Abstract
After years of dormancy cloud computing is finally finding a place in the world of information management. While this can be attributed to a number of factors, the most important of them is the existence of the internet as well as the emergence of many service providers. A cloud is a pool of computing resources which are connected to the computer hardware through a cloud such as internet.
The advantage of a cloud is that it has reduced the cost of information management. However it faces a number of risks and security hazards. These risks are concerned with such issues as availability as well as information load management. Efforts to solve this mystery have seen a number of measures developed but there is no absolute respite in the present.
Thus is due to the act that providers are much more concerned with maintaining their own identify rather than collaborating in creating universal platforms. Despite the risk cloud computing are more preferred because of their enhanced infinities as compared to physical hosting. As such the company should consider cloud computing over the physical data centre due to its many benefits.
Introduction
Throughout the evolution of human beings, communication has been fundamental for human survival. Humans have needed to manage and transmit information from one location to another. However the globalizations of information has heralded a new age, the information age. The need to not only transmit data over long distance became the hallmark of ingenuous developments in the information technology industry.
As such human have developed communication modes such as the internet to facilitate these new innovations, better the traditional platforms, have been developed. Cloud computing has been heralded as one of the most ingenuous innovation in the recent times. The principle of cloud computing, like all other useful innovations, has gone through series evolutionary stages.
The hype behind it emerged before the evolutionary the internet. However it is up to until 1960s that the idea was properly theorized. During this time a number of developers and scholars took interests in the idea though nothing much of technical value was developed. in the late 1990s, there were attempt to legalized the principle with the United kingdom begin the first to develop the legal frame work for its usage.
The period 1999 to 2006 heralded the second phase of its development. During this period the most significant development was the development of the internet as an application sharing and hosting platform. Furthermore a number of organizations such as Amazon and Google started showing a lot interest and even developed applications under which the cloud computing would operate on.
The period between 2007and now has seen tremendous development in the field of cloud hoisting. Not only have a number of applications developed to run the subsystem but also the emerging of more service provider other than Google and Amazon. With major improvements done over this period of time cloud computing was finally finding a place in the modern world especially in IT (Banerjee 2011).
The initial developers of the cloud computing borrowed a lot from the public utilities provision such as electricity supply. They wanted to have as system in which users could access services without having to foot huge investment capital. Cloud computing incorporates a number of facilities such as hardware computers, iPhones, laptops; the internet, and software applications.
The hardware components of the system are connected to the cloud, preferably the internet. The cloud is a pool of resource, such a data files and other application, with infinite hosting possibilities. Users then only have to access the pool and utilize the data and applications without necessarily having to buy them (Armbrust et al 2010).
Cloud computing differs from physical hosting in that while physical hosting needs physical facilities to connect computers, cloud computing use mostly wireless connection protocol. Physical hosting also requires a physical data room something that cloud computing does not necessarily require. This room is a physical location where all equipments are physically connected.
The physical data room id located in a physical location easily accessible by all user equipment (Kelbley and Sterling 2010). Cloud computing however only needs a platform enabled environment, something of akin to a virtual data centre. Compared to the conventional computing services, cloud computing is proving more business economic.
This is because of its on demand use policy which only guarantees users the ability to use application and data without having to undergo the initial infrastructural investment capital. Furthermore it also provides lower switching cost for organizations willing to upgrade its information management and sharing systems.
This means that the amount of money that would have been spent as capital outlays is instead converted to operational expenditure. Thus cloud computing has more business sense than the tedious physical hosting. Furthermore, the company should consider cloud computing over physical because the user does not necessarily need to have a physical connection to access the service.
This is because the services on clud computing are located in a remote place easily accessible via wireless connection. Due to the fact that cloud computing is taking shape very fast and replacing the physical host, it means that cloud computing is the face of future information management technology. Cloud computing is also more advantageous over physical computing because of the number of possible facilities it offers to users.
While a physical host maybe limited due to the limitation of physical space, a cloud has infinite possibilities of services it can offer its users. It is not space limited (Sridhar 2008; Armbrust et al 2010). Thus the company is advised to consider cloud computing over the traditional physical hosting.
Cloud Computing
Many patterns in the world of cloud computing have been developed and a variety of definitions have been generated to describe these patterns. However, a more conclusive definition that tries to capture the whole idea has been developed.
It stipulates that cloud co putting is a the system that consists of applications that are offered as services to users, the hardware components such as computers, tablets and laptops as well as the system softwares that acts as data center. In short, cloud computing can be summarized as a remote data and computing centre (Armbrust et al 2010). There are a number of cloud computing types that do exist today.
The common service provide web based services for clients such as storage and aloe the possibility of sharing applications for data with other users. SaaS, which also referred to as the software as a service offers applications especially for cooperates. SaaS helps organization to utilize information as well as business management application on the cloud.
Unlike SaaS, IaaS, also referred to as infrastructure as a service allows user to the possibility of using a whole range of computer infrastructural network on the net. Lastly, PaaS, Platform as a service is the platform that allow users as well as vendors to launch user specific cloud computing services (Bandyopadhyay, Adi and Kim2010). Disk space on demand is the most primeval application that has been developed for cloud usage.
This is a also referred to as the Storage as a service and uses a physical data storage disk that is accessible remotely by any user device. This is only used as a data storage mechanism. Similar to disk on demand is the database as a service which however does not need physical data storage. This type of cloud is a data sharing as well as storage cloud.
Databases under this cloud are localized from a remote location, and compensated for the humongous physical data centers. Other than data storage there are also information as a service available for users and allows for information sharing from remote storage location via efficient interfaces. Due to the need to harmonize a number of computing services jointly it has thus become necessary to have a cloud that enables this.
This type of a cloud is called process as a service cloud. The cloud computing framework has a variety of functions such as interfacing, coding encoding, and managed flow of functions among others. The operability of all this functions in one domain need a special type of cloud, this is called integration as a service. It helped to integrate all the cloud services with a certain domains (InfoWorld media group 2009).
Due to the increasing popularity and development of cloud computing services, a number of service providers have emerged in the recent past. However this paper will focus on the three leading as of the year 2009. Singh (2009) explains that Amazon EC2 is the leading service provider and also provides a series of other useful products.
It offers infrastructural based services and Its leading product is the Amazon EC2, but still offers Amazon SimpleDB and Amazon CloudFront. Its storage component Amazon SQS. is said to have stored up to 82 billion items. Google Inc offers both platform and as well as software as services to its users. The company has hosted its services on its Google network thus making its easily accessible.
Most of its service involves hosting and sharing of applications as well as storage of information. VMware runs secure applications management platform on private and hybrid (private sharing with public) domains. It is a thriving completion got Amazon. Other popular providers include NetSuite, IBM, Microsoft and Rackspace.
Security Risks of cloud hosting
Cloud computing involves a number of risks. Access to data especially by privileged users is a matter of valid concern for cloud users. This becomes a security concern when the data is developed outside the hosting domain. This is due to operability concerns. Data developed from external domain may contain codes that the hosting domains may not be able to encode them.
When such instances occur, such data may be lost. Outside domain means fields that have not been developed by the hosting domain. They may involve as well domains that are developed by a different cloud provider. Furthermore dealing with third parties has also been an issue of pubic concern. Third parties engagement may differ from engagements with the service provider and may also have variety of requirements.
Users of clouds are responsible for the applications security while providers a responsible for security of the physical hazards. Furthermore users are responsible for the security of their data including the time within which the data is under the custody of the host. As such, providers of cloud services must allow for scrutinizing of their security futures to ensure that users are guaranteed of best assured security for their data.
Even though data storage is virtual, users have to know that storage is within certain county’s jurisdiction. In most of the cases users are not aware in which countries their data will be stored. However, user can request providers to locate data within certain geographical boundaries. The process of data storage involves complicated encryption process.
Encryption applications when developed by inexperienced professional can result to total damaging of the data. Furthermore the encryption process may expose shared data to serious security risk. Contrary to popular belief, data scientists have found out that data does not dissolve immediately into the encrypted format. It has been discovered that data does this slowly and could still be accessible from a device even when that device is switched on or off.
In this case, then hackers of malicious softwares can still access the data and damage it, provided they log into the device. Users are advised to ensure their provider guarantees safety via encryption as well as ensuring that devices they use have security future such as BitLocker, which denies entry into the device by any unwanted user.
Provider of cloud service must ensure that users’ data despite its remote location is recoverable at any given time. Incase of loss of data or any form of user information, follow-up investigation is a complicated procedure due to the co-location function of the cloud service. As such user might need to ensure that certain contractual arrangements are made concerning any form of investigation (Brodkin 2008; Armbrust et al 2010).
Users of cloud services have one common worry though. Thus hinders the availability of cloud services at any given time and location upon requests. Providers Must ensure that their data or information under the custody of the provider is available any time even when the company is taken over, or winds up (Brodkin 2008; Armbrust et al 2010).
Availability issues in clod computing are concerned especially with outages as well as load balancing issues that may be experienced and thus cause the websites that operate on certain domains unavailable. To ensure that services are available, providers have launched them in different availability zones.
Availability zones are distinctive geographical locations within the certain geographical region such as South America, which are protected from failures of operation if services are unavailable in other zones within the same region. Amazon is in efforts to ensure that the issue of location and availability has promised its users to locate its Amazon EC2 on various availability zones within the same regions to avoid the clients suffering from down time.
Amazon has located the AmazonEC2 within five regions, spread over south and northern America, Asia and Europe (Amazon 2011b). This means that the provider has moved to ensure its user of affordable and low latency system bonding with other available zones in the same regions. Therefore if an application fails to run in one of the locations within the given region it means that user can log into different regions and access Amazon EC2.
To ensure sustained accessibility experts of cloud services have located regions within geographical regions spread over a number of countries. The new availability ensures that the service is more tolerant to operational failures (Right Scale 2008). Launching of services over many availability zones has however not guaranteed the absolute solutions to circumnavigate availability risk.
Amazon EC2 has experienced times when its services have not been available on Amazon EC2 in certain zones. Whose Amazon offers the guarantee that its service will be available on almost 100% in all regions, the same cannot be said of this service. As such Amazon is yet to meet the high threshold of service availability (Brodkin 2011).
What is then is the way forward for users? There has been efforts to suggest that service providers can develop applications that do operate on the platform of several service providers such as Google, Amazon and Apple. However, as architect suggest, this faces a number of hurdles that are insurmountable. Due to the inoperability it becomes almost impossible to launch applications that run across various services.
This also mean that users cannot use Amazon EC2 while still launching other external application on the Amazon Ec2 platform an still have the application working on other platforms. This is because it becomes impossible to load balance such requirements. The workable suggestions for now id for user to run the risk of totally rely on Amazon EC2 and undergoing the loss should there be outages that make the service unavailable. The user must then use the saving from establishing IT centers (Brodkin 2011).
Information Privacy and copyright management
Despite the security risks facing the world of cloud computing the company can still ensured maximum security of its information by using copyright laws effectively to its advantage. Cloud computing copyright and privacy laws are becoming complicated and as such, to protect its information effectively the company should do a number of things.
Most providers do have an exclusive right to change the copyright terms arbitrarily without informing the users. As such the company should ensure that it enters into a pre agreement with the provider, with the provider guaranteeing to inform the company to notify to in case of any privacy and copyright policy change.
When dealing with third parties the company should ensure that it fully understands the obligation the third party carries concerning privacy and copyright terms. This is to avoid a situation where the company’s and the providers’ private policy changes as a result of sharing information with a third party that the provider considers as a breach of contract. Under such circumstances, the providers are most likely absolved of any blame.
The company should also engage providers that guarantee that the locations of its information are within the obligations of the existing privacy policy. Furthermore whenever there are legal uncertainties either in the provider’s terms of service or within the locating country justice system, clarifications should be south before any agreement is signed (Netop 2009).
Private and public cloud
There are three basic forms of cloud. Public cloud is a delivery model that is hosted on a public environment. Public cloud may also operated by very large originations with interests in public affairs. Public clouds are also run over the internet. These forms of clouds offer the most enhanced efficiency as especially in shared services, application and data as they area built on string sharing platform.
Public clouds are also less expensive due to the shared facilities. However, they are more vulnerable to attacks and other security risks due to the increased number of users. Private cloud is run on a private platform that enables it to be hosted on a private network. It is mostly used by organizations that do not want to share their information and services.
Private clouds are expensive because organizations using them have to purchase the applications and exclusive use of the service. However, due to the fact that they do not have shared facility they have an enhanced security guarantee as compared to public clouds. To maximize the benefit of cloud computing the company’s should employ the hybrid cloud which is a synthesis of the public and the private.
In the hybrid cloud the company will be able to keep each of its service in the most effective domain. The company’s private aspects will be hosted in the private network thus ensuring it’s from pubic eye, while hosting applications and data it intends to share with other parties. The company will however need to under to keep an eye on a series of security platforms thus increasing its workload in managing its information via hybrid cloud (Molen 2010).
Data lock-in and switching cost
The world of cloud computing is surrounded by a series of myths include the lasts that some of the platform support portability of data between operating environments. However, professional experts have warned that interoperability is just a pipe dream, for now at least. Among the very first provider of clouding service such as Amazon and Google operated on conational platform especially the ones develop by companies such as IBM.
The concern however is that if a user develop an application on these applications is also mean that that application cannot operate on newer versions. Furthermore, there have been efforts to develop a platform that allow for encoding of data across all platforms. This means those operators are aiming at having applications that support the interoperability of services.
However, as things stands users can only have application that only be encoded via traditional platform or the interoperable platforms but not both. As such user finds themselves locked in specific clouds as the applicability’s has snot been standardized (Armbrust et al 2010; Linthicum 2009a).There is more to it. The inability for one cloud to be portable from another means that users have two switch clouds at a cost.
Switching from one cloud however is one complicated affair because it means switching operating systems. The advantage to the user is that there is emerging competition amongst application developers and such competition is destined to keep the prices of switching down to the core and as such it will make switching easier (Sridhar 2008).
Analysis
The financial outlay of Cloud hosting is considerably lower than the physical clouding. The cost is lowered as the user only pays per hour when the cloud services are needed. This ensures that cloud computing makes a lot of business sense to companies that do not have the intention or even the financial outlays of establishing information technology centers.
However, The Company should consider the security risks related to cloud computing and make sure that they can handle it. Securing information on clouds is increasingly becoming a complicated issue due to the nature of the logistic involved. Location of the data during storage is one of the issues that the company must be wary of.
Various geographical jurisdiction have distant laws and as such the providers terms and services my not be within with the legal requirement of the hosting country. However, the user can enter into an agreement with the provider and ensure that data is stored in preferred locations (Molen 2010).
It should also be noted that the security of the cloud services is not just a mere application that is launched to operate on a particular cloud to secure data. The security of cloud is a methodical characteristic of the structural design of that particular cloud. Security of the data is also tied with the issue of availability.
Providers have move into ensure that their services are available whenever needed by launching them on a numbers of availability zones. This however does not guarantees that the absolute solution to this problems of unavailability due to hitches concerned with outages and load balancing. The increase of alternative available locations for data by providers such as Amazon however ensures users of ease of access of data even during internet downtime.
Effective management of a cloud hosting for the organizations means that the organization must be able to assemble the best on-site applications and hardware’s. To ensure that there is no hitches in launching its service the company should ensure that its chosen host has the necessary application and systems that can support the company assembled applications.
Over and above effective usage of clouds, cloud computing means that the company must ensure that their systems are compartmentalized into storage, infrastructural service and process oriented or database. This will ensure that the company can employee each of the service independently without having to tie it to another service.
For the organization it means that the risks of clouds are mitigated by the elasticity of the services that clouds offer. User have the chance to choose the most effective platform that they want to use (Armbrust et al 2009; InfoWorld media group 2009).
Cloud services are hosted on a remote location and this has a number of advantages fro users. As such it can host infinite application and services and as such meaning that it also provides users with infinite possibilities. Furthermore, the increase in competition as well as the new environment that is promising an almost explosion situation for cloud services means that new service providers are emerging everyday.
To survive in the market providers are coming up with new and ingenuous products for users which further fires the rate of the growth of the industry. The platform that his service operates can be modified effortlessness an as such moving them becomes easier. Furthermore when any change is needed, the provider does not need to share out application physically.
Companies only need to launch their applications on a platform and the users will access them with ease without even having to make any alteration to their infrastructural components such as computers. Therefore if a company can be able to move its computing into a cloud then it is ensured that there are infinite applications for its business success. As such cloud hosting has thus become an idea whose time has come.
Conclusion
Cloud hosting is not only the face of the present but also the future of information management. This is because the world of business management id going virtual and as such information management cannot afford to be left behind. Clouding is also an idea that has existed over along period of time but is almost exploding. Systems such as internet paved the way for it.
The evolution of computer software companies in the last 20 years also heralded a new age and also supported the developed of cloud computing. This methods o data management in spite of challenges and risks involved has a number of benefits that cannot be ignored.
The cost is significantly low and with increased competition amongst software developers will have a dual effect: it will; drive the cost of clouding down while setting the stage for useful innovation. Physical hosting may thus find itself out of business sooner rather than later
Recommendations
To move on with the time the company should thus consider a number of recommendations. The company should establish its core business whether it is storage of data, application development or service offering. The company should test and identify the leading service providers and select the one that will effectively serve the company well.
Furthermore the Company when choosing the service providers should consider the privacy and copyright terms by those providers. The security that the provider offers is another matter that the company should consider. Mores specifically concerning security and the governance of this type of computing is the performance of the services that providers offer to user concealed security issues.
The company should also consider engaging with providers that locate its data in zones that offer reliable availability of dates. Because it is expensive for the company to switch between various providers the company should consider Amazon EC2 as one of the valid providers, and set apart some of the money the company would have used to establish a physical data centre to mitigate any losses amounting from unavailability of its data. When this is done the company will have managed to evade most of the risk associated with cloud computing.
Reference List
Amazon. 2011. Amazon Elastic Compute Cloud (Amazon EC2). Web.
Armbrust, M, et al. 2009. Above The Clouds: The Berkeley View of Cloud Computing. Web.
Armbrust, M, et al. 2010. A View of Cloud Computing. Web.
Banerjee, U. 2011. The Evolution of Cloud Computing. Cloud Computing Journal. Web.
Brodkin, J. 2011a. When multiple zones fail, Amazon’s cloud redundancy isn’t redundant enough. Network World. Web.
Brodkin, J. 2011b. Amazon EC2 outage calls ‘availability zones’ into question. Network World. Web.
Brodkin, J. 2008. Gartner: Seven cloud-computing security risks. Network World. Web.
Bandyopadhyay, K., Adi, W. and Kim, T. 2010. Information Security and Assurance: 4th International Conference, Japan proceedings. Berlin: Springer verlag Infoworld Media Group. Info World Cloud Computing. Deep Dive. Web.
Kelbley, J and Sterling, M. 2010. Windows Server 2008 R2 Hyper-V: Insiders Guide to Microsoft’s Hypervisor. Indiana: Wiley publishing, Inc.
Linthicum, D. 2009. The Truth About Lock-In And Cloud Computing. Web.
Molen, F. 2010. Get Ready for Cloud Computing. Rotterdam: Van Haren Publishing.
Netop 2009 White Paper: Privacy in the Clouds. Web.
Sridhar. 2008. Cloud Computing, Switching Costs & Software Prices. Web.
RightScale. 2008. Right scale supports the new Amzon EC2 Elastic IP Address and availability Zones. [Online] Available at RightScale supports the new Amazon EC2 Elastic IP addresses and availability zones. Web.
Singh, B. 2009. Top 10 Cloud Computing Service Providers of 2009. Web.
Sridhar 2008 Cloud Computing, Switching Costs & Software Prices. Web.