At its core, cloud computing is about sharing the resources of a computer (or group of computers) among many users. This concept is nothing new. In the 1970s, time-sharing was a way of sharing the physical resources of a mainframe with several hard-wired terminals. By the 1990s, as organizations replaced mainframes and terminals with local area networks, grid-computing technologies opened the door for combining the hardware of multiple computers on the same LAN.
However, given the relatively slow Internet speeds of the day, broadening these concepts to the Internet was difficult until speeds began to increase significantly around the turn of the century. At the same time, we also saw strides in virtualization — using software to imitate physical resources.
Some of the last pieces to come together in the cloud computing environment comprised orchestration — using software to manage other software and hardware, thus automating things like restarting or stopping virtual machines, provisioning environments, and managing permissions.
In 2002, the first iteration of Amazon Web Services debuted, offering customers access to shared and scalable computing power over the Internet. In 2006, Amazon repackaged some of these resources into its “Elastic Cloud” product, and from there, the name “cloud” stuck as a term for the use of these virtual resources (now offered by hundreds of providers) over the Internet.
The lure of these shared resources is measured in dollars. In a traditional environment, backend resources like servers are designed to handle the moments of peak capacity, meaning that for 99 percent of the time, most of their resources lie idle. It’s like buying a box truck rather than a sedan because once or twice in your lifetime, you need the capacity of a box truck to move. However, in computing, not only do we buy the box truck, but we also buy a backup for the box truck. We need a place to garage these items (a server room) and also maintain the environment in that location with air-conditioning, de-humidifiers, and backup power. Not only does that amount to more hardware and space, but it also amounts to more utility and personnel costs to manage all this infrastructure.
What the cloud does is create the situation where an organization can rent the box truck only when it needs it.
For established organizations, cloud computing holds the potential to lower technology-related costs. For growing companies and start-ups, cloud environments also offer flexibility; cloud resources can expand and contract as needed, making sure these growing companies only pay for the resources they need, freeing up capital for the other areas of their business.
While the cloud does not inherently heighten or lessen security concerns, its nature highlights areas where organizations may have been lacking. For example, basic data classification and security sometimes is overlooked in an organization. If a department has access to a file server, then there is an implied security in that anyone able to connect to that server is authorized to read or write data on it. This works, somewhat, because the file server may not be accessible to any other segment of a corporate network. However, when that data moves to the cloud, there is no longer that implied security because the physical limitations have been removed.
Often the term “cloud” is used broadly. For example, a service provider or organization that uses virtual machines or scalable storage might say its services are cloud-based. However, the cloud computing industry, led by the Cloud Security Alliance, has very tightly defined what constitutes a cloud service. It must have ALL of the following five characteristics:
- On-demand service — Cloud resources can be provisioned whenever and wherever they are required.
- Broad network access — Resources can be accessed whenever you need them from wherever you may be (provided that you have an Internet connection).
- Resource pooling — Resources across several physical or virtual environments can be pooled to meet demand.
- Rapid elasticity — Additional resources, such as computing power or storage, can be added as seamlessly and instantly.
- Measured service — An organization only pays for the resources it uses.
An additional aspect of many cloud environments is multi-tenancy, the fact that several unrelated consumers, each with their own cloud environments, may be sharing the same physical resources.
It is best to remember that the word “cloud” is more a marketing term than a technical one. No two cloud providers or their services are identical, despite what may be similar-sounding names. This ambiguity can give rise to security challenges as two nearly identical services from two different providers may carry very different security requirements.
Recommended for you Cloud Environment – an overview