Demystifying the Cloud
Surprisingly, I have never been asked the question “What is the cloud exactly?” The word cloud is one of those words that people know how to use properly in a sentence from having heard it so often, but its technical meaning is a mystery to many.
According to technologyreview.com, the term cloud was coined by Eric Schmidt, Google’s CEO, during an industry conference in 2006. Having worked in telecom, I can tell you that telecom companies were using the cloud icon to hide the complex technologies required to move data between two points many years before that speech took place.
Allegedly, a top salesman at a telecom firm who was tired of seeing top level executives confused by the complex diagrams rendered by the firm’s engineers for the purpose of presentations, erased it all and drew a cloud in its place.
In his presentation, he stressed that everything inside the cloud was the responsibility of the telecom and that the client need not worry about the inner workings of it; they only needed to trust in the delivery of the data from point A to point B. It was a big success and subsequent presentations took the same approach.
To this day, the cloud term resonates with me as a way of telling business managers that the intricacies of the underlying technology are cared for and maintained by the provider, and the client need not worry about it.
The term cloud has been used by many application providers to pitch their products in the cloud, leading business executives to believe that the cloud is a single, homogeneous technology where rainbows and unicorns abound. This cannot be further from the truth.
The cloud is not a single place but rather a multitude of technological islands interconnected by the Internet. These islands are data centers that house the servers, switches, routers and other equipment that provide storage, access and processing services.
Some of the largest cloud providers own their own data centers or at least some of their data centers, while other cloud providers co-locate their clouds in a variety of 3rd party data centers. Trust in the cloud provider should be paramount, as lesser cloud providers have caused data losses and outages that have caught customers off-guard and interrupted businesses.
When signing up for a cloud service, you need to know on what type of island your business processes will end up. Anybody with good sense would rather stay in a five-star hotel in Bermuda than in a mosquito infested island in Biscayne Bay. The same holds true for your data and business processes.
All clouds have, at their most basic level, servers, routers and switches. They can vary in reliability, redundancy and security and the data centers where they are housed can also vary greatly. Data centers are rated in tiers 1-4 so it’s important to know where your cloud service provider is hosted, as this may mean the difference between being operational or not during a catastrophic event. Ask specifically what redundancies are in place for the services you are acquiring.
What’s Old is What’s New
IBM kicked off the computer revolution with their model 5150, better known as the IBM PC, back in 1981. It allowed individuals and small businesses to harness the power of computing by providing a powerful, low-cost computing platform that many small businesses could afford. Novell Netware and later Microsoft Windows NT Server allowed these devices to interconnect and share data in local, inexpensive networks in a topology known as distributed computing.
Prior to that, business computing was comprised mostly of mainframes and minis where data storage and processing was centralized in powerful servers and accessed using dumb terminals. Unlike the PC, the terminals were useless when disconnected from their host mainframe. This type of topology is known as centralized computing.
The cloud is a form of centralized computing, albeit different from the old mainframes. Server farms have replaced mainframes, and Web browsers have replaced terminals.
Data is centralized and processed by the cloud operator and the customer only need worry about having an Internet connected device to access the data. Some computing devices, are similar to terminals in the sense that their power lies in their connection to the cloud provider; without it, they have limitations.
Types of Cloud Services
There are three main types of clouds: Public, Private and Hybrid.
Public clouds deliver computing resources like applications and storage to the general public. They can be provided free of charge or as a paid subscription service. Gmail is an example of a free public cloud where anybody can sign-up to acquire services which are usually accessed and managed using a web browser.
A private cloud refers to cloud computing resources used exclusively by a single business or organization. A private cloud can be physically located in a company’s premise or in a datacenter. Some companies pay third-party service providers to host their private cloud (see IaaS). A private cloud is one in which the services and infrastructure are maintained on a private network. Some of the services which Falcon IT Services extends to our clients such as Open Project, Open Xchange, and Nextcloud, are hosted on our private cloud and limited to our customers’ use.
Hybrid clouds combine public and private clouds, bound together by technology that allows data and applications to be shared between them. By allowing sharing between private and public clouds, hybrid clouds give your business greater flexibility, more deployment options, and helps optimize existing infrastructure, security, and compliance.
Now that we have defined the three types of cloud, let’s look at the types of cloud services. There are also three: IaaS, PaaS and SaaS, each has different levels of responsibility.
Infrastructure as a service (IaaS)
The most basic category of cloud computing services is IaaS. With IaaS, you rent IT infrastructure such as servers, virtualization, storage and networking on a pay-as-you-go basis. You can purchase the infrastructure as a bundle or a-la-carte. You can lease the hardware to have your own private server without having to worry about maintenance. Cisco Metacloud, RackSpace and Digital Ocean are examples of IaaS.
Platform as a service (PaaS)
Platform as a service refers to cloud computing services that supply an on-demand environment for developing, testing, delivering, and managing software applications. PaaS is designed to make it easier for developers to quickly create web or mobile apps, without worrying about setting up or managing the underlying infrastructure of servers, operating systems, storage, network, and databases needed for development. If you have a custom-built application and want to move it to the cloud, this is a good option. AWS and IBM Cloud Foundry are examples of PaaS.
Software as a service (SaaS)
Software as a service is a method of delivering software applications over the Internet, on demand and typically on a subscription basis. With SaaS, cloud providers host and manage the software application and underlying infrastructure, and handle any maintenance, like software upgrades and security patching. Users connect to the application over the Internet, usually with a web browser on their phone, tablet, or PC. Salesforce and Dropbox are examples of SaaS.
Armed with the right knowledge, the next time a vendor tries to sell you their application or service while stating that it’s in the cloud you can dig a little deeper to find out exactly what type of cloud service they offer. You will no doubt have some very good questions.
Cloud FAQs (Frequently Asked Questions)
What is the Cloud?
Cloud computing is the concept of accessing and processing data on remote servers using the Internet. It’s the outsourcing of one or more computing resources such as hardware, operating systems, applications and services.
Is the Cloud Right for My Business?
Cloud computing has benefits such as rapid scaling and the availability of the services during power outages, inclement weather and natural disasters which may otherwise affect on-premise infrastructure. Cloud computing may be less costly to organizations that wish to be on the cutting edge because it does not require capital expenditures, and you always have the latest iterations of software products (SaaS), but it may cost more in the long run. Business that squeezes the most out of their IT (I still use QuickBooks 2010) can save substantially by using on-premise systems versus the cloud. On-premise IT increases CAPEX during upgrade years while cloud costs are spread as OPEX and money is spent over time.
Do I have to Back Up if I’m in the Cloud?
YES! While some cloud operators keep snapshots of data so you can revert and restore lost files within a finite amount of time, it’s not the same as backing up.
If you have regulatory retention requirements, backing up your cloud data is imperative in order to avoid losses from accidental deletions and changes to files, emails and data. Backup services may be offered by the cloud operator or by a third party.
Last year, a fire that completely destroyed a data center at one of Europe’s largest cloud providers left many clients without backups and no alternative other than to start from scratch.
What’s the Difference Between a Private and a Public Cloud?
A public cloud service is available to anyone with a browser and a credit card while private clouds use cloud infrastructure but within the confines of an organization’s boundaries where only select members can utilize the service. Private clouds utilize cloud infrastructure such as server clustering, containerization and virtualization while maintaining the infrastructure for private use.
What Types of Applications Can Run in the Cloud?
Just about any application can be moved to the cloud. Even servers can be virtualized and moved to the cloud. A small Linux server on Amazon AWS can cost as little as $ 0.10 per hour to operate while a large Windows server costs around $ 1.00 per hour. Just because something can go cloud doesn’t mean it’s a good idea. On-premise file servers for example, are still the best methods of accessing files (especially large files) versus cloud where access is slower. In IT parlance, this is referred to as edge computing.
Can I migrate from one Cloud to Another?
Yes, but it may not be so easy depending on the provider. The Open Cloud Manifesto and Open Cloud Consortium have been working to create interoperability and migration capabilities between cloud providers. As the cloud computing segment matures even further, migrations should become more simplified.
Is the Cloud Secure?
The cloud can be no more or no less secure than on-premise systems. With both, you need an experienced IT manager who understands security to professionally set up and manage the systems. Since the cloud is more easily accessible, security blunders can lead to massive data theft. Over the years, millions of personal records have been exposed on-line by insecure cloud storage.
Sensitive data stored outside the confines of the premise has inherent risks because outsourcing to the cloud means that outsiders become insiders. This is why many organizations have policies to define what can and cannot be stored in the cloud.
According to Thompson Reuters “In a cloud environment, under U.S. law (except HIPAA which places direct liability on a data holder), and standard contact terms, it is the data owner that faces liability for losses resulting from a data breach, even if the security failures are the fault of the data holder (cloud provider). ”
Does the Cloud Lower my IT Costs?
This is a question open to debate. I don’t believe that the main goal of cloud computing should be to lower costs but rather to offload the burden of maintain local systems and the mitigation of events such as power outages and natural disasters which cause business interruptions to businesses with on-premise IT.
Are There Laws That Will Affect my Moving to the Cloud?
According to Lexology.com, there are no known laws that “directly prohibit, restrict or otherwise govern the cloud however there are numerous federal and state laws that indirectly impact cloud computing services.” Laws that may impact your cloud decisions include HIPAA, GLBA, FERPA, GDPR and others.
Law enforcement and government agencies frequently ask cloud providers to turn over data for myriad reasons. In certain cases, the provision of such data may circumvent court ordered subpoenas that protect on-premise data. The topic is germane for anyone that requires the storage of sensitive data, including investigative journalists, newspapers and other media outlets who may be affected by moving to the cloud.
Do I Still Need IT Staff if my Business is in the Cloud?
While micro-businesses might save by assigning cloud management duties to the most computer savvy employee on-staff, larger and more risk-averse organizations should retain professional IT staff to properly manage and secure their cloud services.
How Reliable is the Cloud?
For reliable cloud computing, you need to take into consideration your own ISP’s reliability as well as the reliability of the cloud service provider. Your ISPs failure means you will not be able to access the cloud service from work or home. You can check out the reliability of both ISPs and cloud service providers by visiting www.downdetector.com.
Test Your Cloud Knowledge
Choose between Software as a Service (SaaS), Platform as a Service (PaaS) or Infrastructure as a Service (IaaS).
- Office 365 and Salesforce are examples of this type of cloud service.
- The service provider owns and manages the basic building blocks of IT such as routers, switches and servers within the operating environment of a data center, which they lease to you.
- Great for developers and businesses with in-house software, this service allows you to deploy your app in the cloud without provisioning hardware or operating systems or worrying about how they work.
- The service provider allows you to use their application software which is hosted on their hardware and in their data center. Only the data is yours.
- Rackspace and AWS are examples of this type of service.
- Great for building your company’s private cloud.
- Best suited for micro-businesses with little or no IT talent.