SlideShare una empresa de Scribd logo

Cloud Computing & Control Auditing

Descargar como PPTX, PDF
Navin Malhotra
Navin Malhotra

Cloud computing allows companies to access applications and store data remotely via the internet instead of locally. It provides scalable IT resources on demand that can be accessed from anywhere. Some key benefits include reduced costs, increased flexibility and collaboration capabilities. However, security and privacy concerns remain top issues that need to be addressed. Control testing and governance models are important to effectively mitigate risks when using cloud services. Case studies of companies like Salesforce.com and GSK demonstrate how cloud can drive innovation while reducing IT costs through the subscription-based model.

Tecnología
1 de 21
Cloud Computing & Control Auditing ~ Navin Malhotra
Cloud Computing Basics Internet Your company doesn’t pay for h/w and maintenance The service provider pays for equipment and maintenance •Cloud computing is a construct that allows you to access applications that actually reside at a location other than your computer or other internet connected device, most often this will be a distant datacenter. Cloud computing can be defined as a benefit-driven operations solution that delivers scalable IT resources via the web, as opposed to hosting and operating these services locally. •These resources include tools, applications and services, in addition to the infrastructure in which these services operate. By deploying these tools and services over the web, companies and organizations can access resources on demand and significantly reduce (or possibly even eliminate) software and hardware costs. Additionally, a business‟ IT capacity can quickly and easily adjust to changes on demand, making the flexible nature of cloud computing immensely appealing. •One of the most valuable benefits of the cloud is the ability for employees to access, update and share files, documents and data, and use software applications from anywhere there is internet connectivity.
Cloud Topology Internet Client computers Distributed Servers Datacenter Client are in a cloud computing architecture, the exact same things that they are in plain old, everyday LAN. They may be your desktop, laptop, tablet PCs, mobile phones or PDAs. Servers located at remote locations but are all placed in one region.Servers are distributed across the remote locations. Advantages of “thin” client: •Lower h/w & IT cost •Data and information security •Less power consumption •Ease of repair
Cloud Service Models Service Models SaaS PaaS IaaS Moving apps to cloud costs can be a double edged sword. Proper ROI and needs to be measured before moving apps to cloud. Inter-operability or lock-in concerns. SaaS is a model in which an application is hosted as a service to customers who access it via the Internet. The customer doesn’t have to maintain it or support it. On the other hand, it is out of customer’s hand when the hosting service will decides to change it. The provider does all the maintenance and upgrades as well as keeping the infrastructure up and running. PaaS is another application delivery platform. PaaS supplies all the resources required to build applications and services completely from the Internet, without having to download or install software. PaaS service include application design, development, testing, deployment and hosting. Other services include database integration, security, scalability and storage to name a few. A downfall of PaaS interoperability and po providers. Also, if the pro business, your applicatio be lost as it is all stored th The ability of geographically isolated development teams to work together. The ability to merge web services from multiple sources. The ability to realize cost savings from using built-in infrastructure services for security, scalability and failover, rather obtaining them and test them separately. Rather than purchase servers, s/w, acks and having to pay for the atacenter space for them, the ervice provider rents those esources. Additionally, the nfrastructure can be dynamically caled up and down, based on the pplication resource needs. IaaS offers the hardware so that your organization can put whatever they want onto it. It is sometimes also called as Hardware as a Service (HaaS). Whereas SaaS and PaaS were providing applications to customers, IaaS doesn’t. We only talk about hardware in the cloud here.
Cloud Deployment Models Deployment Models Private PublicHybrid Community The cloud infrastructure is available only for an organization. – if you do not want your data to be shared with other tenants (parties) The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services The cloud infrastructure is shared by several organizations and supports a specific community that has shared concern The cloud infrastructure is a composition of two or more clouds (private, community, or public)
System Architecture H/W - CPU cycles - Processor speed O/S Web Server App Server DB Application Cloud is everywhere
First movers in the cloud It is one of the first companies to offer cloud services to public. They offer a number of cloud services: •Elastic Compute Cloud (EC2): Offers virtual machines and extra CPU cycles. •Simple Storage Service (S3): Allows you to store items up to 5GB in size in Amazon’s virtual storage service •Simple Queue Service(SQS): Allows machines to talk to each other using this message passing API. •Simple DB: A web service for running queries on structured data in real time. This service works in close conjunction with S3 and EC2, collectively providing the ability to store, process and query datasets in the cloud. These services needs to be done on command line, so you may find it difficult to use it if you are not used to working in command line environment. Amazon’s virtual machines are versions of Linux distributions, so those who are experienced with Linux will find no difficulty in using the Amazon cloud platform. Applications can be written on your own machine and then uploaded to the cloud. You can see more about Amazon’s cloud services at http://aws.amazon.com Google offers online documents and spreadsheets and encourages developers to build features for those and other online s/w, using it’s Google App Engine. To store data you need to use Google database. Groups and individuals will likely get the most out of App Engine by writing a layer of Python that sits between the user and database. You can also have a look at the app engine at http://code.google.com/appengine/
First movers in the cloud Microsoft cloud computing solution is called Windows Azure, an OS that allows organizations to run Windows applications and store files and data using Microsoft’s datacenters. Key components of Azure service platform include: •Windows Azure: Provides service hosting and management and low level scalable storage, computation and networking. •MS SQL Service: Provides database services and reporting. •MS .NET Service: Provides service based implementation of .NET framework. •Live Services: Used to share, store and synchronize documents, photos and files across PCs, phones, PC apps and websites. •MS SharePoint services and Dynamics CRM services: Used for business content, collaboration and solution development in the cloud. MS plans the next version of Office to offer a browser based option so that users can read and edit documents online as well as offer the ability to users to collaborate using web, mobile and client versions of Office. MS cloud offerings can be found at http://www.microsoft.com/azure/default.mspx
Cloud Computing - Objective Increased focus on business: Facilitates superior user experience through agile and robust cloud services. Faster time-to-market: Cloud uses enterprise frameworks such as Authentication, authorization user-interface and workflow which reduces overall time-to-market Increased business agility: Empowers business users to make effective functional changes through configuration. Reduced operational costs: Pay-as-you-use model, low maintenance and support, reduces hardware, software, licensing and development Objectives
Cloud Computing - Benefits Benefits Scalability – If you are anticipating huge upswing in computing needs, cloud computing can help you manage. Rather than having to buy, install and configure new equipment, you can buy additional CPU cycles or storage from a third party by click of a button and let them handle the installation and configuration for you. Since you will asked to pay per use, so your actual costs will be lesser than when you would have opted to buy the equipments as a whole. Simplicity – The cloud solution makes it possible to get your application started immediately and it costs a fraction of what it would cost to implement an in-site solution. Knowledgeable Vendors – The first comers to the cloud computing are very reputable companies. Amazon, Google, Microsoft, IBM, Yahoo and lately Apple. They have offered reliable services, plenty of capacity and we get some brand familiarity with these well-known names. More internal resources – By shifting your non-mission-critical data needs to a cloud, resources are freed up to work on important, business-related tasks. Network outages are a nightmare for the IT staff, this burden in offloaded onto cloud service provider. Security – There are security risks when using a cloud, but the reputable companies strive to keep you safe and secure. Vendors have strict privacy policies and are auditable by external auditors. They have in place proven cryptographic methods to authenticate users.
When No to Cloud Computing Regulate d environm ents Geopoliti cal concerns Hardware dependen cies Server control Cost Lack of Need Integratio n Latency concern Throughp ut demands
Cloud Security – Concerns & Assurance Security Security is one of the top most concern in the cloud environment. Though reliable and reputable cloud service providers can be trusted to provide us safe and secure service, but still concerns are growing and we need to seriously look upon them before getting our data into cloud. Though data in our servers is also not secure if those servers can be connected via internet or VPN. The provider must ensure that their infrastructure is secure and that their clients’ data and applications are protected while the customer must ensure that the provider has taken the proper security measures to protect their information. Cloud security architecture is effective only if the correct defensive implementations are in place. An efficient cloud security architecture should recognize the issues that will arise with security management. The security management addresses these issues with security controls. These controls are put in place to safeguard any weaknesses in the system and reduce the effect of an attack. 1Gartner: Seven cloud-computing security risks Cloud Computing Security Correct security controls should be implemented according to asset, threat, and vulnerability risk assessment matrices. While cloud security concerns can be grouped into any number of dimensions (Gartner names seven1) these dimensions have been aggregated into three general areas: Security and Privacy, Compliance, and Legal or Contractual Issues
Cloud Security - Benefits Centralized data Monitorin g Reduced data loss Security testing Instant Swap over
Cloud Computing - Trends
Cloud Computing - Gartner Predictions for 2014 and Beyond Industry predictions By 2016, poor return on equity will drive more than 60% of banks worldwide to process the majority of their transactions in the Cloud. By 2017, 40% of utilities with smart metering solutions will use cloud-based big data analytics to address asset-, commodity-, customer- or revenue-related needs. Gartner recently shared the Top 10 strategic technology trends for 2014: Mobile device diversity and management - BYOD Mobile apps and applications Hybrid Cloud and IT as service broker Cloud/Client architecture The era of personal Cloud Web-scale IT As mobile users continue to demand more complex uses of their mobile technologies, it will drive a need for higher levels of server-side computing and storage capacity. The push for more personal cloud technologies will lead to a shift toward services and away from devices. The type of device one has will be less important, as the personal cloud takes over some of the role that the device has traditionally had with multiple devices accessing the personal cloud Large cloud services providers such as Amazon, Google, Salesforce.com, and the like are re-inventing the way in which IT services can be delivered. The suggestion is that IT organizations should align with and emulate the processes, architectures, and practices of these leading Cloud providers. The combination of the aforementioned three among others is how Gartner defines “Web-scale IT.” Gartner suggests that bringing together personal Clouds and external private Cloud services is essential. Enterprises should design private Cloud services with a hybrid future in mind and make sure future integration/interoperability is possible.
Cloud Attributes
Cloud Controls Controls to be put in place for Cloud environments Architecture & Design Security Environmental Controls SLA Service Availability Logical Security – Access Control Governance Regulatory Controls BC & DR Background Checks Physical Security Risk Management
Quality / Compliance in Cloud Before defining approach for cloud audits / assessments we need to have below requirements in place: • Expertise in terms of resources who have understanding of the cloud services/ environments. • We should have complete understanding of the business and IT risks. Those risks should include risk associated with data privacy, information security, statutory and regulatory requirements. •Define the controls(detective, corrective & preventative) to effectively mitigate those risks. •Control testing to be performed on frequent basis depending upon the risk associated with controls. •Control testing should be defined in way to measure the control effectiveness. •Governance model to be defined which should be owned by the organization’s steering committee. Control Objectives Control Definitions Control Testing Documentation of test results Business & IT Risks On defined frequency Governance / Steering Committee/ Business & IT Leadership
Case Study- Salesforce.com Salesforce.com is global cloud computing company started in 1999 and best known for the Customer Relationship management product. Salesforce.com disrupted the CRM industry in two different ways. First, it changed the earnings logic by applying the “rental” model (monthly payment billed based on the number of users) to an industry hitherto characterized by lump sum licensing fees (charged for a company as a whole). The company understood that not all small businesses could afford software costing many thousands of dollars. By offering an affordable solution (a monthly fee per user) to small and medium firms, Salesforce.com cashed on a significant blue ocean market at the time deemed unattractive by large players as it could not be served with their current business models. Second, Saleforce.com understood that prospective clients wanted to experiment with the product before committing to it. As a result, while other service providers were promising their clients a customized solution in exchange for commitment, the goal of Salesforce.com was to get prospective customers (specifically end-users) to try its product for free. In 2007, Salesforce.com extended its services by launching Force.com – a customization platform for corporations. The company knew it could not provide a complete back-end customized solution. Thus, Salesforce.com opened its infrastructure to external developers by allowing them to supplement its own inputs. By making Force.com compatible with all major development environments and tools (i.e. .NET, Java, PHP, Ruby on Rails, among others), independent developers (i.e. those outside Salesforce.com) were able to integrate services ranging from simple email to Facebook and Twitter within the platform. Competitors became partners, allowing Salesforce.com to better serve existing clients and acquire new ones. In 2011, more than 340,000 developers were contributing to the Salesforce.com platform.
Case Study- GSK: GlaxoSmithKline GSK, the second largest pharmaceutical company in the world chose to migrate to the Cloud offering of Microsoft Business Productivity Online Suite. Everything was hosted by Microsoft on its data centers across the globe. GSK was looking for a productivity and collaboration increase from the switch. The global implementation of Microsoft online services gave GSK numerous Benefits a. Reduce Operational Cost The migration to cloud resulted in 30% savings in their IT operational costs. b. Drive Innovation The subscription service can be tailored to fit growing and changing needs. So that when GlaxoSmithKline adapts to changing market, its software adapts too. c. Expand External Collaboration GlaxoSmithKline is aggressively driving a more externally collaborative business through all practices: research and development, manufacturing, and sales. This supports collaboration between partners and GlaxoSmithKline, allowing for a more innovative and competitive business. d. Simplification of user experience Moving away from the customized solutions environment, GlaxoSmithKline was looking for a simple solution that would effectively extend to the many branches, regions, and employee types internally.
•www.northbridge.com •www.wikipedia.org •Cloud Computing – A Practical Approach by Anthony T. Velte, Toby J. Velte and Robert Elsenpeter •www.gartner.com References

Recomendados

Cloud computing Latest Interview Questions with Answers by Garuda Trainings
Cloud computing Latest Interview Questions with Answers by Garuda TrainingsCloud computing Latest Interview Questions with Answers by Garuda Trainings
Cloud computing Latest Interview Questions with Answers by Garuda TrainingsGaruda Trainings
 
Cloud computing
Cloud computingCloud computing
Cloud computingArysha Channa
 
Cloud computing v1 an introduction
Cloud computing v1 an introductionCloud computing v1 an introduction
Cloud computing v1 an introductionSanjay Sharma
 
Cloud computing basic
Cloud computing basic Cloud computing basic
Cloud computing basicNavin Malhotra
 
An introduction to the cloud 11 v1
An introduction to the cloud 11 v1An introduction to the cloud 11 v1
An introduction to the cloud 11 v1charan7575
 
introduction-to-cloud-computing
introduction-to-cloud-computingintroduction-to-cloud-computing
introduction-to-cloud-computingssuserc27607
 
Cloud computing abstract
Cloud computing abstractCloud computing abstract
Cloud computing abstractJagadeesh Kumar
 
Cloud Computing An introduction
Cloud Computing An introductionCloud Computing An introduction
Cloud Computing An introductionSanjay Sharma
 

Recomendados

Cloud computing Latest Interview Questions with Answers by Garuda Trainings
Cloud computing Latest Interview Questions with Answers by Garuda TrainingsCloud computing Latest Interview Questions with Answers by Garuda Trainings
Cloud computing Latest Interview Questions with Answers by Garuda TrainingsGaruda Trainings
 
Cloud computing
Cloud computingCloud computing
Cloud computingArysha Channa
 
Cloud computing v1 an introduction
Cloud computing v1 an introductionCloud computing v1 an introduction
Cloud computing v1 an introductionSanjay Sharma
 
Cloud computing basic
Cloud computing basic Cloud computing basic
Cloud computing basicNavin Malhotra
 
An introduction to the cloud 11 v1
An introduction to the cloud 11 v1An introduction to the cloud 11 v1
An introduction to the cloud 11 v1charan7575
 
introduction-to-cloud-computing
introduction-to-cloud-computingintroduction-to-cloud-computing
introduction-to-cloud-computingssuserc27607
 
Cloud computing abstract
Cloud computing abstractCloud computing abstract
Cloud computing abstractJagadeesh Kumar
 
Cloud Computing An introduction
Cloud Computing An introductionCloud Computing An introduction
Cloud Computing An introductionSanjay Sharma
 
ERP IN CLOUD
ERP IN CLOUDERP IN CLOUD
ERP IN CLOUDhari krishnan.n
 
Cloud Computing Fundamentals
Cloud Computing FundamentalsCloud Computing Fundamentals
Cloud Computing FundamentalsSonia Nagpal
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingArwa
 
Introduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh DuggalIntroduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh DuggalBeantsingh
 
Cto cloud
Cto cloudCto cloud
Cto cloudSean Hull
 
Cloud Reference Model
Cloud Reference ModelCloud Reference Model
Cloud Reference ModelDr. Ramkumar Lakshminarayanan
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service modelsPrateek Soni
 
Karrox introduction to cloud computing
Karrox introduction to cloud computingKarrox introduction to cloud computing
Karrox introduction to cloud computingKarrox Franchise
 
Cloud Computing-notes.doc
Cloud Computing-notes.docCloud Computing-notes.doc
Cloud Computing-notes.docNarendrakumarAnnadur
 
Unit 1
Unit 1Unit 1
Unit 1Ravi Kumar
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computingkevnikool
 
Unit 1.4 working of cloud computing
Unit 1.4 working of cloud computingUnit 1.4 working of cloud computing
Unit 1.4 working of cloud computingeShikshak
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingSiwat Jirawiwatpat
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingVipin Batra
 
Cloud computing
Cloud computingCloud computing
Cloud computingInternational School Of Management Excellence
 
Cloud computing - Latest Trend
Cloud computing - Latest TrendCloud computing - Latest Trend
Cloud computing - Latest Trendpoojanov04
 
Cloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 MayCloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 MayGovCloud Network
 
cloud computing basics
cloud computing basicscloud computing basics
cloud computing basicsSweta Kumari Barnwal
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing pptSant Longowal Institute of Engg. & Technology
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingSiva Arunachalam
 
Presentation1
Presentation1Presentation1
Presentation1Sandritah Ferreira
 
The Way Things Are...
The Way Things Are...The Way Things Are...
The Way Things Are...Makala (D)
 

Más contenido relacionado

La actualidad más candente

Cloud Computing Fundamentals
Cloud Computing FundamentalsCloud Computing Fundamentals
Cloud Computing FundamentalsSonia Nagpal
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingArwa
 
Introduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh DuggalIntroduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh DuggalBeantsingh
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service modelsPrateek Soni
 
Karrox introduction to cloud computing
Karrox introduction to cloud computingKarrox introduction to cloud computing
Karrox introduction to cloud computingKarrox Franchise
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computingkevnikool
 
Unit 1.4 working of cloud computing
Unit 1.4 working of cloud computingUnit 1.4 working of cloud computing
Unit 1.4 working of cloud computingeShikshak
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingVipin Batra
 
Cloud computing - Latest Trend
Cloud computing - Latest TrendCloud computing - Latest Trend
Cloud computing - Latest Trendpoojanov04
 
Cloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 MayCloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 MayGovCloud Network
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingSiva Arunachalam
 

La actualidad más candente (20)

ERP IN CLOUD
ERP IN CLOUDERP IN CLOUD
ERP IN CLOUD
 
Cloud Computing Fundamentals
Cloud Computing FundamentalsCloud Computing Fundamentals
Cloud Computing Fundamentals
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Introduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh DuggalIntroduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh Duggal
 
Cto cloud
Cto cloudCto cloud
Cto cloud
 
Cloud Reference Model
Cloud Reference ModelCloud Reference Model
Cloud Reference Model
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service models
 
Karrox introduction to cloud computing
Karrox introduction to cloud computingKarrox introduction to cloud computing
Karrox introduction to cloud computing
 
Cloud Computing-notes.doc
Cloud Computing-notes.docCloud Computing-notes.doc
Cloud Computing-notes.doc
 
Unit 1
Unit 1Unit 1
Unit 1
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computing
 
Unit 1.4 working of cloud computing
Unit 1.4 working of cloud computingUnit 1.4 working of cloud computing
Unit 1.4 working of cloud computing
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing - Latest Trend
Cloud computing - Latest TrendCloud computing - Latest Trend
Cloud computing - Latest Trend
 
Cloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 MayCloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 May
 
cloud computing basics
cloud computing basicscloud computing basics
cloud computing basics
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 

Destacado

The Way Things Are...
The Way Things Are...The Way Things Are...
The Way Things Are...Makala (D)
 
CASE STUDY: How a Major Television Network Cut Printing Costs
CASE STUDY: How a Major Television Network Cut Printing CostsCASE STUDY: How a Major Television Network Cut Printing Costs
CASE STUDY: How a Major Television Network Cut Printing CostsPlus Technologies
 
Alternatives to landline phone service
Alternatives to landline phone serviceAlternatives to landline phone service
Alternatives to landline phone servicemarvlyfx336
 
Plan raboty studencheskogo_nauchnogo_obshhestva_na
Plan raboty studencheskogo_nauchnogo_obshhestva_naPlan raboty studencheskogo_nauchnogo_obshhestva_na
Plan raboty studencheskogo_nauchnogo_obshhestva_nazvrataATL
 
Farsi in quattro n 10 aprile 2011
Farsi in quattro n 10 aprile 2011Farsi in quattro n 10 aprile 2011
Farsi in quattro n 10 aprile 2011giorgiocorradi
 
Bsy income 4 millionaires_club
Bsy income 4 millionaires_clubBsy income 4 millionaires_club
Bsy income 4 millionaires_clubgck888
 
Presentatie SOP
Presentatie SOPPresentatie SOP
Presentatie SOPKhlim Genk
 
Farsi in quattro n 8 gennaio 2011
Farsi in quattro n 8 gennaio 2011Farsi in quattro n 8 gennaio 2011
Farsi in quattro n 8 gennaio 2011giorgiocorradi
 
Pinterest的数据库分片架构
Pinterest的数据库分片架构Pinterest的数据库分片架构
Pinterest的数据库分片架构Tommy Chiu
 
P -Seminar Sam Gaul_Ganna Geist
P -Seminar Sam Gaul_Ganna GeistP -Seminar Sam Gaul_Ganna Geist
P -Seminar Sam Gaul_Ganna GeistSebastian Niedner
 
Spring's Creations
Spring's CreationsSpring's Creations
Spring's CreationsMakala (D)
 
1-Day Service innovation Public Workshop
1-Day Service innovation Public Workshop 1-Day Service innovation Public Workshop
1-Day Service innovation Public Workshop David Chung
 
Mc dowell 1
Mc dowell 1Mc dowell 1
Mc dowell 1markez1
 
Grace of Mother Nature.
Grace of Mother Nature.Grace of Mother Nature.
Grace of Mother Nature.Makala (D)
 

Destacado (20)

Presentation1
Presentation1Presentation1
Presentation1
 
The Way Things Are...
The Way Things Are...The Way Things Are...
The Way Things Are...
 
Black
BlackBlack
Black
 
CASE STUDY: How a Major Television Network Cut Printing Costs
CASE STUDY: How a Major Television Network Cut Printing CostsCASE STUDY: How a Major Television Network Cut Printing Costs
CASE STUDY: How a Major Television Network Cut Printing Costs
 
Alternatives to landline phone service
Alternatives to landline phone serviceAlternatives to landline phone service
Alternatives to landline phone service
 
Plan raboty studencheskogo_nauchnogo_obshhestva_na
Plan raboty studencheskogo_nauchnogo_obshhestva_naPlan raboty studencheskogo_nauchnogo_obshhestva_na
Plan raboty studencheskogo_nauchnogo_obshhestva_na
 
Farsi in quattro n 10 aprile 2011
Farsi in quattro n 10 aprile 2011Farsi in quattro n 10 aprile 2011
Farsi in quattro n 10 aprile 2011
 
Bsy income 4 millionaires_club
Bsy income 4 millionaires_clubBsy income 4 millionaires_club
Bsy income 4 millionaires_club
 
Msk Imaging Guidelines
Msk Imaging GuidelinesMsk Imaging Guidelines
Msk Imaging Guidelines
 
Yoleo
YoleoYoleo
Yoleo
 
Presentatie SOP
Presentatie SOPPresentatie SOP
Presentatie SOP
 
Farsi in quattro n 8 gennaio 2011
Farsi in quattro n 8 gennaio 2011Farsi in quattro n 8 gennaio 2011
Farsi in quattro n 8 gennaio 2011
 
Pinterest的数据库分片架构
Pinterest的数据库分片架构Pinterest的数据库分片架构
Pinterest的数据库分片架构
 
P -Seminar Sam Gaul_Ganna Geist
P -Seminar Sam Gaul_Ganna GeistP -Seminar Sam Gaul_Ganna Geist
P -Seminar Sam Gaul_Ganna Geist
 
Oer balance
Oer balanceOer balance
Oer balance
 
Spring's Creations
Spring's CreationsSpring's Creations
Spring's Creations
 
1-Day Service innovation Public Workshop
1-Day Service innovation Public Workshop 1-Day Service innovation Public Workshop
1-Day Service innovation Public Workshop
 
Mc dowell 1
Mc dowell 1Mc dowell 1
Mc dowell 1
 
Ejemplo de ficha de trabajo
Ejemplo de ficha de trabajoEjemplo de ficha de trabajo
Ejemplo de ficha de trabajo
 
Grace of Mother Nature.
Grace of Mother Nature.Grace of Mother Nature.
Grace of Mother Nature.
 

Similar a Cloud Computing & Control Auditing

CLOUD COMPUTING.pptx
CLOUD COMPUTING.pptxCLOUD COMPUTING.pptx
CLOUD COMPUTING.pptxSurajThapa79
 
Cloud presentation for marketing purpose
Cloud presentation for marketing purposeCloud presentation for marketing purpose
Cloud presentation for marketing purposeAsif Anik
 
Cloud presentation for marketing purpose
Cloud presentation for marketing purposeCloud presentation for marketing purpose
Cloud presentation for marketing purposeAsif Anik
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Mahesh Tibrewal
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingsuraj bhandari
 
C L O U D C O M P U T I N G
C L O U D C O M P U T I N GC L O U D C O M P U T I N G
C L O U D C O M P U T I N GShreyas Pai
 
presentation_introduction_to_cloud_computing_1565085358_46246.pptx
presentation_introduction_to_cloud_computing_1565085358_46246.pptxpresentation_introduction_to_cloud_computing_1565085358_46246.pptx
presentation_introduction_to_cloud_computing_1565085358_46246.pptxSimmyNayak
 
What is cloud computing
What is cloud computing What is cloud computing
What is cloud computing TSplusIndia
 
Cloud computing abstract
Cloud computing abstractCloud computing abstract
Cloud computing abstractJagadeesh Kumar
 
Introduction to Cloud Computing(UNIT 1).pptx
Introduction to Cloud Computing(UNIT 1).pptxIntroduction to Cloud Computing(UNIT 1).pptx
Introduction to Cloud Computing(UNIT 1).pptxSURBHI SAROHA
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingvishnu varunan
 

Similar a Cloud Computing & Control Auditing (20)

CLOUD COMPUTING.pptx
CLOUD COMPUTING.pptxCLOUD COMPUTING.pptx
CLOUD COMPUTING.pptx
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud presentation for marketing purpose
Cloud presentation for marketing purposeCloud presentation for marketing purpose
Cloud presentation for marketing purpose
 
Cloud presentation for marketing purpose
Cloud presentation for marketing purposeCloud presentation for marketing purpose
Cloud presentation for marketing purpose
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Introducing cloud computing complete
Introducing cloud computing completeIntroducing cloud computing complete
Introducing cloud computing complete
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
C L O U D C O M P U T I N G
C L O U D C O M P U T I N GC L O U D C O M P U T I N G
C L O U D C O M P U T I N G
 
presentation_introduction_to_cloud_computing_1565085358_46246.pptx
presentation_introduction_to_cloud_computing_1565085358_46246.pptxpresentation_introduction_to_cloud_computing_1565085358_46246.pptx
presentation_introduction_to_cloud_computing_1565085358_46246.pptx
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud1
Cloud1Cloud1
Cloud1
 
What is cloud computing
What is cloud computing What is cloud computing
What is cloud computing
 
Cloud computing abstract
Cloud computing abstractCloud computing abstract
Cloud computing abstract
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Introduction to Cloud Computing(UNIT 1).pptx
Introduction to Cloud Computing(UNIT 1).pptxIntroduction to Cloud Computing(UNIT 1).pptx
Introduction to Cloud Computing(UNIT 1).pptx
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 

Último

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 

Último (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Cloud Computing & Control Auditing

  • 1. Cloud Computing & Control Auditing ~ Navin Malhotra
  • 2. Cloud Computing Basics Internet Your company doesn’t pay for h/w and maintenance The service provider pays for equipment and maintenance •Cloud computing is a construct that allows you to access applications that actually reside at a location other than your computer or other internet connected device, most often this will be a distant datacenter. Cloud computing can be defined as a benefit-driven operations solution that delivers scalable IT resources via the web, as opposed to hosting and operating these services locally. •These resources include tools, applications and services, in addition to the infrastructure in which these services operate. By deploying these tools and services over the web, companies and organizations can access resources on demand and significantly reduce (or possibly even eliminate) software and hardware costs. Additionally, a business‟ IT capacity can quickly and easily adjust to changes on demand, making the flexible nature of cloud computing immensely appealing. •One of the most valuable benefits of the cloud is the ability for employees to access, update and share files, documents and data, and use software applications from anywhere there is internet connectivity.
  • 3. Cloud Topology Internet Client computers Distributed Servers Datacenter Client are in a cloud computing architecture, the exact same things that they are in plain old, everyday LAN. They may be your desktop, laptop, tablet PCs, mobile phones or PDAs. Servers located at remote locations but are all placed in one region.Servers are distributed across the remote locations. Advantages of “thin” client: •Lower h/w & IT cost •Data and information security •Less power consumption •Ease of repair
  • 4. Cloud Service Models Service Models SaaS PaaS IaaS Moving apps to cloud costs can be a double edged sword. Proper ROI and needs to be measured before moving apps to cloud. Inter-operability or lock-in concerns. SaaS is a model in which an application is hosted as a service to customers who access it via the Internet. The customer doesn’t have to maintain it or support it. On the other hand, it is out of customer’s hand when the hosting service will decides to change it. The provider does all the maintenance and upgrades as well as keeping the infrastructure up and running. PaaS is another application delivery platform. PaaS supplies all the resources required to build applications and services completely from the Internet, without having to download or install software. PaaS service include application design, development, testing, deployment and hosting. Other services include database integration, security, scalability and storage to name a few. A downfall of PaaS interoperability and po providers. Also, if the pro business, your applicatio be lost as it is all stored th The ability of geographically isolated development teams to work together. The ability to merge web services from multiple sources. The ability to realize cost savings from using built-in infrastructure services for security, scalability and failover, rather obtaining them and test them separately. Rather than purchase servers, s/w, acks and having to pay for the atacenter space for them, the ervice provider rents those esources. Additionally, the nfrastructure can be dynamically caled up and down, based on the pplication resource needs. IaaS offers the hardware so that your organization can put whatever they want onto it. It is sometimes also called as Hardware as a Service (HaaS). Whereas SaaS and PaaS were providing applications to customers, IaaS doesn’t. We only talk about hardware in the cloud here.
  • 5. Cloud Deployment Models Deployment Models Private PublicHybrid Community The cloud infrastructure is available only for an organization. – if you do not want your data to be shared with other tenants (parties) The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services The cloud infrastructure is shared by several organizations and supports a specific community that has shared concern The cloud infrastructure is a composition of two or more clouds (private, community, or public)
  • 6. System Architecture H/W - CPU cycles - Processor speed O/S Web Server App Server DB Application Cloud is everywhere
  • 7. First movers in the cloud It is one of the first companies to offer cloud services to public. They offer a number of cloud services: •Elastic Compute Cloud (EC2): Offers virtual machines and extra CPU cycles. •Simple Storage Service (S3): Allows you to store items up to 5GB in size in Amazon’s virtual storage service •Simple Queue Service(SQS): Allows machines to talk to each other using this message passing API. •Simple DB: A web service for running queries on structured data in real time. This service works in close conjunction with S3 and EC2, collectively providing the ability to store, process and query datasets in the cloud. These services needs to be done on command line, so you may find it difficult to use it if you are not used to working in command line environment. Amazon’s virtual machines are versions of Linux distributions, so those who are experienced with Linux will find no difficulty in using the Amazon cloud platform. Applications can be written on your own machine and then uploaded to the cloud. You can see more about Amazon’s cloud services at http://aws.amazon.com Google offers online documents and spreadsheets and encourages developers to build features for those and other online s/w, using it’s Google App Engine. To store data you need to use Google database. Groups and individuals will likely get the most out of App Engine by writing a layer of Python that sits between the user and database. You can also have a look at the app engine at http://code.google.com/appengine/
  • 8. First movers in the cloud Microsoft cloud computing solution is called Windows Azure, an OS that allows organizations to run Windows applications and store files and data using Microsoft’s datacenters. Key components of Azure service platform include: •Windows Azure: Provides service hosting and management and low level scalable storage, computation and networking. •MS SQL Service: Provides database services and reporting. •MS .NET Service: Provides service based implementation of .NET framework. •Live Services: Used to share, store and synchronize documents, photos and files across PCs, phones, PC apps and websites. •MS SharePoint services and Dynamics CRM services: Used for business content, collaboration and solution development in the cloud. MS plans the next version of Office to offer a browser based option so that users can read and edit documents online as well as offer the ability to users to collaborate using web, mobile and client versions of Office. MS cloud offerings can be found at http://www.microsoft.com/azure/default.mspx
  • 9. Cloud Computing - Objective Increased focus on business: Facilitates superior user experience through agile and robust cloud services. Faster time-to-market: Cloud uses enterprise frameworks such as Authentication, authorization user-interface and workflow which reduces overall time-to-market Increased business agility: Empowers business users to make effective functional changes through configuration. Reduced operational costs: Pay-as-you-use model, low maintenance and support, reduces hardware, software, licensing and development Objectives
  • 10. Cloud Computing - Benefits Benefits Scalability – If you are anticipating huge upswing in computing needs, cloud computing can help you manage. Rather than having to buy, install and configure new equipment, you can buy additional CPU cycles or storage from a third party by click of a button and let them handle the installation and configuration for you. Since you will asked to pay per use, so your actual costs will be lesser than when you would have opted to buy the equipments as a whole. Simplicity – The cloud solution makes it possible to get your application started immediately and it costs a fraction of what it would cost to implement an in-site solution. Knowledgeable Vendors – The first comers to the cloud computing are very reputable companies. Amazon, Google, Microsoft, IBM, Yahoo and lately Apple. They have offered reliable services, plenty of capacity and we get some brand familiarity with these well-known names. More internal resources – By shifting your non-mission-critical data needs to a cloud, resources are freed up to work on important, business-related tasks. Network outages are a nightmare for the IT staff, this burden in offloaded onto cloud service provider. Security – There are security risks when using a cloud, but the reputable companies strive to keep you safe and secure. Vendors have strict privacy policies and are auditable by external auditors. They have in place proven cryptographic methods to authenticate users.
  • 11. When No to Cloud Computing Regulate d environm ents Geopoliti cal concerns Hardware dependen cies Server control Cost Lack of Need Integratio n Latency concern Throughp ut demands
  • 12. Cloud Security – Concerns & Assurance Security Security is one of the top most concern in the cloud environment. Though reliable and reputable cloud service providers can be trusted to provide us safe and secure service, but still concerns are growing and we need to seriously look upon them before getting our data into cloud. Though data in our servers is also not secure if those servers can be connected via internet or VPN. The provider must ensure that their infrastructure is secure and that their clients’ data and applications are protected while the customer must ensure that the provider has taken the proper security measures to protect their information. Cloud security architecture is effective only if the correct defensive implementations are in place. An efficient cloud security architecture should recognize the issues that will arise with security management. The security management addresses these issues with security controls. These controls are put in place to safeguard any weaknesses in the system and reduce the effect of an attack. 1Gartner: Seven cloud-computing security risks Cloud Computing Security Correct security controls should be implemented according to asset, threat, and vulnerability risk assessment matrices. While cloud security concerns can be grouped into any number of dimensions (Gartner names seven1) these dimensions have been aggregated into three general areas: Security and Privacy, Compliance, and Legal or Contractual Issues
  • 13. Cloud Security - Benefits Centralized data Monitorin g Reduced data loss Security testing Instant Swap over
  • 15. Cloud Computing - Gartner Predictions for 2014 and Beyond Industry predictions By 2016, poor return on equity will drive more than 60% of banks worldwide to process the majority of their transactions in the Cloud. By 2017, 40% of utilities with smart metering solutions will use cloud-based big data analytics to address asset-, commodity-, customer- or revenue-related needs. Gartner recently shared the Top 10 strategic technology trends for 2014: Mobile device diversity and management - BYOD Mobile apps and applications Hybrid Cloud and IT as service broker Cloud/Client architecture The era of personal Cloud Web-scale IT As mobile users continue to demand more complex uses of their mobile technologies, it will drive a need for higher levels of server-side computing and storage capacity. The push for more personal cloud technologies will lead to a shift toward services and away from devices. The type of device one has will be less important, as the personal cloud takes over some of the role that the device has traditionally had with multiple devices accessing the personal cloud Large cloud services providers such as Amazon, Google, Salesforce.com, and the like are re-inventing the way in which IT services can be delivered. The suggestion is that IT organizations should align with and emulate the processes, architectures, and practices of these leading Cloud providers. The combination of the aforementioned three among others is how Gartner defines “Web-scale IT.” Gartner suggests that bringing together personal Clouds and external private Cloud services is essential. Enterprises should design private Cloud services with a hybrid future in mind and make sure future integration/interoperability is possible.
  • 17. Cloud Controls Controls to be put in place for Cloud environments Architecture & Design Security Environmental Controls SLA Service Availability Logical Security – Access Control Governance Regulatory Controls BC & DR Background Checks Physical Security Risk Management
  • 18. Quality / Compliance in Cloud Before defining approach for cloud audits / assessments we need to have below requirements in place: • Expertise in terms of resources who have understanding of the cloud services/ environments. • We should have complete understanding of the business and IT risks. Those risks should include risk associated with data privacy, information security, statutory and regulatory requirements. •Define the controls(detective, corrective & preventative) to effectively mitigate those risks. •Control testing to be performed on frequent basis depending upon the risk associated with controls. •Control testing should be defined in way to measure the control effectiveness. •Governance model to be defined which should be owned by the organization’s steering committee. Control Objectives Control Definitions Control Testing Documentation of test results Business & IT Risks On defined frequency Governance / Steering Committee/ Business & IT Leadership
  • 19. Case Study- Salesforce.com Salesforce.com is global cloud computing company started in 1999 and best known for the Customer Relationship management product. Salesforce.com disrupted the CRM industry in two different ways. First, it changed the earnings logic by applying the “rental” model (monthly payment billed based on the number of users) to an industry hitherto characterized by lump sum licensing fees (charged for a company as a whole). The company understood that not all small businesses could afford software costing many thousands of dollars. By offering an affordable solution (a monthly fee per user) to small and medium firms, Salesforce.com cashed on a significant blue ocean market at the time deemed unattractive by large players as it could not be served with their current business models. Second, Saleforce.com understood that prospective clients wanted to experiment with the product before committing to it. As a result, while other service providers were promising their clients a customized solution in exchange for commitment, the goal of Salesforce.com was to get prospective customers (specifically end-users) to try its product for free. In 2007, Salesforce.com extended its services by launching Force.com – a customization platform for corporations. The company knew it could not provide a complete back-end customized solution. Thus, Salesforce.com opened its infrastructure to external developers by allowing them to supplement its own inputs. By making Force.com compatible with all major development environments and tools (i.e. .NET, Java, PHP, Ruby on Rails, among others), independent developers (i.e. those outside Salesforce.com) were able to integrate services ranging from simple email to Facebook and Twitter within the platform. Competitors became partners, allowing Salesforce.com to better serve existing clients and acquire new ones. In 2011, more than 340,000 developers were contributing to the Salesforce.com platform.
  • 20. Case Study- GSK: GlaxoSmithKline GSK, the second largest pharmaceutical company in the world chose to migrate to the Cloud offering of Microsoft Business Productivity Online Suite. Everything was hosted by Microsoft on its data centers across the globe. GSK was looking for a productivity and collaboration increase from the switch. The global implementation of Microsoft online services gave GSK numerous Benefits a. Reduce Operational Cost The migration to cloud resulted in 30% savings in their IT operational costs. b. Drive Innovation The subscription service can be tailored to fit growing and changing needs. So that when GlaxoSmithKline adapts to changing market, its software adapts too. c. Expand External Collaboration GlaxoSmithKline is aggressively driving a more externally collaborative business through all practices: research and development, manufacturing, and sales. This supports collaboration between partners and GlaxoSmithKline, allowing for a more innovative and competitive business. d. Simplification of user experience Moving away from the customized solutions environment, GlaxoSmithKline was looking for a simple solution that would effectively extend to the many branches, regions, and employee types internally.
  • 21. •www.northbridge.com •www.wikipedia.org •Cloud Computing – A Practical Approach by Anthony T. Velte, Toby J. Velte and Robert Elsenpeter •www.gartner.com References