SlideShare a Scribd company logo

Cloud Computing & Control Auditing

Download as PPTX, PDF
Navin Malhotra
Navin Malhotra

Cloud computing allows companies to access applications and store data remotely via the internet instead of locally. It provides scalable IT resources on demand that can be accessed from anywhere. Some key benefits include reduced costs, increased flexibility and collaboration capabilities. However, security and privacy concerns remain top issues that need to be addressed. Control testing and governance models are important to effectively mitigate risks when using cloud services. Case studies of companies like Salesforce.com and GSK demonstrate how cloud can drive innovation while reducing IT costs through the subscription-based model.

Technology
1 of 21
Cloud Computing & Control Auditing ~ Navin Malhotra
Cloud Computing Basics Internet Your company doesn’t pay for h/w and maintenance The service provider pays for equipment and maintenance •Cloud computing is a construct that allows you to access applications that actually reside at a location other than your computer or other internet connected device, most often this will be a distant datacenter. Cloud computing can be defined as a benefit-driven operations solution that delivers scalable IT resources via the web, as opposed to hosting and operating these services locally. •These resources include tools, applications and services, in addition to the infrastructure in which these services operate. By deploying these tools and services over the web, companies and organizations can access resources on demand and significantly reduce (or possibly even eliminate) software and hardware costs. Additionally, a business‟ IT capacity can quickly and easily adjust to changes on demand, making the flexible nature of cloud computing immensely appealing. •One of the most valuable benefits of the cloud is the ability for employees to access, update and share files, documents and data, and use software applications from anywhere there is internet connectivity.
Cloud Topology Internet Client computers Distributed Servers Datacenter Client are in a cloud computing architecture, the exact same things that they are in plain old, everyday LAN. They may be your desktop, laptop, tablet PCs, mobile phones or PDAs. Servers located at remote locations but are all placed in one region.Servers are distributed across the remote locations. Advantages of “thin” client: •Lower h/w & IT cost •Data and information security •Less power consumption •Ease of repair
Cloud Service Models Service Models SaaS PaaS IaaS Moving apps to cloud costs can be a double edged sword. Proper ROI and needs to be measured before moving apps to cloud. Inter-operability or lock-in concerns. SaaS is a model in which an application is hosted as a service to customers who access it via the Internet. The customer doesn’t have to maintain it or support it. On the other hand, it is out of customer’s hand when the hosting service will decides to change it. The provider does all the maintenance and upgrades as well as keeping the infrastructure up and running. PaaS is another application delivery platform. PaaS supplies all the resources required to build applications and services completely from the Internet, without having to download or install software. PaaS service include application design, development, testing, deployment and hosting. Other services include database integration, security, scalability and storage to name a few. A downfall of PaaS interoperability and po providers. Also, if the pro business, your applicatio be lost as it is all stored th The ability of geographically isolated development teams to work together. The ability to merge web services from multiple sources. The ability to realize cost savings from using built-in infrastructure services for security, scalability and failover, rather obtaining them and test them separately. Rather than purchase servers, s/w, acks and having to pay for the atacenter space for them, the ervice provider rents those esources. Additionally, the nfrastructure can be dynamically caled up and down, based on the pplication resource needs. IaaS offers the hardware so that your organization can put whatever they want onto it. It is sometimes also called as Hardware as a Service (HaaS). Whereas SaaS and PaaS were providing applications to customers, IaaS doesn’t. We only talk about hardware in the cloud here.
Cloud Deployment Models Deployment Models Private PublicHybrid Community The cloud infrastructure is available only for an organization. – if you do not want your data to be shared with other tenants (parties) The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services The cloud infrastructure is shared by several organizations and supports a specific community that has shared concern The cloud infrastructure is a composition of two or more clouds (private, community, or public)
System Architecture H/W - CPU cycles - Processor speed O/S Web Server App Server DB Application Cloud is everywhere
First movers in the cloud It is one of the first companies to offer cloud services to public. They offer a number of cloud services: •Elastic Compute Cloud (EC2): Offers virtual machines and extra CPU cycles. •Simple Storage Service (S3): Allows you to store items up to 5GB in size in Amazon’s virtual storage service •Simple Queue Service(SQS): Allows machines to talk to each other using this message passing API. •Simple DB: A web service for running queries on structured data in real time. This service works in close conjunction with S3 and EC2, collectively providing the ability to store, process and query datasets in the cloud. These services needs to be done on command line, so you may find it difficult to use it if you are not used to working in command line environment. Amazon’s virtual machines are versions of Linux distributions, so those who are experienced with Linux will find no difficulty in using the Amazon cloud platform. Applications can be written on your own machine and then uploaded to the cloud. You can see more about Amazon’s cloud services at http://aws.amazon.com Google offers online documents and spreadsheets and encourages developers to build features for those and other online s/w, using it’s Google App Engine. To store data you need to use Google database. Groups and individuals will likely get the most out of App Engine by writing a layer of Python that sits between the user and database. You can also have a look at the app engine at http://code.google.com/appengine/
First movers in the cloud Microsoft cloud computing solution is called Windows Azure, an OS that allows organizations to run Windows applications and store files and data using Microsoft’s datacenters. Key components of Azure service platform include: •Windows Azure: Provides service hosting and management and low level scalable storage, computation and networking. •MS SQL Service: Provides database services and reporting. •MS .NET Service: Provides service based implementation of .NET framework. •Live Services: Used to share, store and synchronize documents, photos and files across PCs, phones, PC apps and websites. •MS SharePoint services and Dynamics CRM services: Used for business content, collaboration and solution development in the cloud. MS plans the next version of Office to offer a browser based option so that users can read and edit documents online as well as offer the ability to users to collaborate using web, mobile and client versions of Office. MS cloud offerings can be found at http://www.microsoft.com/azure/default.mspx
Cloud Computing - Objective Increased focus on business: Facilitates superior user experience through agile and robust cloud services. Faster time-to-market: Cloud uses enterprise frameworks such as Authentication, authorization user-interface and workflow which reduces overall time-to-market Increased business agility: Empowers business users to make effective functional changes through configuration. Reduced operational costs: Pay-as-you-use model, low maintenance and support, reduces hardware, software, licensing and development Objectives
Cloud Computing - Benefits Benefits Scalability – If you are anticipating huge upswing in computing needs, cloud computing can help you manage. Rather than having to buy, install and configure new equipment, you can buy additional CPU cycles or storage from a third party by click of a button and let them handle the installation and configuration for you. Since you will asked to pay per use, so your actual costs will be lesser than when you would have opted to buy the equipments as a whole. Simplicity – The cloud solution makes it possible to get your application started immediately and it costs a fraction of what it would cost to implement an in-site solution. Knowledgeable Vendors – The first comers to the cloud computing are very reputable companies. Amazon, Google, Microsoft, IBM, Yahoo and lately Apple. They have offered reliable services, plenty of capacity and we get some brand familiarity with these well-known names. More internal resources – By shifting your non-mission-critical data needs to a cloud, resources are freed up to work on important, business-related tasks. Network outages are a nightmare for the IT staff, this burden in offloaded onto cloud service provider. Security – There are security risks when using a cloud, but the reputable companies strive to keep you safe and secure. Vendors have strict privacy policies and are auditable by external auditors. They have in place proven cryptographic methods to authenticate users.
When No to Cloud Computing Regulate d environm ents Geopoliti cal concerns Hardware dependen cies Server control Cost Lack of Need Integratio n Latency concern Throughp ut demands
Cloud Security – Concerns & Assurance Security Security is one of the top most concern in the cloud environment. Though reliable and reputable cloud service providers can be trusted to provide us safe and secure service, but still concerns are growing and we need to seriously look upon them before getting our data into cloud. Though data in our servers is also not secure if those servers can be connected via internet or VPN. The provider must ensure that their infrastructure is secure and that their clients’ data and applications are protected while the customer must ensure that the provider has taken the proper security measures to protect their information. Cloud security architecture is effective only if the correct defensive implementations are in place. An efficient cloud security architecture should recognize the issues that will arise with security management. The security management addresses these issues with security controls. These controls are put in place to safeguard any weaknesses in the system and reduce the effect of an attack. 1Gartner: Seven cloud-computing security risks Cloud Computing Security Correct security controls should be implemented according to asset, threat, and vulnerability risk assessment matrices. While cloud security concerns can be grouped into any number of dimensions (Gartner names seven1) these dimensions have been aggregated into three general areas: Security and Privacy, Compliance, and Legal or Contractual Issues
Cloud Security - Benefits Centralized data Monitorin g Reduced data loss Security testing Instant Swap over
Cloud Computing - Trends
Cloud Computing - Gartner Predictions for 2014 and Beyond Industry predictions By 2016, poor return on equity will drive more than 60% of banks worldwide to process the majority of their transactions in the Cloud. By 2017, 40% of utilities with smart metering solutions will use cloud-based big data analytics to address asset-, commodity-, customer- or revenue-related needs. Gartner recently shared the Top 10 strategic technology trends for 2014: Mobile device diversity and management - BYOD Mobile apps and applications Hybrid Cloud and IT as service broker Cloud/Client architecture The era of personal Cloud Web-scale IT As mobile users continue to demand more complex uses of their mobile technologies, it will drive a need for higher levels of server-side computing and storage capacity. The push for more personal cloud technologies will lead to a shift toward services and away from devices. The type of device one has will be less important, as the personal cloud takes over some of the role that the device has traditionally had with multiple devices accessing the personal cloud Large cloud services providers such as Amazon, Google, Salesforce.com, and the like are re-inventing the way in which IT services can be delivered. The suggestion is that IT organizations should align with and emulate the processes, architectures, and practices of these leading Cloud providers. The combination of the aforementioned three among others is how Gartner defines “Web-scale IT.” Gartner suggests that bringing together personal Clouds and external private Cloud services is essential. Enterprises should design private Cloud services with a hybrid future in mind and make sure future integration/interoperability is possible.
Cloud Attributes
Cloud Controls Controls to be put in place for Cloud environments Architecture & Design Security Environmental Controls SLA Service Availability Logical Security – Access Control Governance Regulatory Controls BC & DR Background Checks Physical Security Risk Management
Quality / Compliance in Cloud Before defining approach for cloud audits / assessments we need to have below requirements in place: • Expertise in terms of resources who have understanding of the cloud services/ environments. • We should have complete understanding of the business and IT risks. Those risks should include risk associated with data privacy, information security, statutory and regulatory requirements. •Define the controls(detective, corrective & preventative) to effectively mitigate those risks. •Control testing to be performed on frequent basis depending upon the risk associated with controls. •Control testing should be defined in way to measure the control effectiveness. •Governance model to be defined which should be owned by the organization’s steering committee. Control Objectives Control Definitions Control Testing Documentation of test results Business & IT Risks On defined frequency Governance / Steering Committee/ Business & IT Leadership
Case Study- Salesforce.com Salesforce.com is global cloud computing company started in 1999 and best known for the Customer Relationship management product. Salesforce.com disrupted the CRM industry in two different ways. First, it changed the earnings logic by applying the “rental” model (monthly payment billed based on the number of users) to an industry hitherto characterized by lump sum licensing fees (charged for a company as a whole). The company understood that not all small businesses could afford software costing many thousands of dollars. By offering an affordable solution (a monthly fee per user) to small and medium firms, Salesforce.com cashed on a significant blue ocean market at the time deemed unattractive by large players as it could not be served with their current business models. Second, Saleforce.com understood that prospective clients wanted to experiment with the product before committing to it. As a result, while other service providers were promising their clients a customized solution in exchange for commitment, the goal of Salesforce.com was to get prospective customers (specifically end-users) to try its product for free. In 2007, Salesforce.com extended its services by launching Force.com – a customization platform for corporations. The company knew it could not provide a complete back-end customized solution. Thus, Salesforce.com opened its infrastructure to external developers by allowing them to supplement its own inputs. By making Force.com compatible with all major development environments and tools (i.e. .NET, Java, PHP, Ruby on Rails, among others), independent developers (i.e. those outside Salesforce.com) were able to integrate services ranging from simple email to Facebook and Twitter within the platform. Competitors became partners, allowing Salesforce.com to better serve existing clients and acquire new ones. In 2011, more than 340,000 developers were contributing to the Salesforce.com platform.
Case Study- GSK: GlaxoSmithKline GSK, the second largest pharmaceutical company in the world chose to migrate to the Cloud offering of Microsoft Business Productivity Online Suite. Everything was hosted by Microsoft on its data centers across the globe. GSK was looking for a productivity and collaboration increase from the switch. The global implementation of Microsoft online services gave GSK numerous Benefits a. Reduce Operational Cost The migration to cloud resulted in 30% savings in their IT operational costs. b. Drive Innovation The subscription service can be tailored to fit growing and changing needs. So that when GlaxoSmithKline adapts to changing market, its software adapts too. c. Expand External Collaboration GlaxoSmithKline is aggressively driving a more externally collaborative business through all practices: research and development, manufacturing, and sales. This supports collaboration between partners and GlaxoSmithKline, allowing for a more innovative and competitive business. d. Simplification of user experience Moving away from the customized solutions environment, GlaxoSmithKline was looking for a simple solution that would effectively extend to the many branches, regions, and employee types internally.
•www.northbridge.com •www.wikipedia.org •Cloud Computing – A Practical Approach by Anthony T. Velte, Toby J. Velte and Robert Elsenpeter •www.gartner.com References

Recommended

Cloud computing Latest Interview Questions with Answers by Garuda Trainings
Cloud computing Latest Interview Questions with Answers by Garuda TrainingsCloud computing Latest Interview Questions with Answers by Garuda Trainings
Cloud computing Latest Interview Questions with Answers by Garuda Trainings
Garuda Trainings
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Arysha Channa
 
Cloud computing v1 an introduction
Cloud computing v1 an introductionCloud computing v1 an introduction
Cloud computing v1 an introduction
Sanjay Sharma
 
Cloud computing basic
Cloud computing basic Cloud computing basic
Cloud computing basicNavin Malhotra
 
An introduction to the cloud 11 v1
An introduction to the cloud 11 v1An introduction to the cloud 11 v1
An introduction to the cloud 11 v1
charan7575
 
introduction-to-cloud-computing
introduction-to-cloud-computingintroduction-to-cloud-computing
introduction-to-cloud-computing
ssuserc27607
 
Cloud computing abstract
Cloud computing abstractCloud computing abstract
Cloud computing abstractJagadeesh Kumar
 
Cloud Computing An introduction
Cloud Computing An introductionCloud Computing An introduction
Cloud Computing An introduction
Sanjay Sharma
 

Recommended

Cloud computing Latest Interview Questions with Answers by Garuda Trainings
Cloud computing Latest Interview Questions with Answers by Garuda TrainingsCloud computing Latest Interview Questions with Answers by Garuda Trainings
Cloud computing Latest Interview Questions with Answers by Garuda Trainings
Garuda Trainings
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Arysha Channa
 
Cloud computing v1 an introduction
Cloud computing v1 an introductionCloud computing v1 an introduction
Cloud computing v1 an introduction
Sanjay Sharma
 
Cloud computing basic
Cloud computing basic Cloud computing basic
Cloud computing basicNavin Malhotra
 
An introduction to the cloud 11 v1
An introduction to the cloud 11 v1An introduction to the cloud 11 v1
An introduction to the cloud 11 v1
charan7575
 
introduction-to-cloud-computing
introduction-to-cloud-computingintroduction-to-cloud-computing
introduction-to-cloud-computing
ssuserc27607
 
Cloud computing abstract
Cloud computing abstractCloud computing abstract
Cloud computing abstractJagadeesh Kumar
 
Cloud Computing An introduction
Cloud Computing An introductionCloud Computing An introduction
Cloud Computing An introduction
Sanjay Sharma
 
ERP IN CLOUD
ERP IN CLOUDERP IN CLOUD
ERP IN CLOUD
hari krishnan.n
 
Cloud Computing Fundamentals
Cloud Computing FundamentalsCloud Computing Fundamentals
Cloud Computing Fundamentals
Sonia Nagpal
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Arwa
 
Introduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh DuggalIntroduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh Duggal
Beantsingh
 
Cto cloud
Cto cloudCto cloud
Cto cloud
Sean Hull
 
Cloud Reference Model
Cloud Reference ModelCloud Reference Model
Cloud Reference ModelDr. Ramkumar Lakshminarayanan
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service models
Prateek Soni
 
Karrox introduction to cloud computing
Karrox introduction to cloud computingKarrox introduction to cloud computing
Karrox introduction to cloud computingKarrox Franchise
 
Cloud Computing-notes.doc
Cloud Computing-notes.docCloud Computing-notes.doc
Cloud Computing-notes.doc
NarendrakumarAnnadur
 
Unit 1
Unit 1Unit 1
Unit 1
Ravi Kumar
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computingkevnikool
 
Unit 1.4 working of cloud computing
Unit 1.4 working of cloud computingUnit 1.4 working of cloud computing
Unit 1.4 working of cloud computing
eShikshak
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Siwat Jirawiwatpat
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
Vipin Batra
 
Cloud computing
Cloud computingCloud computing
Cloud computingInternational School Of Management Excellence
 
Cloud computing - Latest Trend
Cloud computing - Latest TrendCloud computing - Latest Trend
Cloud computing - Latest Trend
poojanov04
 
Cloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 MayCloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 May
GovCloud Network
 
cloud computing basics
cloud computing basicscloud computing basics
cloud computing basics
Sweta Kumari Barnwal
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
Sant Longowal Institute of Engg. & Technology
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingSiva Arunachalam
 
Presentation1
Presentation1Presentation1
Presentation1Sandritah Ferreira
 
The Way Things Are...
The Way Things Are...The Way Things Are...
The Way Things Are...
Makala (D)
 

More Related Content

What's hot

ERP IN CLOUD
ERP IN CLOUDERP IN CLOUD
ERP IN CLOUD
hari krishnan.n
 
Cloud Computing Fundamentals
Cloud Computing FundamentalsCloud Computing Fundamentals
Cloud Computing Fundamentals
Sonia Nagpal
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Arwa
 
Introduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh DuggalIntroduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh Duggal
Beantsingh
 
Cto cloud
Cto cloudCto cloud
Cto cloud
Sean Hull
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service models
Prateek Soni
 
Karrox introduction to cloud computing
Karrox introduction to cloud computingKarrox introduction to cloud computing
Karrox introduction to cloud computingKarrox Franchise
 
Cloud Computing-notes.doc
Cloud Computing-notes.docCloud Computing-notes.doc
Cloud Computing-notes.doc
NarendrakumarAnnadur
 
Unit 1
Unit 1Unit 1
Unit 1
Ravi Kumar
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computingkevnikool
 
Unit 1.4 working of cloud computing
Unit 1.4 working of cloud computingUnit 1.4 working of cloud computing
Unit 1.4 working of cloud computing
eShikshak
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Siwat Jirawiwatpat
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
Vipin Batra
 
Cloud computing - Latest Trend
Cloud computing - Latest TrendCloud computing - Latest Trend
Cloud computing - Latest Trend
poojanov04
 
Cloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 MayCloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 May
GovCloud Network
 
cloud computing basics
cloud computing basicscloud computing basics
cloud computing basics
Sweta Kumari Barnwal
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud ComputingSiva Arunachalam
 

What's hot (20)

ERP IN CLOUD
ERP IN CLOUDERP IN CLOUD
ERP IN CLOUD
 
Cloud Computing Fundamentals
Cloud Computing FundamentalsCloud Computing Fundamentals
Cloud Computing Fundamentals
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Introduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh DuggalIntroduction To Cloud Computing By Beant Singh Duggal
Introduction To Cloud Computing By Beant Singh Duggal
 
Cto cloud
Cto cloudCto cloud
Cto cloud
 
Cloud Reference Model
Cloud Reference ModelCloud Reference Model
Cloud Reference Model
 
Cloud computing and service models
Cloud computing and service modelsCloud computing and service models
Cloud computing and service models
 
Karrox introduction to cloud computing
Karrox introduction to cloud computingKarrox introduction to cloud computing
Karrox introduction to cloud computing
 
Cloud Computing-notes.doc
Cloud Computing-notes.docCloud Computing-notes.doc
Cloud Computing-notes.doc
 
Unit 1
Unit 1Unit 1
Unit 1
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computing
 
Unit 1.4 working of cloud computing
Unit 1.4 working of cloud computingUnit 1.4 working of cloud computing
Unit 1.4 working of cloud computing
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing - Latest Trend
Cloud computing - Latest TrendCloud computing - Latest Trend
Cloud computing - Latest Trend
 
Cloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 MayCloud Computing Nedc Wp 28 May
Cloud Computing Nedc Wp 28 May
 
cloud computing basics
cloud computing basicscloud computing basics
cloud computing basics
 
Cloud computing ppt
Cloud computing pptCloud computing ppt
Cloud computing ppt
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 

Viewers also liked

The Way Things Are...
The Way Things Are...The Way Things Are...
The Way Things Are...
Makala (D)
 
CASE STUDY: How a Major Television Network Cut Printing Costs
CASE STUDY: How a Major Television Network Cut Printing CostsCASE STUDY: How a Major Television Network Cut Printing Costs
CASE STUDY: How a Major Television Network Cut Printing Costs
Plus Technologies
 
Alternatives to landline phone service
Alternatives to landline phone serviceAlternatives to landline phone service
Alternatives to landline phone service
marvlyfx336
 
Plan raboty studencheskogo_nauchnogo_obshhestva_na
Plan raboty studencheskogo_nauchnogo_obshhestva_naPlan raboty studencheskogo_nauchnogo_obshhestva_na
Plan raboty studencheskogo_nauchnogo_obshhestva_nazvrataATL
 
Farsi in quattro n 10 aprile 2011
Farsi in quattro n 10 aprile 2011Farsi in quattro n 10 aprile 2011
Farsi in quattro n 10 aprile 2011giorgiocorradi
 
Bsy income 4 millionaires_club
Bsy income 4 millionaires_clubBsy income 4 millionaires_club
Bsy income 4 millionaires_club
gck888
 
Presentatie SOP
Presentatie SOPPresentatie SOP
Presentatie SOP
Khlim Genk
 
Farsi in quattro n 8 gennaio 2011
Farsi in quattro n 8 gennaio 2011Farsi in quattro n 8 gennaio 2011
Farsi in quattro n 8 gennaio 2011giorgiocorradi
 
Pinterest的数据库分片架构
Pinterest的数据库分片架构Pinterest的数据库分片架构
Pinterest的数据库分片架构Tommy Chiu
 
P -Seminar Sam Gaul_Ganna Geist
P -Seminar Sam Gaul_Ganna GeistP -Seminar Sam Gaul_Ganna Geist
P -Seminar Sam Gaul_Ganna GeistSebastian Niedner
 
Oer balance
Oer balanceOer balance
Oer balance
quill_west
 
Spring's Creations
Spring's CreationsSpring's Creations
Spring's Creations
Makala (D)
 
1-Day Service innovation Public Workshop
1-Day Service innovation Public Workshop 1-Day Service innovation Public Workshop
1-Day Service innovation Public Workshop
David Chung
 
Mc dowell 1
Mc dowell 1Mc dowell 1
Mc dowell 1markez1
 
Ejemplo de ficha de trabajo
Ejemplo de ficha de trabajoEjemplo de ficha de trabajo
Ejemplo de ficha de trabajo
Alejandro Flores Ramos
 
Grace of Mother Nature.
Grace of Mother Nature.Grace of Mother Nature.
Grace of Mother Nature.
Makala (D)
 

Viewers also liked (20)

Presentation1
Presentation1Presentation1
Presentation1
 
The Way Things Are...
The Way Things Are...The Way Things Are...
The Way Things Are...
 
Black
BlackBlack
Black
 
CASE STUDY: How a Major Television Network Cut Printing Costs
CASE STUDY: How a Major Television Network Cut Printing CostsCASE STUDY: How a Major Television Network Cut Printing Costs
CASE STUDY: How a Major Television Network Cut Printing Costs
 
Alternatives to landline phone service
Alternatives to landline phone serviceAlternatives to landline phone service
Alternatives to landline phone service
 
Plan raboty studencheskogo_nauchnogo_obshhestva_na
Plan raboty studencheskogo_nauchnogo_obshhestva_naPlan raboty studencheskogo_nauchnogo_obshhestva_na
Plan raboty studencheskogo_nauchnogo_obshhestva_na
 
Farsi in quattro n 10 aprile 2011
Farsi in quattro n 10 aprile 2011Farsi in quattro n 10 aprile 2011
Farsi in quattro n 10 aprile 2011
 
Bsy income 4 millionaires_club
Bsy income 4 millionaires_clubBsy income 4 millionaires_club
Bsy income 4 millionaires_club
 
Msk Imaging Guidelines
Msk Imaging GuidelinesMsk Imaging Guidelines
Msk Imaging Guidelines
 
Yoleo
YoleoYoleo
Yoleo
 
Presentatie SOP
Presentatie SOPPresentatie SOP
Presentatie SOP
 
Farsi in quattro n 8 gennaio 2011
Farsi in quattro n 8 gennaio 2011Farsi in quattro n 8 gennaio 2011
Farsi in quattro n 8 gennaio 2011
 
Pinterest的数据库分片架构
Pinterest的数据库分片架构Pinterest的数据库分片架构
Pinterest的数据库分片架构
 
P -Seminar Sam Gaul_Ganna Geist
P -Seminar Sam Gaul_Ganna GeistP -Seminar Sam Gaul_Ganna Geist
P -Seminar Sam Gaul_Ganna Geist
 
Oer balance
Oer balanceOer balance
Oer balance
 
Spring's Creations
Spring's CreationsSpring's Creations
Spring's Creations
 
1-Day Service innovation Public Workshop
1-Day Service innovation Public Workshop 1-Day Service innovation Public Workshop
1-Day Service innovation Public Workshop
 
Mc dowell 1
Mc dowell 1Mc dowell 1
Mc dowell 1
 
Ejemplo de ficha de trabajo
Ejemplo de ficha de trabajoEjemplo de ficha de trabajo
Ejemplo de ficha de trabajo
 
Grace of Mother Nature.
Grace of Mother Nature.Grace of Mother Nature.
Grace of Mother Nature.
 

Similar to Cloud Computing & Control Auditing

CLOUD COMPUTING.pptx
CLOUD COMPUTING.pptxCLOUD COMPUTING.pptx
CLOUD COMPUTING.pptx
SurajThapa79
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Romano Machoka
 
Cloud presentation for marketing purpose
Cloud presentation for marketing purposeCloud presentation for marketing purpose
Cloud presentation for marketing purpose
Asif Anik
 
Cloud presentation for marketing purpose
Cloud presentation for marketing purposeCloud presentation for marketing purpose
Cloud presentation for marketing purpose
Asif Anik
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.
Mahesh Tibrewal
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
suraj bhandari
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Veiluvanthal1981
 
Understanding Cloud Computing by BS Infotech
Understanding Cloud Computing by BS InfotechUnderstanding Cloud Computing by BS Infotech
Understanding Cloud Computing by BS Infotech
ranapoonam1
 
C L O U D C O M P U T I N G
C L O U D C O M P U T I N GC L O U D C O M P U T I N G
C L O U D C O M P U T I N GShreyas Pai
 
presentation_introduction_to_cloud_computing_1565085358_46246.pptx
presentation_introduction_to_cloud_computing_1565085358_46246.pptxpresentation_introduction_to_cloud_computing_1565085358_46246.pptx
presentation_introduction_to_cloud_computing_1565085358_46246.pptx
SimmyNayak
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
Phani Kumar Bhamidipati
 
What is cloud computing
What is cloud computing What is cloud computing
What is cloud computing
TSplusIndia
 
Cloud computing abstract
Cloud computing abstractCloud computing abstract
Cloud computing abstractJagadeesh Kumar
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Arysha Channa
 
Introduction to Cloud Computing(UNIT 1).pptx
Introduction to Cloud Computing(UNIT 1).pptxIntroduction to Cloud Computing(UNIT 1).pptx
Introduction to Cloud Computing(UNIT 1).pptx
SURBHI SAROHA
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
MerisCon ARTDesign
 

Similar to Cloud Computing & Control Auditing (20)

CLOUD COMPUTING.pptx
CLOUD COMPUTING.pptxCLOUD COMPUTING.pptx
CLOUD COMPUTING.pptx
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud presentation for marketing purpose
Cloud presentation for marketing purposeCloud presentation for marketing purpose
Cloud presentation for marketing purpose
 
Cloud presentation for marketing purpose
Cloud presentation for marketing purposeCloud presentation for marketing purpose
Cloud presentation for marketing purpose
 
Cloud Computing for college presenation project.
Cloud Computing for college presenation project.Cloud Computing for college presenation project.
Cloud Computing for college presenation project.
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Introducing cloud computing complete
Introducing cloud computing completeIntroducing cloud computing complete
Introducing cloud computing complete
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Understanding Cloud Computing by BS Infotech
Understanding Cloud Computing by BS InfotechUnderstanding Cloud Computing by BS Infotech
Understanding Cloud Computing by BS Infotech
 
C L O U D C O M P U T I N G
C L O U D C O M P U T I N GC L O U D C O M P U T I N G
C L O U D C O M P U T I N G
 
presentation_introduction_to_cloud_computing_1565085358_46246.pptx
presentation_introduction_to_cloud_computing_1565085358_46246.pptxpresentation_introduction_to_cloud_computing_1565085358_46246.pptx
presentation_introduction_to_cloud_computing_1565085358_46246.pptx
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Cloud1
Cloud1Cloud1
Cloud1
 
What is cloud computing
What is cloud computing What is cloud computing
What is cloud computing
 
Cloud computing abstract
Cloud computing abstractCloud computing abstract
Cloud computing abstract
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Introduction to Cloud Computing(UNIT 1).pptx
Introduction to Cloud Computing(UNIT 1).pptxIntroduction to Cloud Computing(UNIT 1).pptx
Introduction to Cloud Computing(UNIT 1).pptx
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 

Recently uploaded

The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 

Recently uploaded (20)

The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 

Cloud Computing & Control Auditing

  • 1. Cloud Computing & Control Auditing ~ Navin Malhotra
  • 2. Cloud Computing Basics Internet Your company doesn’t pay for h/w and maintenance The service provider pays for equipment and maintenance •Cloud computing is a construct that allows you to access applications that actually reside at a location other than your computer or other internet connected device, most often this will be a distant datacenter. Cloud computing can be defined as a benefit-driven operations solution that delivers scalable IT resources via the web, as opposed to hosting and operating these services locally. •These resources include tools, applications and services, in addition to the infrastructure in which these services operate. By deploying these tools and services over the web, companies and organizations can access resources on demand and significantly reduce (or possibly even eliminate) software and hardware costs. Additionally, a business‟ IT capacity can quickly and easily adjust to changes on demand, making the flexible nature of cloud computing immensely appealing. •One of the most valuable benefits of the cloud is the ability for employees to access, update and share files, documents and data, and use software applications from anywhere there is internet connectivity.
  • 3. Cloud Topology Internet Client computers Distributed Servers Datacenter Client are in a cloud computing architecture, the exact same things that they are in plain old, everyday LAN. They may be your desktop, laptop, tablet PCs, mobile phones or PDAs. Servers located at remote locations but are all placed in one region.Servers are distributed across the remote locations. Advantages of “thin” client: •Lower h/w & IT cost •Data and information security •Less power consumption •Ease of repair
  • 4. Cloud Service Models Service Models SaaS PaaS IaaS Moving apps to cloud costs can be a double edged sword. Proper ROI and needs to be measured before moving apps to cloud. Inter-operability or lock-in concerns. SaaS is a model in which an application is hosted as a service to customers who access it via the Internet. The customer doesn’t have to maintain it or support it. On the other hand, it is out of customer’s hand when the hosting service will decides to change it. The provider does all the maintenance and upgrades as well as keeping the infrastructure up and running. PaaS is another application delivery platform. PaaS supplies all the resources required to build applications and services completely from the Internet, without having to download or install software. PaaS service include application design, development, testing, deployment and hosting. Other services include database integration, security, scalability and storage to name a few. A downfall of PaaS interoperability and po providers. Also, if the pro business, your applicatio be lost as it is all stored th The ability of geographically isolated development teams to work together. The ability to merge web services from multiple sources. The ability to realize cost savings from using built-in infrastructure services for security, scalability and failover, rather obtaining them and test them separately. Rather than purchase servers, s/w, acks and having to pay for the atacenter space for them, the ervice provider rents those esources. Additionally, the nfrastructure can be dynamically caled up and down, based on the pplication resource needs. IaaS offers the hardware so that your organization can put whatever they want onto it. It is sometimes also called as Hardware as a Service (HaaS). Whereas SaaS and PaaS were providing applications to customers, IaaS doesn’t. We only talk about hardware in the cloud here.
  • 5. Cloud Deployment Models Deployment Models Private PublicHybrid Community The cloud infrastructure is available only for an organization. – if you do not want your data to be shared with other tenants (parties) The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services The cloud infrastructure is shared by several organizations and supports a specific community that has shared concern The cloud infrastructure is a composition of two or more clouds (private, community, or public)
  • 6. System Architecture H/W - CPU cycles - Processor speed O/S Web Server App Server DB Application Cloud is everywhere
  • 7. First movers in the cloud It is one of the first companies to offer cloud services to public. They offer a number of cloud services: •Elastic Compute Cloud (EC2): Offers virtual machines and extra CPU cycles. •Simple Storage Service (S3): Allows you to store items up to 5GB in size in Amazon’s virtual storage service •Simple Queue Service(SQS): Allows machines to talk to each other using this message passing API. •Simple DB: A web service for running queries on structured data in real time. This service works in close conjunction with S3 and EC2, collectively providing the ability to store, process and query datasets in the cloud. These services needs to be done on command line, so you may find it difficult to use it if you are not used to working in command line environment. Amazon’s virtual machines are versions of Linux distributions, so those who are experienced with Linux will find no difficulty in using the Amazon cloud platform. Applications can be written on your own machine and then uploaded to the cloud. You can see more about Amazon’s cloud services at http://aws.amazon.com Google offers online documents and spreadsheets and encourages developers to build features for those and other online s/w, using it’s Google App Engine. To store data you need to use Google database. Groups and individuals will likely get the most out of App Engine by writing a layer of Python that sits between the user and database. You can also have a look at the app engine at http://code.google.com/appengine/
  • 8. First movers in the cloud Microsoft cloud computing solution is called Windows Azure, an OS that allows organizations to run Windows applications and store files and data using Microsoft’s datacenters. Key components of Azure service platform include: •Windows Azure: Provides service hosting and management and low level scalable storage, computation and networking. •MS SQL Service: Provides database services and reporting. •MS .NET Service: Provides service based implementation of .NET framework. •Live Services: Used to share, store and synchronize documents, photos and files across PCs, phones, PC apps and websites. •MS SharePoint services and Dynamics CRM services: Used for business content, collaboration and solution development in the cloud. MS plans the next version of Office to offer a browser based option so that users can read and edit documents online as well as offer the ability to users to collaborate using web, mobile and client versions of Office. MS cloud offerings can be found at http://www.microsoft.com/azure/default.mspx
  • 9. Cloud Computing - Objective Increased focus on business: Facilitates superior user experience through agile and robust cloud services. Faster time-to-market: Cloud uses enterprise frameworks such as Authentication, authorization user-interface and workflow which reduces overall time-to-market Increased business agility: Empowers business users to make effective functional changes through configuration. Reduced operational costs: Pay-as-you-use model, low maintenance and support, reduces hardware, software, licensing and development Objectives
  • 10. Cloud Computing - Benefits Benefits Scalability – If you are anticipating huge upswing in computing needs, cloud computing can help you manage. Rather than having to buy, install and configure new equipment, you can buy additional CPU cycles or storage from a third party by click of a button and let them handle the installation and configuration for you. Since you will asked to pay per use, so your actual costs will be lesser than when you would have opted to buy the equipments as a whole. Simplicity – The cloud solution makes it possible to get your application started immediately and it costs a fraction of what it would cost to implement an in-site solution. Knowledgeable Vendors – The first comers to the cloud computing are very reputable companies. Amazon, Google, Microsoft, IBM, Yahoo and lately Apple. They have offered reliable services, plenty of capacity and we get some brand familiarity with these well-known names. More internal resources – By shifting your non-mission-critical data needs to a cloud, resources are freed up to work on important, business-related tasks. Network outages are a nightmare for the IT staff, this burden in offloaded onto cloud service provider. Security – There are security risks when using a cloud, but the reputable companies strive to keep you safe and secure. Vendors have strict privacy policies and are auditable by external auditors. They have in place proven cryptographic methods to authenticate users.
  • 11. When No to Cloud Computing Regulate d environm ents Geopoliti cal concerns Hardware dependen cies Server control Cost Lack of Need Integratio n Latency concern Throughp ut demands
  • 12. Cloud Security – Concerns & Assurance Security Security is one of the top most concern in the cloud environment. Though reliable and reputable cloud service providers can be trusted to provide us safe and secure service, but still concerns are growing and we need to seriously look upon them before getting our data into cloud. Though data in our servers is also not secure if those servers can be connected via internet or VPN. The provider must ensure that their infrastructure is secure and that their clients’ data and applications are protected while the customer must ensure that the provider has taken the proper security measures to protect their information. Cloud security architecture is effective only if the correct defensive implementations are in place. An efficient cloud security architecture should recognize the issues that will arise with security management. The security management addresses these issues with security controls. These controls are put in place to safeguard any weaknesses in the system and reduce the effect of an attack. 1Gartner: Seven cloud-computing security risks Cloud Computing Security Correct security controls should be implemented according to asset, threat, and vulnerability risk assessment matrices. While cloud security concerns can be grouped into any number of dimensions (Gartner names seven1) these dimensions have been aggregated into three general areas: Security and Privacy, Compliance, and Legal or Contractual Issues
  • 13. Cloud Security - Benefits Centralized data Monitorin g Reduced data loss Security testing Instant Swap over
  • 15. Cloud Computing - Gartner Predictions for 2014 and Beyond Industry predictions By 2016, poor return on equity will drive more than 60% of banks worldwide to process the majority of their transactions in the Cloud. By 2017, 40% of utilities with smart metering solutions will use cloud-based big data analytics to address asset-, commodity-, customer- or revenue-related needs. Gartner recently shared the Top 10 strategic technology trends for 2014: Mobile device diversity and management - BYOD Mobile apps and applications Hybrid Cloud and IT as service broker Cloud/Client architecture The era of personal Cloud Web-scale IT As mobile users continue to demand more complex uses of their mobile technologies, it will drive a need for higher levels of server-side computing and storage capacity. The push for more personal cloud technologies will lead to a shift toward services and away from devices. The type of device one has will be less important, as the personal cloud takes over some of the role that the device has traditionally had with multiple devices accessing the personal cloud Large cloud services providers such as Amazon, Google, Salesforce.com, and the like are re-inventing the way in which IT services can be delivered. The suggestion is that IT organizations should align with and emulate the processes, architectures, and practices of these leading Cloud providers. The combination of the aforementioned three among others is how Gartner defines “Web-scale IT.” Gartner suggests that bringing together personal Clouds and external private Cloud services is essential. Enterprises should design private Cloud services with a hybrid future in mind and make sure future integration/interoperability is possible.
  • 17. Cloud Controls Controls to be put in place for Cloud environments Architecture & Design Security Environmental Controls SLA Service Availability Logical Security – Access Control Governance Regulatory Controls BC & DR Background Checks Physical Security Risk Management
  • 18. Quality / Compliance in Cloud Before defining approach for cloud audits / assessments we need to have below requirements in place: • Expertise in terms of resources who have understanding of the cloud services/ environments. • We should have complete understanding of the business and IT risks. Those risks should include risk associated with data privacy, information security, statutory and regulatory requirements. •Define the controls(detective, corrective & preventative) to effectively mitigate those risks. •Control testing to be performed on frequent basis depending upon the risk associated with controls. •Control testing should be defined in way to measure the control effectiveness. •Governance model to be defined which should be owned by the organization’s steering committee. Control Objectives Control Definitions Control Testing Documentation of test results Business & IT Risks On defined frequency Governance / Steering Committee/ Business & IT Leadership
  • 19. Case Study- Salesforce.com Salesforce.com is global cloud computing company started in 1999 and best known for the Customer Relationship management product. Salesforce.com disrupted the CRM industry in two different ways. First, it changed the earnings logic by applying the “rental” model (monthly payment billed based on the number of users) to an industry hitherto characterized by lump sum licensing fees (charged for a company as a whole). The company understood that not all small businesses could afford software costing many thousands of dollars. By offering an affordable solution (a monthly fee per user) to small and medium firms, Salesforce.com cashed on a significant blue ocean market at the time deemed unattractive by large players as it could not be served with their current business models. Second, Saleforce.com understood that prospective clients wanted to experiment with the product before committing to it. As a result, while other service providers were promising their clients a customized solution in exchange for commitment, the goal of Salesforce.com was to get prospective customers (specifically end-users) to try its product for free. In 2007, Salesforce.com extended its services by launching Force.com – a customization platform for corporations. The company knew it could not provide a complete back-end customized solution. Thus, Salesforce.com opened its infrastructure to external developers by allowing them to supplement its own inputs. By making Force.com compatible with all major development environments and tools (i.e. .NET, Java, PHP, Ruby on Rails, among others), independent developers (i.e. those outside Salesforce.com) were able to integrate services ranging from simple email to Facebook and Twitter within the platform. Competitors became partners, allowing Salesforce.com to better serve existing clients and acquire new ones. In 2011, more than 340,000 developers were contributing to the Salesforce.com platform.
  • 20. Case Study- GSK: GlaxoSmithKline GSK, the second largest pharmaceutical company in the world chose to migrate to the Cloud offering of Microsoft Business Productivity Online Suite. Everything was hosted by Microsoft on its data centers across the globe. GSK was looking for a productivity and collaboration increase from the switch. The global implementation of Microsoft online services gave GSK numerous Benefits a. Reduce Operational Cost The migration to cloud resulted in 30% savings in their IT operational costs. b. Drive Innovation The subscription service can be tailored to fit growing and changing needs. So that when GlaxoSmithKline adapts to changing market, its software adapts too. c. Expand External Collaboration GlaxoSmithKline is aggressively driving a more externally collaborative business through all practices: research and development, manufacturing, and sales. This supports collaboration between partners and GlaxoSmithKline, allowing for a more innovative and competitive business. d. Simplification of user experience Moving away from the customized solutions environment, GlaxoSmithKline was looking for a simple solution that would effectively extend to the many branches, regions, and employee types internally.
  • 21. •www.northbridge.com •www.wikipedia.org •Cloud Computing – A Practical Approach by Anthony T. Velte, Toby J. Velte and Robert Elsenpeter •www.gartner.com References