• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Cloud Computing - The new buzz word
 

Cloud Computing - The new buzz word

on

  • 335 views

Cloud Computing the new buzz word.

Cloud Computing the new buzz word.
This presentation was presented by CA Anand Prakash Jangid at a regional conference of The Institute of Chartered Accountants of India at Hyderabad.

Statistics

Views

Total Views
335
Views on SlideShare
335
Embed Views
0

Actions

Likes
0
Downloads
11
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Cloud Computing - The new buzz word Cloud Computing - The new buzz word Presentation Transcript

    • 1 Cloud Computing - The news buzzword By: CA Anand Prakash Jangid
    • 2 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
    • 4 The Future is not, What it used to be
    • 5 Famous Technology Predictions I think there is a world market for maybe five computers.‘ Thomas Watson, Chairman of IBM, 1943 ‗There is no reason why anyone would want a computer in the home.‘ Ken Olson, Present, Chairman and founder of Digital Equipment Corporation, 1977 ‗640K should be enough for anybody.‘ Bill Gates, 1981 ‗So far, Java seems like a stinker to me…I have a hunch that it won't be a very successful language.‘ Paul Graham, Author
    • 6 Check in Cloud Computing has the potential to disrupt IT as we know it today.
    • 7 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
    • 8
    • 9 What is Cloud Computing “Cloud computing is a style of computing where massively scalable IT-related capabilities are provided as a service across the Internet to multiple external customers” “Cloud computing: A pool of abstracted, highly scalable, and managed infrastructure capable of hosting end-customer applications and billed by consumption” “Cloud computing is Web-based processing, whereby shared resources, software, and information are provided to computers and other devices (such as smart phones) on demand over the Internet.”
    • 10
    • 11
    • 12
    • 13 Cloud Computing viewpoints
    • 14 Conventional Conventional cloud Manually Provisioned Self-provisioned Dedicated Hardware Shared Hardware Fixed Capacity Elastic Capacity Pay for Capacity Pay for Use Capital & Operational Expenses Operational Expenses Managed Conventional model vs Cloud model
    • 15 Early uses: CPU Sharing example (SETI) SETI –Search for Extra-Terrestrial Intelligence •Initiative by Space Science Institute & Berkeley university •Uses screen-saver CPU time for ▫analyze radio signals from space ▫present results as a very cool (geek oriented) screen-saver •One of the first wide-spread examples of distributing processing tasks over the internet to simple users PCs
    • 16 S3 Launches/EC2 Launch of Amazon web services The arrival of Salesforce.com Supercomputers/Mainframe 2006 2002 1990 1960 Google App / Azure 2008 - 2009 The first milestone for Cloud Computing Launches of Google App Engine/Windows Azure Beta Evolution of Cloud Computing
    • 17 • Shared / pooled resources • Broad network access • On-demand self-service • Scalable and elastic • Metered by use Five Key Cloud Attributes:
    • 18 • Resources are drawn from a common pool • Common resources build economies of scale • Common infrastructure runs at high efficiency Shared / Pooled Resources:
    • 19 • Open standards and APIs • Almost always IP, HTTP, and REST • Available from anywhere with an internet connection Broad Network Access:
    • 20 • Completely automated • Users abstracted from the implementation • Near real-time delivery (seconds or minutes) • Services accessed through a self-serve • web interface On-Demand Self-Service:
    • 21 • Resources dynamically-allocated between users • Additional resources dynamically-released when needed • Fully automated Scalable and Elastic:
    • 22 Services are metered, like a utility Users pay only for services used Services can be cancelled at any time Metered by Use:
    • 23 Some success stories GE: Global procurement hosting 500k suppliers and 100k users in six languages on SaaS platform to manage $55B/yr in spend Eli Lilly : Using Amazon Web Services can deploy a new server in 3min vs 50days and a 64-node Linux cluster in 5min vs 100days Nasdaq: Using Amazon Storage to store 30-80GB/day of trading activity
    • 24 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
    • 25
    • 26
    • 27
    • 28
    • 29
    • 30 • Owned and managed by the enterprise • Limits access to enterprise and partner network • Retains high degree of control, privacy and security • Enables business to more easily customize service • Accessed from "inside" the firewall Private Cloud
    • 31 Public Cloud • Owned and managed by service provider • Delivers select set business process, application or infrastructure services on a ―pay per use‖ basis • Highly standardized • Limited customization options • Accessed from "outside" the firewall
    • 32 Hybrid Cloud • A hybrid infrastructure takes advantage of both public and private clouds: • Services provided over the Internet—the public cloud • Services provided by the enterprise data center—the private cloud
    • 33 SaaS PaaS IaaS Amazon Google Microsoft Salesforce Service Delivery Model Examples Products and companies shown for illustrative purposes only and should not be construed as an endorsement
    • 34 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
    • 35 Cloud computing and Chartered Accountants
    • 36 • Regulatory compliance • Conflicts with international privacy laws, • Data ownership & location • Data Segregation • Service guarantees & lack of control • Contingency planning / disaster recovery for clouds • Investigative support • Privilege user access • Long term viability(going concern for Service provider) • IT general controls Why should we worry
    • 37 New role envisaged for Internal audit/Risk management team
    • 38 • Business case for moving to cloud • How does this align to business need • Understanding the current state of system and data Being part of the cloud strategy
    • 39 • Who manages the vendor relationship • How the asset are protected • How is the responsibility divided • Impact on the present disaster recovery plan • How the vendor manage multi client environment • Where is the data physically stored • Impact of change in technology • Gap in the risk & controls of the vendors Evaluating vendors
    • 40 • Defining and managing the SLA and OLA • What are your and cloud service provider compliance responsibility • How are incident managed • How often are the data backed up • Who determine the user access right to data(BBMP example) Implementation of cloud computing model
    • 41 • Process of managing the SLA and OLA with the vendor • How are the contractual control requirement are managed • Other related issue Last but not least …Monitoring the vendor
    • 42 Some illustration of the cloud risk ranking
    • 43 Attribute High (5) Med (3) Low (1) Deployment Model Public Community Private Service Model IaaS PaaS SaaS Data Security level Secret Restricted Unclassified Physical Hosting Site Undefined Int'l Location Domestic Location SOX Critical Yes No Dependent Apps Greater than 10 4 to 10 0 to 3 Recovery Time 4 Hours 7 Days 31 Days Region Supported Europe or Global US All other Cloud Risk Ranking Example
    • 44 Deployment Model Considerations High Medium Low Deploy Model Public Community Private - Security and privacy are not a priority - Service level agreements may not exist - Private environments provide adequate security and privacy - Service level agreements should exist Public Private
    • 45 Service Model Considerations High Medium Low Service Model IaaS PaaS SaaS - Issues may impact all hosted applications and data - No control over foundational general controls - PaaS - Impact limited to outsourced platform - SaaS - Impact limited to applications and data IaaS SaaS
    • 46 Data Security Considerations High Medium Low Security Level Secret Restricted Unclassified - Difficult to enforce security standards when outsourcing - Difficult to demonstrate compliance with regulations - Security and privacy is not a concern (good candidate for cloud computing) Secret Unclassified
    • 47 Dependent Applications High Medium Low Number of Apps Greater than 10 4 to 9 Less than 3 - Implies complexity and greater organizational significance - Implies simplicity and less organizational significance > 10 < 3
    • 48 Recovery Time Objectives (RTO) Considerations High Medium Low RTO 4 Hours 7 days 31 Days Implies increased business importance Cloud provider may lack geographic diversity Single points of failure may exist in network Implies lower business importance - good candidate for cloud computing 4 Hours 31 Days
    • 49 Regions Supported Considerations High Medium Low Region Europe or Global United States All Other - Strictest cross border data protection regulations – can be at odds with abstract cloud computing - ―Other‖ countries may have less restrictive cross border data protection regulations Europe / Global All Other
    • 50 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
    • 51 Check out Start experimenting with the cloud. Be prepared for your business to experiment with it. Let them know what you want. Leverage the cloud infrastructure internally. Build your own cloud.
    • 52 Questions???
    • 53 Reference www.Cloudsecurityalliance.com www.NIST.gov www.opencloudconsortium.org www.csoonline.com
    • 54 Thank you anand@quadrisk.com +91-9620233516