certain standards, assigning passwords that reduce the likelihood of hacking. In the case of multiplayer “cloud” above average risk, and therefore cloud providers must show that they use management tools that provide separation to reduce the risks.

Conclusion

Achieving a high level of safety in public and private “clouds” requires confidentiality requirements and user access. New solutions for information storage and management come to market fairly quickly, and as these tools are introduced, users will get additional protection for their information.

When we talk about cloud computing, we also talk about the types of clouds that we consume (utilize). You remember the taxonomy to cloud, we presented some more posts ago, here on the blog right? We talked about IaaS, PaaS, SaaS and its services. We talk about the capabilities present in a cloud platform exemplifying its own resources of the Windows Azure platform.

Now I would like to highlight the types of clouds that can work. At this point, we can think of public cloud, private cloud and dedicated cloud computing.

Public cloud services are the offers we have on the general market through providers like Microsoft, Amazon, Salesforce.com, IBM, Google, ESDS, among others. In this type of supply, access is via the internet and share data centers with various companies in the world.

Thinking about a more customized solution, private cloud services can deliver the benefits of dynamic provisioning and economy of scale, leveraging the infrastructure of data centers already invested by the company. Thus, companies that own their own data centers can evaluate the model of virtualization and provisioning with the creation of a private cloud, which is only available to users and enterprise applications. A limitation of this model is that, beyond the scalability, it is limited to the size of the investment already made in own data center, the company remains responsible for the routine administration of physical hardware resources, as well as software development and upgrades needed.

Finally, dedicated clouds can offer the benefits of abstraction in a data center market with the isolation and customization that a company can imagine. This type of offer usually involves security matters, as like local users (on-premise) with the users and applications placed in the cloud and allows integrated scenarios, highly flexible hardware and provisioning for businesses.

From these three sets of clouds, it is natural to think of the clouds by addressing issues of authentication, authorization and security between users of each room booked.