Feeds

Unravelling the cloud confusion

Everything as a service?

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

Reader Workshop In the last article we looked at whether virtualization provided a springboard to that loosely knit set of capability some refer to as 'cloud services'. But, as we've found previously when discussing such topics, cloud is a can of worms (if that's not too much of a mixed metaphor).

So, what is meant by cloud services? As we have said, some elements are not particularly new, but 'cloud' offers an umbrella term to capture the idea that they share the internet as a delivery mechanism. A number of sub-categories are shimmering into some semblance of clarity:

Infrastructure as a Service (IaaS). Discussed previously, IaaS offers a cloud-based substitute for major elements of your IT infrastructure – that is, server and storage hardware, storage. In short, this will be attractive if you are short of space and/or you want to lose the hassle and capital/operational cost impact of owning and maintaining physical boxes.

Platform as a Service (PaaS). In this case 'platform' means an application (as opposed to hardware) platform. This enables you to grab application resources on demand to prototype, test, pilot, etc. It is also handy for deploying externally-facing applications on the web, which potentially require the ability to deal with wildly fluctuating demands.

Software as a Service (SaaS). A cruel but accurate assessment of SaaS is that it has become a fairly meaningless catch-all term for a range of application services, from business application services such as CRM, ERP, to productivity tools, analytics, backup and archiving. You name it, it's all in there.

There are some good things to be had from all of the above. However, from a purely techno-algorithmic perspective there is nothing inherently better about a specific capability being delivered as a cloud service, versus it running on a server in the corner of the office.

In the previous discussion around IaaS, we highlighted a number of reasons why an organization might choose to adopt one mechanism over the other. But a cloud service is just as capable of being badly put together, badly managed or poorly secured as anything we could do ourselves.

This eyes-wide-open starting point helps us see "Cloud" as an option, an additional delivery mechanism for a capability we have decided we need. So, why might we choose it versus keeping a service in-house? Criteria include:

  • How well the service can be managed and kept up to date
  • Capital and operational costs, including staff training
  • Space and power constraints
  • Security risks and legal compliance aspects
  • Integration requirements with in-house and external systems
  • Access to skills and expertise

Some of these points are being used to sell cloud services today, but they can equally apply to in-house capabilities. You may happen to have all the space and power that you need for example, or you may not.

Similarly, you may be fortunate to possess certain skills, or you may find yourselves lacking. Indeed, your IT department and environment might already be organized and delivered in a the same way as an external service provider - in today’s parlance this would equate to an ‘internal cloud’.

3 Big data security analytics techniques

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.