stu nicholls dot com | menu - Professional dropdown #3

Public Cloud

Public clouds are the latest evolution of computing, offering tremendous value to businesses in terms of better economics, agility, rapid elasticity, etc. The public cloud infrastructure is operated by a cloud service provider and the services are offered over the internet. This very nature of public clouds offers various advantages such as better ROI and faster time to market, while also raising concerns about lack of visibility, security, reliability, etc. Public clouds are well suited to meet the collaborative needs of today’s global workforce distributed across different geographies and time zones.

What is a Public Cloud?
Simply put, a public cloud is the availability of IT resources, like compute, storage, development platforms, applications, etc., as service over the internet and which can be provisioned on demand using a self-service portal. Public clouds offer rapid elasticity and seemingly infinite scalability with an ability to consume resources on a pay-per-use basis. Typically public clouds are operated and managed at datacenters belonging to service providers and shared by multiple customers (multi-tenancy). Such a shared model helps reduce vendor costs, which manifests itself in better cloud economics. However, there is also less visibility and control in a public cloud than a private cloud because the underlying infrastructure is owned by the service provider. The degree of visibility and control depends on the specific public cloud delivery model.

The very fact that public cloud services are offered by third-party providers with an ability to scale big offers some unique advantages that are otherwise not available in private clouds. The use of public cloud services shifts the responsibility of managing complex IT, which is not the core business of many companies, to a third-party provider, thereby, offering some benefits that cannot be realized either in traditional infrastructure or private clouds. Some of the benefits offered by public clouds to business organizations are:

Cost Savings
Eliminates capex and offers reduced opex because the maintenance and labor costs associated with managing the infrastructure is offloaded to a third-party provider. Ensures cost efficiency because of the pay-per-use models. Typically, service providers charge by the hour and this comes in handy when a company’s resource needs are for a temporary project or to meet a sudden spike in usage, avoiding the need to build out internal infrastructure to cover these projects. Offers self-service provisioning, leading to lower costs and better agility because human intervention in resource provisioning is minimized.

Business Agility
Provides massive scalability and an ability to elastically re-size compute resources based on the organization’s IT needs. Gives programmatic access to compute resources through API, helping applications
scale automatically without any human intervention. Supplies robust infrastructure with better support staff, offering cost and talent advantages in an increasingly shrinking pool of expertise.

Security Considerations
Even though the public cloud offers tremendous benefits, businesses cannot embrace public cloud services without taking some security considerations into account. The use of public clouds requires trust on the side of businesses using these services and transparency on the side of cloud providers. In this section, we will highlight some of the security considerations that are important for any business planning to move to public clouds.

Multi-tenancy risks: The shared multi-tenant nature of public clouds adds security risks such as unauthorized access of data by other tenants using the same hardware. Also, a multi-tenant environment exposes resource contention issues whenever one of the tenants using the hardware consumes a disproportionate amount of resources either due to need or due to hack attacks.

Control and visibility: Businesses have limited control and visibility because the vendor is responsible for completely managing the infrastructure. This adds some additional security concerns associated with lack of transparency. Business organizations need a mental shift as they cede the control of IT to a third party while using public cloud services.

Security responsibility: Security is a shared responsibility between the vendor and the user, with the degree of responsibility of each varying by type of cloud model.

Data and encryption: Data privacy is at risk if data in the cloud is unencrypted. There is the potential for unauthorized access either by a rogue employee on the cloud service provider side or an intruder gaining access to the infrastructure.

Data retention: When the data is moved or deleted by a service provider or customer, there may be remaining data remnants, potentially exposing sensitive data to unauthorized sources.

Compliance requirements: Different countries have different regulatory requirements on data privacy. Since some public cloud providers offer no information on the location of the data, it is important to consider the regulatory requirements on where data can reside.

Public clouds offer tremendous value for businesses of all sizes across many different verticals. Even with stringent compliance requirement, businesses can take advantage of public cloud services to enjoy benefits such as better cost structure, business agility, etc. Public cloud services require a different set of security considerations to mitigate any potential risks, but by following security best practices such as self-defending virtual machines and encryption in cloud environments, data can be safely deployed into the public cloud. Hybrid and private clouds are considered in two other whitepapers where security considerations and solutions on these environments are discussed.

Our aim is to provide information to the knowledge seekers. 

comments powered by Disqus
click here
click here