Cloud service providers are in the news every day. Whether it be that Disney or the NFL is “moving to the cloud”, or that a vendor is forcing Cloud adoption with their offerings, Cloud is newsworthy. And be it Microsoft’s Office365, Amazon Web Services (AWS), or Google Cloud Platform, (three of the main players), Cloud Computing is here to stay.
But how did we get here? In the beginning, there was the data center. Next came time-sharing. Then distributed computing supported by the desktop.
This article will begin by exploring some of the many cloud computing advantages and disadvantages (for there are some!). Next, we’ll define the three primary “as a service” technologies. Finally, we’ll apply Cloud Computing architecture and describe how real, live businesses use “the cloud”.
Advantages of Cloud Compute models
- On-demand. In Cloud Compute models, the services are “on demand”. This means that instead of having to rent a physical location, apply for permits, purchase physical servers, standing up those servers in a physical data center, and hiring engineers and staff to run the data center, the Customer can focus on speed to market and stand up the cloud on demand. This reduces the large capital outlays and even reduces the risks with associated with long-term leases.
- Rapid elasticity. Rapidly expanding and rapidly retiring services is straightforward in Cloud Compute models. This reduces the concerns for oversizing or undersizing equipment purchases.
- Business Continuity Planning and disaster recovery. Cloud compute offers location abstraction, where the Customer does not have need to control the geographic deployment area. In fact, if properly deployed, Cloud Computing models supply most of the computing infrastructure required to solve business continuity (BCP) and disaster recovery — all built into the deployment. That is, disaster recovery and business continuity are “built-in” by deploying multiple geographically distributed compute solutions — all without standing up independent physical locations. Although this does not solve the entire Business Continuity plan (click here for a more comprehensive discussion of BCP), it goes a long way in the right direction.
- Security. The Host company provides the physical security to the servers and data center. Depending on the solution, the Customer is responsible for various levels of data security.
- Improved mobility. All forms of cloud computing offer improved mobility for the workforce by centralizing the compute stack into a remote addressable solution. There is no longer a need to create and protect a DMZ – if your employees have an internet connection, they’ll have access to the CSP.
Disadvantages of “Cloud Service” models
The cloud compute model is highly effective, and there are many reasonable advantages of moving to a Cloud Service Provider (CSP). That said, there are disadvantages to any solution, and CSP is no different. As with any solution, it is important to consider the CSP risks before fully embracing the architecture. Here we’ll explore some of the disadvantages.
- CSP Outages. Unfortunately, like all cloud stacks, cloud providers also suffer outages. If an outage does occur, the Customer may feel helpless in relying on the CSP in bringing the system back online. That said, overcoming Outage risks is easily structured by building multiple cloud stacks with multiple CSP’s providing distributed geographic deployment.
- Network outages. Network outages do and will occur. In a purely on site solution, Internet Service Provider (ISP) failures do not impact the business. However, in a cloud solution, the ISP is a primary point of failure. Managing these risks is straightforward by employing multiple ISPs.
- Security. While CSP’s offer tremendous Security value, there is a risk that policies are not followed. Depending on the type of business you are running, contractual language can transfer some of those risks. For example, in a healthcare environment Business Associates Agreements transfer some risks associated with breaches.
- Vendor lock in. Vendor concerns exist with shrink wrapped software, and even more concerns exist for cloud services. As you engage with a vendor, remain cognizant of vendor lock in risks. For example, the customer should have mitigation plans in place if a vendor goes out of business, or if a contract ends unfavorably, or if the contract becomes unaffordable. Test Vendor lock in plans regularly to confirm that all data is recoverable and the business is able to continue unabated.
Types of “As a Service” solutions
As you start searching, you’ll noticed there are many marketing descriptions for Cloud Services. While the marketing can become quite confusing, remember that all cloud services are really one of three primary “As-A-Service” models. Here are the three models.
- Infrastructure as a Service (IaaS). Infrastructure as a Service is the most basic “as a service” model. IaaS is a solution where the customer is responsible for provisioning storage, networking, processing, and other basic computing components. The consumer does not control the underlying cloud infrastructure, but does control the operating system and applications. The Hosting company controls the data center including physical access to the infrastructure, heating and cooling, insurance, and other infrastructure costs.
- Platform as a Service (PaaS). Platform as a Service is a solution where the Customer is controlling the platform from the point of view of the Operating System. In PaaS solutions, the Hosting company provides Platform Deployment Templates. For example, a PaaS hosting company supplies templates for Windows 10 or Linux with a specific number of CPUs, specific amount of RAM, and specific hard drive capacity. The Customer has full control over, and full responsibility, for configuring the Operating System and any associated applications.
- Software as a Service (SaaS). Software as a Service is the most controlled “As a Service” solution. In this environment, the Customer purchases access to a hosted software package. The hosting company controls the platform and infrastructure. Typically, Web browsers provide access to SaaS solutions. Application configurations are tightly controlled, and not associated with the Platform (the operating system) nor the Infrastructure (such as the number of CPUs). Capacity planning in SaaS is normally focused on Transactions per Second, or other volumetric measures, and are not related to “the number of CPUs” or “the amount of RAM”.
Real life examples
We’ve covered Advantages and Disadvantages of Cloud Service Providers versus owning your own data centers and platforms. This section explores business cases where cloud service providers excel.
- Say you own a retail store. The company regularly serves 100 customers per day, but on Black Friday you have absolutely no idea what kind of traffic to expect. Through a CSP model, you can rapidly expand the services to handle a potential customer surge, then tear down the services after the rush. No hardware purchase and deployment is necessary, just lease the potential CPU cycles to accommodate the potential surge.
- Employing cloud services reduces the costs, risks, and unknowns of building out a full data center. In this way, the business owners can focus on the business instead of managing a data center and the staff to maintain it.
- In a SaaS environment, a business does not have to be concerned with regular software updates. Instead, the CSP host will maintain the SaaS environment, and the business can focus on the business needs. Security risks are also reduced since the most recent software package is regularly deployed.
- If a business experiences a recession or other cut backs, the cloud expenses can quickly be reduced. Due to rapid elasticity, the business is not at risk of purchasing and maintaining large unused data centers.
Where to go from here
As with any solution, it is a good idea to outline the specific benefits and concerns that you will have as you explore cloud computing. As a recommendation, I’d say jump to Cloud early and often. Cloud is an excellent risk reducer. That said, business and technology risk plans should still be fully vetted and regularly tested.
Reach out to me with any specific questions. As always, let’s be careful out there!
Key acronyms and technologies
- AWS – Amazon Web Services
- CSP – Cloud Service Provider
- ISP – Internet Service Provider
- SaaS – Software as a Service
- PaaS – Platform as a Service
- IaaS – Infrastructure as a Service
- “The NIST Definition of Cloud Computing“, http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf
- “Advantages and Disadvantages of Cloud Computing”, http://www.levelcloud.net/why-levelcloud/cloud-education-center/advantages-and-disadvantages-of-cloud-computing/
- “Google Cloud Platform”, https://cloud.google.com/products/
- “Benefits of cloud computing”, https://www.ibm.com/cloud-computing/learn-more/benefits-of-cloud-computing/
- “11 Advantages of Cloud Computing and How Your Business Can Benefit From Them”, https://www.skyhighnetworks.com/cloud-security-blog/11-advantages-of-cloud-computing-and-how-your-business-can-benefit-from-them/
- “Cloud Computing and Is it Really All That Beneficial?”, https://www.lifewire.com/cloud-computing-explained-2373125
- “Why Move To The Cloud? 10 Benefits Of Cloud Computing”, https://www.salesforce.com/uk/blog/2015/11/why-move-to-the-cloud-10-benefits-of-cloud-computing.html