Cloud computing is an emerging IT deployment model, enabling the real-time delivery of products and services over the internet. Cloud services refer to consumer and business products or services, which are delivered and consumed in real time, over a secured internet connection.
Several questions arise when one thinks of delivering or consuming products and services over the internet. The first question is, “Is it secure enough?” But before diving into that, let us see how the cloud works.
The National Institute of Standards and Technology (NIST) has laid down the following characteristics that all cloud services must have:
- On demand self-service: The user should be able to access the cloud as and when needed, without any interaction from the cloud service provider, like a web-based service portal.
- Broad network access: The user should be able to access the cloud through standard mechanisms that promote use of different client platforms (e.g., mobile devices, laptops, tablets and workstation).
- Rapid elasticity: In case of increased demand of resources, systems should be elastic enough to meet the excess demand, at the right moment.
- Resource pooling: Cloud computing uses multi-tenancy where different resources are dynamically allocated and de-allocated according to demand.
- Measured service: The utilization of resources can be measured, controlled and reported, providing transparency to both the service provider and the user.
Cloud computing provides users with the capability to store and process their data in third-party data centers. Organizations use the cloud in a variety of different service models. Below is a brief description of the three main service models:
- Infrastructure as a Service (IaaS): Provides virtualized computing resources over the internet. The user does not have to manage and control the cloud infrastructure but it has control over the operating system, storage and limited control over the networking components.
- Platform as a Service (PaaS): Provides the development environment to application developers. The user has control over the deployed application but does not manage the cloud infrastructure, operating system, networks or servers.
- Software as a Service (SaaS): Basically, everything from application to networking is managed and controlled by the cloud service providers (vendor). Users gain full access over both the application software and the database, which helps them to monitor the operations in real time.
Security is every organization’s main concern. Risk and security measures depend on where the application is being hosted, weather on a private or public cloud. An efficient cloud security architecture should recognize the issues that will arise with security management, and address them by placing proper security controls. Security controls will be discussed in Part Two of this blog series.
Every service model has different abilities to manage an organization’s computing operations. An organizations Choice of service model, depends on what type of solution it is looking for.
At Axletree, we provide end-to-end solutions to banks and Fortune 500 companies worldwide. Our services include SaaS “SWIFT Connectivity”, Treasury Automation Solutions under “Treasurytree” along with the format translation and Integration under “Symmetree”, as well as Compliance & Reporting, all from a secure private cloud model.