2. Agenda
• What is Cloud?
• Need of Cloud?
• Pros and Cons of Cloud?
• Types of Cloud
• Security and Compliance
• Cloud Service Providers
• How to choose right option?
3. What is Cloud?
• Cloud computing means storing and accessing data and
programs over the Internet instead of local computer's hard
drive or network
4. Need of Cloud
• Reduce Cost
– Capex and OpEx is significantly minimized
• Reduce human resources
– Frees valuable resources and focus them on delivery
rather than maintaining hardware and software
• Reduce carbon foot print
– $12.3 billion in energy savings and 85.7 million metric
tons of CO2 savings annually by 2020
5. Pros and Cons of Cloud
• Pros
– Cost saving
– Scalability
– Hassle free infra maintenance
• Cons
– High Latency
– Depended on internet
– Data Security
6. Software as a Service (SaaS)
• As a software licensing and delivery model in which software
is licensed on a subscription basis and is centrally hosted
• Example
7. Infrastructure as a Service (IaaS)
• Infrastructure as a Service (IaaS) provides access to computing
resource in a virtualized environment.
• Example
Amazon Cloud services
Rackspace
8. Infrastructure as a Service (IaaS)
• Infrastructure as a Service (IaaS) provides access to computing
resource in a virtualized environment.
• Example
Amazon Cloud services
Rackspace
10. Cloud Formation
• Private – Company will take up the ownership and other
factors, it will be managed within company’s firewall
– On premises - infra at own campus
– Externally hosted – hosted for one company but handled by
specialists
• Public – Available to general public or large group. Owned
and maintained by cloud servicing companies.
• Hybrid – Mixed of both private and public cloud,
management responsibilities are divided between public
cloud and private cloud.
11. Security and Compliance
• Cloud security control is classified under
following categories
– Deterrent controls - To prevent any purposeful attack on
a cloud system. These controls do not reduce the actual
vulnerability of a system.
– Preventative controls – It will safeguard vulnerabilities of
the system. cover the attack and reduce the damage and
violation to the system's security.
12. Security and Compliance
– Corrective controls - reduce the effect of an attack. It take
action as an attack is occurring.
– Detective controls – It is used to detect any attacks that
may be occurring to the system.
13. Security and Compliance
• There are few cloud providers certified with PCIDSS,
HIPAA compliance
• Following are the key requirements to meet any
compliance
– Business continuity and data recovery – Disaster recovery
and data loss should be recoverable
– Logs and audit trails - properly secured, maintained for as
long as the customer requires, and are accessible to them
– Unique compliance requirements - The data centers
maintained by cloud providers may also be subject to
compliance requirements
14. Cost Factor
• Cost in cloud computing relies on the following
characteristics
– A pay-as-you-go model with minimal or no upfront costs
– Usage-based pricing, so that customer costs are based on actual
usage
– Scalability, so that customers can dynamically consume more or
less resources as and when they required it.
15. Cost Factor
• 42% - Money spent on hardware, software, UPS,
network and Disaster Recovery arrangements.
• 58% - of cost is involved in heating, air
conditioning, property taxes and labor costs.
• Owning a data center is much complicated -
Recurring expenses and aging of applications and
infrastructure may not meet the business
expectation
16. Cost Factor
• A sample data study on an education
institution for a student management
software.
Summary Cloud system
Company X
Own
infrastructure
First Year Cost $ 12,000 $ 60,000
Ongoing Yearly Vendor Fees $ 10,000 $ 6,000
Ongoing Yearly Hidden Costs $ - $ 17,600
Years of Ownership 5 years 5 years
Total Ongoing Yearly Costs $ 40,000 $ 94,400
Total Cost of Ownership (TCO) $ 52,000 $ 154,400
17. Cloud Service Providers
• Global vendors
– Google
– Amazon
– Rackspace
– Atlassian
• Indian vendors
– Control S
– Zenith Infotech
– Ramco
18. How to choose right option
• Following points need to be considered before
opting any cloud system
– Know the nature of the applications and the
workloads at the core of data centers.
– Tethering infra structure for few people is really a
huge cost consuming fact. Analyze the number of
users for important applications.
– Back ward compatible systems.
19. Take away
• Cloud types
– Saas, Paas and Iaas
• Cloud formation types
– Private, Public and Hybrid
• Security
– Deterrent, Preventative, Corrective and Detective controls
• Compliance
– Business continuity and data recovery, logs and audit trial,
unique compliance requirements