Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cloud Computing - The new buzz word


Published on

Cloud Computing the new buzz word.
This presentation was presented by CA Anand Prakash Jangid at a regional conference of The Institute of Chartered Accountants of India at Hyderabad.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Cloud Computing - The new buzz word

  1. 1. 1 Cloud Computing - The news buzzword By: CA Anand Prakash Jangid
  2. 2. 2 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
  3. 3. 4 The Future is not, What it used to be
  4. 4. 5 Famous Technology Predictions I think there is a world market for maybe five computers.‘ Thomas Watson, Chairman of IBM, 1943 ‗There is no reason why anyone would want a computer in the home.‘ Ken Olson, Present, Chairman and founder of Digital Equipment Corporation, 1977 ‗640K should be enough for anybody.‘ Bill Gates, 1981 ‗So far, Java seems like a stinker to me…I have a hunch that it won't be a very successful language.‘ Paul Graham, Author
  5. 5. 6 Check in Cloud Computing has the potential to disrupt IT as we know it today.
  6. 6. 7 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
  7. 7. 8
  8. 8. 9 What is Cloud Computing “Cloud computing is a style of computing where massively scalable IT-related capabilities are provided as a service across the Internet to multiple external customers” “Cloud computing: A pool of abstracted, highly scalable, and managed infrastructure capable of hosting end-customer applications and billed by consumption” “Cloud computing is Web-based processing, whereby shared resources, software, and information are provided to computers and other devices (such as smart phones) on demand over the Internet.”
  9. 9. 10
  10. 10. 11
  11. 11. 12
  12. 12. 13 Cloud Computing viewpoints
  13. 13. 14 Conventional Conventional cloud Manually Provisioned Self-provisioned Dedicated Hardware Shared Hardware Fixed Capacity Elastic Capacity Pay for Capacity Pay for Use Capital & Operational Expenses Operational Expenses Managed Conventional model vs Cloud model
  14. 14. 15 Early uses: CPU Sharing example (SETI) SETI –Search for Extra-Terrestrial Intelligence •Initiative by Space Science Institute & Berkeley university •Uses screen-saver CPU time for ▫analyze radio signals from space ▫present results as a very cool (geek oriented) screen-saver •One of the first wide-spread examples of distributing processing tasks over the internet to simple users PCs
  15. 15. 16 S3 Launches/EC2 Launch of Amazon web services The arrival of Supercomputers/Mainframe 2006 2002 1990 1960 Google App / Azure 2008 - 2009 The first milestone for Cloud Computing Launches of Google App Engine/Windows Azure Beta Evolution of Cloud Computing
  16. 16. 17 • Shared / pooled resources • Broad network access • On-demand self-service • Scalable and elastic • Metered by use Five Key Cloud Attributes:
  17. 17. 18 • Resources are drawn from a common pool • Common resources build economies of scale • Common infrastructure runs at high efficiency Shared / Pooled Resources:
  18. 18. 19 • Open standards and APIs • Almost always IP, HTTP, and REST • Available from anywhere with an internet connection Broad Network Access:
  19. 19. 20 • Completely automated • Users abstracted from the implementation • Near real-time delivery (seconds or minutes) • Services accessed through a self-serve • web interface On-Demand Self-Service:
  20. 20. 21 • Resources dynamically-allocated between users • Additional resources dynamically-released when needed • Fully automated Scalable and Elastic:
  21. 21. 22 Services are metered, like a utility Users pay only for services used Services can be cancelled at any time Metered by Use:
  22. 22. 23 Some success stories GE: Global procurement hosting 500k suppliers and 100k users in six languages on SaaS platform to manage $55B/yr in spend Eli Lilly : Using Amazon Web Services can deploy a new server in 3min vs 50days and a 64-node Linux cluster in 5min vs 100days Nasdaq: Using Amazon Storage to store 30-80GB/day of trading activity
  23. 23. 24 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
  24. 24. 25
  25. 25. 26
  26. 26. 27
  27. 27. 28
  28. 28. 29
  29. 29. 30 • Owned and managed by the enterprise • Limits access to enterprise and partner network • Retains high degree of control, privacy and security • Enables business to more easily customize service • Accessed from "inside" the firewall Private Cloud
  30. 30. 31 Public Cloud • Owned and managed by service provider • Delivers select set business process, application or infrastructure services on a ―pay per use‖ basis • Highly standardized • Limited customization options • Accessed from "outside" the firewall
  31. 31. 32 Hybrid Cloud • A hybrid infrastructure takes advantage of both public and private clouds: • Services provided over the Internet—the public cloud • Services provided by the enterprise data center—the private cloud
  32. 32. 33 SaaS PaaS IaaS Amazon Google Microsoft Salesforce Service Delivery Model Examples Products and companies shown for illustrative purposes only and should not be construed as an endorsement
  33. 33. 34 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
  34. 34. 35 Cloud computing and Chartered Accountants
  35. 35. 36 • Regulatory compliance • Conflicts with international privacy laws, • Data ownership & location • Data Segregation • Service guarantees & lack of control • Contingency planning / disaster recovery for clouds • Investigative support • Privilege user access • Long term viability(going concern for Service provider) • IT general controls Why should we worry
  36. 36. 37 New role envisaged for Internal audit/Risk management team
  37. 37. 38 • Business case for moving to cloud • How does this align to business need • Understanding the current state of system and data Being part of the cloud strategy
  38. 38. 39 • Who manages the vendor relationship • How the asset are protected • How is the responsibility divided • Impact on the present disaster recovery plan • How the vendor manage multi client environment • Where is the data physically stored • Impact of change in technology • Gap in the risk & controls of the vendors Evaluating vendors
  39. 39. 40 • Defining and managing the SLA and OLA • What are your and cloud service provider compliance responsibility • How are incident managed • How often are the data backed up • Who determine the user access right to data(BBMP example) Implementation of cloud computing model
  40. 40. 41 • Process of managing the SLA and OLA with the vendor • How are the contractual control requirement are managed • Other related issue Last but not least …Monitoring the vendor
  41. 41. 42 Some illustration of the cloud risk ranking
  42. 42. 43 Attribute High (5) Med (3) Low (1) Deployment Model Public Community Private Service Model IaaS PaaS SaaS Data Security level Secret Restricted Unclassified Physical Hosting Site Undefined Int'l Location Domestic Location SOX Critical Yes No Dependent Apps Greater than 10 4 to 10 0 to 3 Recovery Time 4 Hours 7 Days 31 Days Region Supported Europe or Global US All other Cloud Risk Ranking Example
  43. 43. 44 Deployment Model Considerations High Medium Low Deploy Model Public Community Private - Security and privacy are not a priority - Service level agreements may not exist - Private environments provide adequate security and privacy - Service level agreements should exist Public Private
  44. 44. 45 Service Model Considerations High Medium Low Service Model IaaS PaaS SaaS - Issues may impact all hosted applications and data - No control over foundational general controls - PaaS - Impact limited to outsourced platform - SaaS - Impact limited to applications and data IaaS SaaS
  45. 45. 46 Data Security Considerations High Medium Low Security Level Secret Restricted Unclassified - Difficult to enforce security standards when outsourcing - Difficult to demonstrate compliance with regulations - Security and privacy is not a concern (good candidate for cloud computing) Secret Unclassified
  46. 46. 47 Dependent Applications High Medium Low Number of Apps Greater than 10 4 to 9 Less than 3 - Implies complexity and greater organizational significance - Implies simplicity and less organizational significance > 10 < 3
  47. 47. 48 Recovery Time Objectives (RTO) Considerations High Medium Low RTO 4 Hours 7 days 31 Days Implies increased business importance Cloud provider may lack geographic diversity Single points of failure may exist in network Implies lower business importance - good candidate for cloud computing 4 Hours 31 Days
  48. 48. 49 Regions Supported Considerations High Medium Low Region Europe or Global United States All Other - Strictest cross border data protection regulations – can be at odds with abstract cloud computing - ―Other‖ countries may have less restrictive cross border data protection regulations Europe / Global All Other
  49. 49. 50 Agenda Check in Cloud computing defined Service models & Types Chartered accountants and cloud computing Check out
  50. 50. 51 Check out Start experimenting with the cloud. Be prepared for your business to experiment with it. Let them know what you want. Leverage the cloud infrastructure internally. Build your own cloud.
  51. 51. 52 Questions???
  52. 52. 53 Reference
  53. 53. 54 Thank you +91-9620233516